Read Time:8 Second
FEDORA-EPEL-2025-d8034c0356
Packages in this update:
perl-Net-OAuth-0.30-1.el10_0
Update description:
Update to 0.30, fixes CVE-2025-22376
Category Archives: Advisories
golang-github-aws-sdk-2-20250103-1.fc41 golang-github-aws-smithy-1.22.1-1.fc41 golang-github-ncw-swift-2-2.0.3-1.fc41 rclone-1.68.2-1.fc41
Read Time:15 Second
FEDORA-2025-0620fdebb6
Packages in this update:
golang-github-aws-sdk-2-20250103-1.fc41
golang-github-aws-smithy-1.22.1-1.fc41
golang-github-ncw-swift-2-2.0.3-1.fc41
rclone-1.68.2-1.fc41
Update description:
Fix for CVE-2024-52522 & CVE-2024-45338
mupdf-1.24.6-4.fc41
Read Time:6 Second
FEDORA-2025-7d002ee0e7
Packages in this update:
mupdf-1.24.6-4.fc41
Update description:
fix CVE-2024-46657 (rhbz#2331627)
golang-github-aws-sdk-2-20250103-1.fc42 golang-github-rclone-gofakes3-0.0.3-1.fc42 rclone-1.68.2-1.fc42
Read Time:11 Second
FEDORA-2025-9b0b1cc333
Packages in this update:
golang-github-aws-sdk-2-20250103-1.fc42
golang-github-rclone-gofakes3-0.0.3-1.fc42
rclone-1.68.2-1.fc42
Update description:
Fix for CVE-2024-52522
suricata-7.0.8-1.el8
Read Time:8 Second
FEDORA-EPEL-2025-02e26b51d5
Packages in this update:
suricata-7.0.8-1.el8
Update description:
Various security, performance, accuracy, and stability issues have been fixed.
suricata-7.0.8-1.fc40
Read Time:8 Second
FEDORA-2025-aa783e1cbd
Packages in this update:
suricata-7.0.8-1.fc40
Update description:
Various security, performance, accuracy, and stability issues have been fixed.
suricata-7.0.8-1.el9
Read Time:8 Second
FEDORA-EPEL-2025-9dfb7c8f88
Packages in this update:
suricata-7.0.8-1.el9
Update description:
Various security, performance, accuracy, and stability issues have been fixed.
suricata-7.0.8-1.fc41
Read Time:8 Second
FEDORA-2025-e24171db6d
Packages in this update:
suricata-7.0.8-1.fc41
Update description:
Various security, performance, accuracy, and stability issues have been fixed.
rabbitmq-server-4.0.5-2.fc42
Read Time:18 Second
FEDORA-2025-7c46ce9b7d
Packages in this update:
rabbitmq-server-4.0.5-2.fc42
Update description:
Automatic update for rabbitmq-server-4.0.5-2.fc42.
Changelog
* Thu Jan 2 2025 Richard W.M. Jones <rjones@redhat.com> – 4.0.5-2
– Remove downstream patch which allowed remote connections (RHBZ#2333072)
– Move license to MPL 2.0 (RHBZ#2333074)
EC2 Grouper Attack
Read Time:1 Minute, 0 Second
What is the Attack?FortiGuard Labs Threat Team has observed recent attacks by a Threat Actor dubbed “EC2 Grouper” that leverages AWS tools for PowerShell to carry out cloud-based attacks. It leverages APIs to inventory EC2 types and available regions before executing further API calls iteratively. The Threat Actor is seen using techniques that enable remote access and lateral movement within cloud environments. EC2 Grouper is a highly active threat actor frequently involved in cloud identity compromises, observed across numerous customer environments over the years. To learn more, see the detailed Threat Blog: Catching “EC2 Grouper”- No Indicators Required! | FortiGuard LabsWhat is the recommended Mitigation?Detecting illicit use of valid cloud credentials is challenging, as most attacks lack unique indicators. By correlating weak signals, such as environmental anomalies and API usage patterns, composite alerting enhances detection accuracy significantly. For detailed guidance and Threat report, visit Fortinet’s Threat Blog | FortiGuard LabsWhat FortiGuard Coverage is available?Lacework FortiCNAPP: Cloud detection and response (CDR) addresses cloud identity compromises and uses composite alerting for enhanced detection.Lacework FortiCNAPP enhances detection efficacy and integrates CIEM to assess the impact of compromised identities.Read more about how Lacework FortiCNAPP can secure your cloud environment.