Read Time:5 Second
VIGINUM reveals that Azerbaijan state propaganda is seeking to challenge French sovereignty in French overseas territories
Monthly Archives: December 2024
Corrupted Word Files Fuel Sophisticated Phishing Campaign
Read Time:6 Second
A new phishing attack uses corrupted Word docs to bypass security, luring victims with fake payroll and HR emails
Crypto.com Launches Massive $2m Bug Bounty Program
Read Time:7 Second
Crypto.com has launched a massive $2m bug bounty program on HackerOne, the largest ever offered on the platform, to enhance platform security
tomcat-9.0.97-1.fc40
Read Time:16 Second
FEDORA-2024-59074d64e0
Packages in this update:
tomcat-9.0.97-1.fc40
Update description:
Automatic update for tomcat-9.0.97-1.fc40.
Changelog for tomcat
* Mon Dec 02 2024 Dimitris Soumis <dsoumis@redhat.com> – 1:9.0.97-1
– Update to version 9.0.97
– Resolves: rhbz#2327089
tomcat-9.0.97-1.fc41
Read Time:16 Second
FEDORA-2024-39c6bb9e06
Packages in this update:
tomcat-9.0.97-1.fc41
Update description:
Automatic update for tomcat-9.0.97-1.fc41.
Changelog for tomcat
* Mon Dec 02 2024 Dimitris Soumis <dsoumis@redhat.com> – 1:9.0.97-1
– Update to version 9.0.97
– Resolves: rhbz#2327090
tomcat-9.0.97-1.fc42
Read Time:15 Second
FEDORA-2024-7a2ce50f81
Packages in this update:
tomcat-9.0.97-1.fc42
Update description:
Automatic update for tomcat-9.0.97-1.fc42.
Changelog
* Mon Dec 2 2024 Dimitris Soumis <dsoumis@redhat.com> – 1:9.0.97-1
– Update to version 9.0.97
– Resolves: rhbz#2327090
SmokeLoader Malware Campaign Targets Companies in Taiwan
Read Time:4 Second
SmokeLoader malware identified targeting Taiwanese firms via phishing, exploiting Microsoft Office vulnerabilities
USN-7132-1: PostgreSQL vulnerabilities
Read Time:37 Second
It was discovered that PostgreSQL incorrectly tracked tables with row
security. A remote attacker could possibly use this issue to perform
forbidden reads and modifications. (CVE-2024-10976)
Jacob Champion discovered that PostgreSQL clients used untrusted server
error messages. An attacker that is able to intercept network
communications could possibly use this issue to inject error messages that
could be interpreted as valid query results. (CVE-2024-10977)
Tom Lane discovered that PostgreSQL incorrectly handled certain privilege
assignments. A remote attacker could possibly use this issue to view or
change different rows from those intended. (CVE-2024-10978)
Coby Abrams discovered that PostgreSQL incorrectly handled environment
variables. A remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2024-10979)
Details about the iOS Inactivity Reboot Feature
Read Time:15 Second
I recently wrote about the new iOS feature that forces an iPhone to reboot after it’s been inactive for a longish period of time.
Here are the technical details, discovered through reverse engineering. The feature triggers after seventy-two hours of inactivity, even it is remains connected to Wi-Fi.
Russia Arrests Prominent Ransomware Operator
Read Time:5 Second
Mikhail Matveev, aka WazaWaka, had worked with several ransomware groups, including Babuk, Conti, Darkside, Hive and LockBit