Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection
Study confirms most manufacturers with DMARC don’t have it configured to most secure policy Read More
Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak
Tickets to Foo Fighters, Aerosmith, Pink and Usher gigs have been leaked by a threat actor trying to extort Ticketmaster Read More
Progress Telerik Report Server Authentication Bypass Vulnerability
What is the Vulnerability?Progress Telerik Report Server contains an authorization bypass by spoofing vulnerability, allowing an attacker to bypass authentication and create rogue administrator users....
RockYou2024: Unpacking the Largest Password Leak in History
This Fourth of July brought fireworks in the form of a digital security breach, one that has been recorded as the most significant password leak...
USN-6880-1: Tomcat vulnerability
Sam Shahsavar discovered that Apache Tomcat did not properly reject HTTP requests with an invalid Content-Length header. A remote attacker could possibly use this issue...
yt-dlp-2024.07.07-1.fc39
FEDORA-2024-c07c365ba7 Packages in this update: yt-dlp-2024.07.07-1.fc39 Update description: Update to 2024.07.07 Update to 2024.07.02 Read More
On the CSRB’s Non-Investigation of the SolarWinds Attack
ProPublica has a long investigative article on how the Cyber Safety Review Board failed to investigate the SolarWinds attack, and specifically Microsoft’s culpability, even though...
USN-6885-1: Apache HTTP Server vulnerabilities
Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue...
krb5-1.21.2-6.fc41
FEDORA-2024-36514cd080 Packages in this update: krb5-1.21.2-6.fc41 Update description: Automatic update for krb5-1.21.2-6.fc41. Changelog * Mon Jul 8 2024 Julien Rische <jrische@redhat.com> - 1.21.2-6 - CVE-2024-37370...