April 2024 - Page 49 of 66 - Cyber Security News

USN-6725-1: Linux kernel vulnerabilities

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to...

April 9, 2024

Advisories

xorg-x11-server-Xwayland-23.2.6-1.fc39

FEDORA-2024-5af98298c7 Packages in this update: xorg-x11-server-Xwayland-23.2.6-1.fc39 Update description: xwayland 23.2.6 - CVE fix for CVE-2024-31080, CVE-2024-31081, CVE-2024-31083 Read More

April 9, 2024

Advisories

xorg-x11-server-Xwayland-23.2.6-1.fc40

FEDORA-2024-01a9916e9e Packages in this update: xorg-x11-server-Xwayland-23.2.6-1.fc40 Update description: xwayland 23.2.6 - CVE fix for CVE-2024-31080, CVE-2024-31081, CVE-2024-31083 Read More

April 9, 2024

Advisories

USN-6724-1: Linux kernel vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null...

April 9, 2024

Advisories

USN-6723-1: Bind vulnerabilities

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue...

April 9, 2024

News

The Hidden Threat in Plain Sight: Analyzing Subtextual Attacks in Digital Communications

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information...

April 9, 2024

News

Over 90,000 D-Link NAS Devices Are Under Attack

Threat actors are targeting a high severity vulnerability in close to 100,000 legacy D-Link devices Read More

April 9, 2024

News

Why Identity Management is Key in a Cyber Resilience Strategy

For the fourth edition of Identity Management Day, the Identity Defined Security Alliance shared staggering numbers on the boom of identity-related cyber incidents Read More

April 9, 2024

Advisories

ZDI-24-361: Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability

This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required...

April 9, 2024

Advisories

ZDI-24-362: Microsoft Azure Private 5G Core InitialUEMessage Improper Input Validation Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Azure Private 5G Core. Authentication is not required to exploit...

April 9, 2024

Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

Good Essay on the History of Bad Password Policies

Ransomware Groups Use Cloud Services For Data Exfiltration

O2’s AI Granny Outsmarts Scam Callers with Knitting Tales

Safeguarding Healthcare Organizations from IoMT Risks

An Interview With the Target & Home Depot Hacker

Sitting Ducks DNS Attacks Put Global Domains at Risk

Month: April 2024

USN-6725-1: Linux kernel vulnerabilities

xorg-x11-server-Xwayland-23.2.6-1.fc39

xorg-x11-server-Xwayland-23.2.6-1.fc40

USN-6724-1: Linux kernel vulnerabilities

USN-6723-1: Bind vulnerabilities

The Hidden Threat in Plain Sight: Analyzing Subtextual Attacks in Digital Communications

Over 90,000 D-Link NAS Devices Are Under Attack

Why Identity Management is Key in a Cyber Resilience Strategy

ZDI-24-361: Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability

ZDI-24-362: Microsoft Azure Private 5G Core InitialUEMessage Improper Input Validation Denial-of-Service Vulnerability