unbound-1.21.1-1.fc41
FEDORA-2024-a5d6cd9f0a Packages in this update: unbound-1.21.1-1.fc41 Update description: Fixed builds on F41. Fixes CVE-2024-8508 https://github.com/NLnetLabs/unbound/releases/tag/release-1.21.1 Read More
Litespeed Cache Plugin Flaw Allows XSS Attack, Update Now
The new LiteSpeed Cache flaw (CVE-2024-47374) allows unauthenticated code injection across more than six million active installations Read More
Microsoft and US Government Disrupt Russian Star Blizzard Operations
Microsoft and the US government have collectively seized over 100 websites used by Russian nation-state actor Star Blizzard Read More
CeranaKeeper Emerges as New Threat to Thai Government Networks
China-aligned CeranaKeeper discovered targeting Thai govt institutions using cloud services for data exfiltration Read More
USN-7055-1: FreeRADIUS vulnerability
Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that FreeRADIUS incorrectly authenticated certain responses. An attacker able to...
USN-7053-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially...
Tick tock.. Operation Cronos arrests more LockBit ransomware gang suspects
International law enforcement continues to dismantle the LockBit ransomware gang's infrastructure. Read more in my article on the Tripwire State of Security blog. Read More
A Single Cloud Compromise Can Feed an Army of AI Sex Bots
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials...
Cybersecurity Spending on the Rise, But Security Leaders Still Feel Vulnerable
A new report by Red Canary has found that while cybersecurity budgets have risen, many security leaders still feel overwhelmed by the growing threat landscape...
USN-7054-1: unzip vulnerability
It was discovered that unzip did not properly handle unicode strings under certain circumstances. If a user were tricked into opening a specially crafted zip...