USN-5295-1: Linux kernel (HWE) vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause...
DSA-5080 snapd – security update
Multiple vulnerabilties were discovered in snapd, a daemon and tooling that enable Snap packages, which could result in bypass of access restrictions or privilege escalation....
DSA-5081 redis – security update
Reginaldo Silva discovered a (Debian-specific) Lua sandbox escape in Redis, a persistent key-value database. Read More
DSA-5082 php7.4 – security update
Two security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure or denial of service....
CVE-2014-8597
A reflected cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.07 allows remote attackers to inject arbitrary web script or HTML via the status parameter in the...
Data Privacy Lawsuit Could Cost Meta $90m
Facebook parent agrees to pay $90M to settle decade-old data privacy lawsuit Read More
Fertility Clinic Hit with Ransomware
Ransomware attack on NYC fertility clinic leads to breach of patients’ personal data Read More
U.S. government warns that sensitive data is being stolen from defence contractors
The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) have joined forces to...
Phishing Top Threat to US Healthcare
Phishing and ransomware attacks most significant security incidents for US healthcare organizations Read More
Possible Government Surveillance of the Otter.ai Transcription App
A reporter interviews a Uyghur human-rights advocate, and uses the Otter.ai transcription app. The next day, I received an odd note from Otter.ai, the automated...