Read Time:7 Second
FEDORA-2022-30744868ee
Packages in this update:
openssl-3.0.2-1.fc36
Update description:
Rebase to upstream version 3.0.2
Cyclops Blink Malware Expands to Target Asus
Aircraft Disrupted by Satellite Jamming Following Russian Invasion
Cloud-Based Email Threats Surge 50% in 2021
MITRE and partners build insider threat knowledge base
Read Time:28 Second
Is the time right for a unified lexicon of known tactics, techniques and procedures (TTP) used by insiders who opt to break trust with their employers? MITRE thinks so and has positioned itself to serve as the locus for insider threat knowledge.
In mid-February, MITRE Engenuity’s Center for Threat Informed Defense, supported by a phalanx of multi-sector powerhouses including Citigroup Technology, Microsoft, Crowdstrike, Verizon, and JP Morgan Chase, published their Design Principles and Methodology for the Insider Threat TTP Knowledge Base.
ZDI-22-511: Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-512: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-513: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-514: (Pwn2Own) Canon imageCLASS MF644Cdw CADM Heap-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw printers. Authentication is not required to exploit this vulnerability.
ZDI-22-515: (Pwn2Own) Canon imageCLASS MF644Cdw SLP Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw printers. Authentication is not required to exploit this vulnerability.