Read Time:7 Second
FEDORA-2024-f109ae6fc7
Packages in this update:
firefox-131.0.2-1.fc39
Update description:
Updated to latest upstream (131.0.2)
firefox-131.0.2-1.fc41
Read Time:7 Second
FEDORA-2024-d85494e836
Packages in this update:
firefox-131.0.2-1.fc41
Update description:
Updated to latest upstream (131.0.2)
Apple’s iPhone Mirroring Flaw Exposes Employee Privacy Risks
Read Time:10 Second
The privacy flaw in Apple’s iPhone mirroring feature enables personal apps on an iPhone to be listed in a company’s software inventory when the feature is used on work computers
New BeaverTail Malware Targets Job Seekers via Fake Recruiters
Read Time:4 Second
New BeaverTail malware targets tech job seekers via fake recruiters on LinkedIn and X
USN-7059-1: OATH Toolkit vulnerability
Read Time:10 Second
Fabian Vogt discovered that OATH Toolkit incorrectly handled file
permissions. A remote attacker could possibly use this issue to
overwrite root owned files, leading to a privilege escalation attack.
(CVE-2024-47191)
New Generation of Malicious QR Codes Uncovered by Researchers
Read Time:8 Second
Barracuda researchers have identified a new wave of QR code phishing attacks that evade traditional security measures and pose a significant threat to email security
UK Launches New Competition to Spur Cybersecurity Careers
Read Time:6 Second
The UK government’s Cyber Team Competition offer applicants the chance to receive advanced training, mentorship and networking opportunities
USN-7043-4: cups-filters vulnerabilities
Read Time:42 Second
USN-7043-1 fixed vulnerabilities in cups-filters. This update improves the
fix for CVE-2024-47176 by removing support for the legacy CUPS printer
discovery protocol entirely.
Original advisory details:
Simone Margaritelli discovered that the cups-filters cups-browsed
component could be used to create arbitrary printers from outside the
local network. In combination with issues in other printing components, a
remote attacker could possibly use this issue to connect to a system,
created manipulated PPD files, and execute arbitrary code when a printer
is used. This update disables support for the legacy CUPS printer
discovery protocol. (CVE-2024-47176)
Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP
data when creating PPD files. A remote attacker could possibly use this
issue to manipulate PPD files and execute arbitrary code when a printer is
used. (CVE-2024-47076)
USN-7042-2: cups-browsed vulnerability
Read Time:27 Second
USN-7042-1 fixed a vulnerability in cups-browsed. This update improves the
fix by removing support for the legacy CUPS printer discovery protocol
entirely.
Original advisory details:
Simone Margaritelli discovered that cups-browsed could be used to create
arbitrary printers from outside the local network. In combination with
issues in other printing components, a remote attacker could possibly use
this issue to connect to a system, created manipulated PPD files, and
execute arbitrary code when a printer is used. This update disables
support for the legacy CUPS printer discovery protocol.
Auto-Identification Smart Glasses
Read Time:10 Second
Two students have created a demo of a smart-glasses app that performs automatic facial recognition and then information lookups. Kind of obvious, but the sort of creepy demo that gets attention.
News article.