Read Time:4 Second
166 Olympics-related domains displayed signs of DNS abuse like keyword stuffing and typosquatting
Monthly Archives: August 2024
NIST Releases First Post-Quantum Encryption Algorithms
Read Time:28 Second
From the Federal Register:
After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a result of the PQC Standardization Process. The public-key encapsulation mechanism selected was CRYSTALS-KYBER, along with three digital signature schemes: CRYSTALS-Dilithium, FALCON, and SPHINCS+.
These algorithms are part of three NIST standards that have been finalized:
FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard
FIPS 204: Module-Lattice-Based Digital Signature Standard
FIPS 205: Stateless Hash-Based Digital Signature Standard
NIST press release. My recent writings on post-quantum cryptographic standards.
Advanced ValleyRAT Campaign Hits Windows Users in China
Read Time:3 Second
Discovered by FortiGuard Labs, the ValleyRAT campaign targets Chinese Windows systems
Russia’s FSB Behind Massive Phishing Espionage Campaign
Read Time:6 Second
Citizen Lab attributed the campaign to Coldriver, a notorious FSB subordinate team, and Coldwastrel, a new, Russian-aligned group
USN-6963-1: GNOME Shell vulnerability
Read Time:12 Second
It was discovered that GNOME Shell incorrectly opened the portal helper
automatically when detecting a captive network portal. A remote attacker
could possibly use this issue to load arbitrary web pages containing
JavaScript, leading to resource consumption or other attacks.
Another Record Year For Ransomware Beckons as Crypto Profits Hit $460m
Read Time:4 Second
Ransom payments in the first half of 2024 hit $460m, according to Chainalysis
USN-6962-1: LibreOffice vulnerability
Read Time:11 Second
It was discovered that LibreOffice incorrectly allowed users to enable
macros when a cryptographic signature failed to validate. If a user were
tricked into opening a specially crafted document, a remote attacker could
possibly execute arbitrary macros.
python3.9-3.9.19-5.fc39
Read Time:8 Second
FEDORA-2024-b7de0faa8b
Packages in this update:
python3.9-3.9.19-5.fc39
Update description:
Security fix for CVE-2024-4032 and CVE-2024-6923
python3.9-3.9.19-5.fc40
Read Time:8 Second
FEDORA-2024-d434721ef8
Packages in this update:
python3.9-3.9.19-5.fc40
Update description:
Security fix for CVE-2024-4032 and CVE-2024-6923
python3.9-3.9.19-5.fc41
Read Time:18 Second
FEDORA-2024-d1d07e01e8
Packages in this update:
python3.9-3.9.19-5.fc41
Update description:
Automatic update for python3.9-3.9.19-5.fc41.
Changelog
* Tue Aug 13 2024 Lumír Balhar <lbalhar@redhat.com> – 3.9.19-5
– Security fix for CVE-2024-4032 (rhbz#2293397)
– Security fix for CVE-2024-6923 (rhbz#2303164)