The UK Government takes aim at IoT devices shipping with weak or default passwords, an identity thief spends two years in jail after being mistaken for the person who stole his name, and are you au fait with the latest scams?
All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.
What is the vulnerability?The CVE-2023-32315 is a path traversal vulnerability that affects all Openfire versions since version 3.1.0. Successful exploitation of this vulnerability can allow attackers to bypass authentication and gain access to sections of the restricted Openfire Admin Console. CISA recently added CVE-2023-32315 to the Known Exploited Vulnerabilities catalog, which means that the vulnerability has been observed to be exploited in the wild. What is the recommended Mitigation?The vendor released Openfire version 4.6.8 and 4.7.5 that contains a fix in mid 2023. More information could be found here: https://github.com/igniterealtime/Openfire/security/advisories/GHSA-gw42-f939-fhvmWhat FortiGuard Coverage is available?FortiGuard Labs has an existing “Openfire.setup.CVE-2023-32315.Authentication.Bypass” IPS signature released since August 2023.
The data from ReliaQuest also suggests LockBit faced a significant setback due to law enforcement action
Andrew Witty made the claims in a written testimony submitted before a House subcommittee hearing
et-6.2.8-2.el8
Update to 6.2.8, fixing CVE-2022-48257 and CVE-2022-48258
Comparitech found that 18% of ransomware incidents in the US led to a lawsuit in 2023, with 59% of completed lawsuits since 2018 proving successful
pypy-7.3.15-3.fc40
Security fix for CVE-2023-5752 (in the bundled pip).
pypy-7.3.15-3.fc39
Security fix for CVE-2023-5752 (in the bundled pip).
pypy-7.3.15-3.fc38
Security fix for CVE-2023-5752 (in the bundled pip).
Posted by Security Explorations on May 01
Hello All,
There is yet another attack possible against Protected Media Path
process beyond the one involving two global XOR keys [1]. The new
attack may also result in the extraction of a plaintext content key
value.
The attack has its origin in a white-box crypto [2] implementation.
More specifically, one can devise plaintext content key from white-box
crypto data structures of which goal is to make such a reconstruction
difficult / not…
