python-asyncssh-2.13.2-5.el9
FEDORA-EPEL-2024-6bc0ac05e1 Packages in this update: python-asyncssh-2.13.2-5.el9 Update description: Backport upstream fix for CVE-2023-48795 Read More
USN-6681-2: Linux kernel vulnerabilities
Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker...
USN-6688-1: Linux kernel (OEM) vulnerabilities
Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null...
USN-6658-2: libxml2 vulnerability
USN-6658-1 fixed a vulnerability in libxml2. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory...
Magnet Goblin Exploits Ivanti Vulnerabilities
The threat actor uses custom Linux malware to pursue financial gain, according to Check Point Research Read More
Incognito Darknet Market Mass-Extorts Buyers, Sellers
Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish...
BianLian Threat Actor Shifts Focus to Extortion-Only Tactics
GuidePoint said the threat actor gained initial access via vulnerabilities in a TeamCity server Read More
NSA Launches Top 10 Cloud Security Mitigation Strategies
The advisory is associated with ten companion cybersecurity information sheets detailing how to implement each strategy Read More
Third-Party Breach and Missing MFA Contributed to British Library Cyber-Attack
A British Library report found the most likely source of the incident was the compromise of third-party account credentials and no MFA was in place...
USN-6687-1: AccountsService vulnerability
It was discovered that AccountsService called a helper incorrectly when performing password change operations. A local attacker could possibly use this issue to obtain encrypted...