Read Time:1 Second
Post Content
Monthly Archives: June 2024
FreeBSD-EN-24:12.killpg
FreeBSD-EN-24:13.libc++
DSA-5716-1 chromium – security update
Read Time:9 Second
Security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
moodle-4.3.5-1.fc40
Read Time:6 Second
FEDORA-2024-020937763e
Packages in this update:
moodle-4.3.5-1.fc40
Update description:
Fix for multiple CVEs
moodle-4.3.5-1.fc39
Read Time:6 Second
FEDORA-2024-9df8ef935b
Packages in this update:
moodle-4.3.5-1.fc39
Update description:
Fix for multiple CVEs
Data breach at Total Fitness exposed almost half a million people’s photos – no password required
Read Time:15 Second
UK-based gym chain Total Fitness has been accused of sloppy security, following the discovery of an unsecured database containing the images of 470,000 members and staff – all accessible to anyone on the internet, no password required.
Read more in my article on the Hot for Security blog.
kitty-0.35.1-4.fc41
Read Time:13 Second
FEDORA-2024-d2ec3e14a7
Packages in this update:
kitty-0.35.1-4.fc41
Update description:
Automatic update for kitty-0.35.1-4.fc41.
Changelog
* Mon Jun 17 2024 Pavel Solovev <daron439@gmail.com> – 0.35.1-4
– rebuild for rhbz#2292712
Multiple Vulnerabilities in VMware Products Could Allow for Remote Code Execution
Read Time:30 Second
Multiple vulnerabilities have been discovered in VMware vCenter Server and Cloud Foundation, the most severe of which could allow for remote code execution. VMware vCenter Server is the centralized management utility for VMware. VMware Cloud Foundation is a multi-cloud platform that provides a full-stack hyperconverged infrastructure (HCI) that is made for modernizing data centers and deploying modern container-based applications. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the administrator account. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
92% of Organizations Hit by Credential Compromise from Social Engineering Attacks
Read Time:7 Second
A Barracuda report found that 92% of organizations experienced an average of six credential compromises caused by email-based social engineering attacks in 2023