Read Time:8 Second
FEDORA-2024-cdde5c873d
Packages in this update:
mingw-expat-2.6.4-1.fc40
Update description:
Update to 2.6.4.
Backport fix for CVE-2024-50602.
Monthly Archives: November 2024
mingw-expat-2.6.4-1.fc41
Read Time:8 Second
FEDORA-2024-fa21fd6c77
Packages in this update:
mingw-expat-2.6.4-1.fc41
Update description:
Update to 2.6.4.
Backport fix for CVE-2024-50602.
Palo Alto Expedition Missing Authentication Vulnerability (CVE-2024-5910)
Read Time:49 Second
What is the Vulnerability?CISA has added CVE-2024-5910, a missing authentication vulnerability in Palo Alto Networks Expedition to its known exploited vulnerability (KEV) list. Expedition is a migration tool aiding in configuration migration, tuning, and enrichment from one of the supported vendors to Palo Alto Networks. Successful exploitation of CVE-2024-5910 can lead to an admin account takeover. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue. What is the recommended Mitigation?Palo Alto Networks has released security updates to address the vulnerability. This issue is fixed in Expedition 1.2.92 and all later versions. https://security.paloaltonetworks.com/CVE-2024-5910 What is FortiGuard Coverage?FortiGuard recommends users to apply the fix provided by the vendor and follow any mitigation steps provided. FortiGuard IPS protection is available, and Fortinet customers remain protected through it. Intrusion Prevention | FortiGuard LabsThe FortiGuard Incident Response team can be engaged to help with any suspected compromise.
DSA-5806-1 libarchive – security update
Read Time:14 Second
A heap-based out-of-bounds write vulnerability was discovered in
libarchive, a multi-format archive and compression library, which may
result in the execution of arbitrary code if a specially crafted RAR
archive is processed.
Friday Squid Blogging: Squid-A-Rama in Des Moines
Read Time:18 Second
Squid-A-Rama will be in Des Moines at the end of the month.
Visitors will be able to dissect squid, explore fascinating facts about the species, and witness a live squid release conducted by local divers.
How are they doing a live squid release? Simple: this is Des Moines, Washington; not Des Moines, Iowa.
Pro-Russian Hacktivists Target South Korea as North Korea Joins Ukraine War
Read Time:7 Second
South Korea warned that pro-Russian groups have attacked government and private sector websites following the deployment of North Korean soldiers in Ukraine
AI Industry is Trying to Subvert the Definition of “Open Source AI”
Read Time:1 Minute, 26 Second
The Open Source Initiative has published (news article here) its definition of “open source AI,” and it’s terrible. It allows for secret training data and mechanisms. It allows for development to be done in secret. Since for a neural network, the training data is the source code—it’s how the model gets programmed—the definition makes no sense.
And it’s confusing; most “open source” AI models—like LLAMA—are open source in name only. But the OSI seems to have been co-opted by industry players that want both corporate secrecy and the “open source” label. (Here’s one rebuttal to the definition.)
This is worth fighting for. We need a public AI option, and open source—real open source—is a necessary component of that.
But while open source should mean open source, there are some partially open models that need some sort of definition. There is a big research field of privacy-preserving, federated methods of ML model training and I think that is a good thing. And OSI has a point here:
Why do you allow the exclusion of some training data?
Because we want Open Source AI to exist also in fields where data cannot be legally shared, for example medical AI. Laws that permit training on data often limit the resharing of that same data to protect copyright or other interests. Privacy rules also give a person the rightful ability to control their most sensitive information like decisions about their health. Similarly, much of the world’s Indigenous knowledge is protected through mechanisms that are not compatible with later-developed frameworks for rights exclusivity and sharing.
How about we call this “open weights” and not open source?
Major Oilfield Supplier Hit by Ransomware Attack
Read Time:6 Second
International energy solution provider Newpark Resources has confirmed it was hit by a ransomware attack that disrupted critical systems
North Korean Actor Deploys Novel Malware Campaign Against Crypto Firms
Read Time:7 Second
SentinelLabs observed the North Korean group BlueNoroff targeting crypto firms via a multi-stage malware campaign which utilizes a novel persistence mechanism
Cisco URWB Access Point Command Injection Vulnerability (CVE-2024-20418)
Read Time:54 Second
What is the Vulnerability?A maximum severity security (CVS Score 10.0) vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating system. This vulnerability is due to improper validation of input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system.The FortiGuard Threat Research Team is actively monitoring the vulnerability and will update this report with any new developments.What is the recommended Mitigation?Cisco has released security updates to address the vulnerability. [Cisco Advisory and Patch]What is the FortiGuard Coverage?FortiGuard recommends users to apply the fix provided by the vendor and follow any mitigation steps provided.The FortiGuard Incident Response Team can be engaged to help with any suspected compromise.FortiGuard IPS protection is being reviewed to defend against any attack attempts targeting the vulnerable devices.