Advisories
-
ClickFix Exploits Users with Fake Errors and Malicious Code
ClickFix exploits fake error messages across multiple platforms, such as Google Meet and Zoom Read More
-
Canadian Man Arrested in Snowflake Data Extortions
A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. Image: https://www.pomerium.com/blog/the-real-lessons-from-the-snowflake-breach On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States. Bloomberg first…
-
The AI Fix #23: Murder most weird, and why 9.11 is bigger than 9.9
In episode 23 of The AI Fix, an AI finds a new way to make life difficult for women in STEM, Graham reveals his brilliant idea for treating any medical emergency, a beloved chat show host returns from the grave, and our hosts learn that computer viruses were almost called computer weeds. Graham tells Mark…
-
ToxicPanda Malware Targets Banking Apps on Android Devices
ToxicPanda malware targets banking apps on Android, spreading through Italy, Portugal and Spain Read More
-
python3.6-3.6.15-38.fc41
FEDORA-2024-126c4f06a8 Packages in this update: python3.6-3.6.15-38.fc41 Update description: Security fix for CVE-2024-9287 (rhbz#2321659) Read More
-
US Voters Urged to Use Official Sources for Election Information
A joint US government advisory warned about increasing foreign influence efforts designed to undermine the legitimacy of the Presidential Election Read More
-
USN-7092-1: mpg123 vulnerability
It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or automated system were tricked into opening a specially crafted mp3 file, a remote attacker could use this issue to cause mpg123 to crash, resulting in a denial of service, or possibly execute arbitrary code. Read More
-
python3.6-3.6.15-38.fc42
FEDORA-2024-0bebaff45f Packages in this update: python3.6-3.6.15-38.fc42 Update description: Automatic update for python3.6-3.6.15-38.fc42. Changelog * Mon Nov 4 2024 Lumír Balhar <lbalhar@redhat.com> – 3.6.15-38 – Security fix for CVE-2024-9287 (rhbz#2321659) Read More
-
AIs Discovering Vulnerabilities
I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better. Here’s some anecdotal data from…
-
Pakistani Hackers Targeted High-Profile Indian Entities using Custom RAT
APT36 evolved its remote access trojan, ElizaRAT, along with introducing a new stealer payload called ApoloStealer Read More