A vulnerability has been discovered in the Junos OS, which could allow for remote code execution. Junos OS is a FreeBSD-based network operating system used in Juniper Networks routing, switching and security devices. Successful exploitation could allow for remote code execution in the context of the system. Depending on the privileges associated with the logged on user, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Advisories

mod_auth_openidc-2.4.15.3-1.fc39

February 22, 2024

Read Time:11 Second

FEDORA-2024-3c0f2a2771

Packages in this update:

Update description:

fix CVE-2024-24814: prevent DoS when OIDCSessionType client-cookie is set and a crafted Cookie header is supplied

Advisories

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

February 22, 2024

Read Time:25 Second

Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.

News

New Image/Video Prompt Injection Attacks

February 22, 2024

Read Time:16 Second

Simon Willison has been playing with the video processing capabilities of the new Gemini Pro 1.5 model from Google, and it’s really impressive.

Which means a lot of scary new video prompt injection attacks. And remember, given the current state of technology, prompt injection attacks are impossible to prevent in general.

News

Bring us the head of LockBit! $15 million bounty offered for information on leaders of notorious ransomware gang

February 22, 2024

Read Time:11 Second

A huge reward is being offered for information leading to the identification or location of any of the leaders of the LockBit ransomware gang.

Read more in my article on the Tripwire State of Security blog.

News

SMBs at Risk From SendGrid-Focused Phishing Tactics

February 22, 2024

Read Time:4 Second

Kaspersky explained the fraudulent emails prompted recipients to enable two-factor authentication

Advisories

grub2-2.06-115.fc38

February 22, 2024

Read Time:6 Second

FEDORA-2024-c1fabee30e

Packages in this update:

grub2-2.06-115.fc38

Update description:

Security fix for CVE-2024-1048

Advisories

grub2-2.06-117.fc39

February 22, 2024

Read Time:6 Second

FEDORA-2024-097eb22907

Packages in this update:

grub2-2.06-117.fc39

Update description:

Security fix for CVE-2024-1048

Cyber Security News

Daily Archives: February 22, 2024

freeipa-4.11.1-4.fc40

FEDORA-2024-9fc8015fa9

Packages in this update:

Update description:

Changelog

freeipa-4.11.1-4.fc41

FEDORA-2024-d7b9fbb2a5

Packages in this update:

Update description:

Changelog

A Vulnerability in Junos OS Could Allow for Remote Code Execution

mod_auth_openidc-2.4.15.3-1.fc39

FEDORA-2024-3c0f2a2771

Packages in this update:

Update description:

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

New Image/Video Prompt Injection Attacks

Bring us the head of LockBit! $15 million bounty offered for information on leaders of notorious ransomware gang

SMBs at Risk From SendGrid-Focused Phishing Tactics

grub2-2.06-115.fc38

FEDORA-2024-c1fabee30e

Packages in this update:

Update description:

grub2-2.06-117.fc39

FEDORA-2024-097eb22907

Packages in this update:

Update description:

News, Advisories and much more