Read Time:7 Second
Our National Framework proposes a whole-of-society effort to tackle multidimensional threats in the connected world. Explore our high-level findings.
Sophisticated Phishing Campaign Targets Microsoft OneDrive Users
Read Time:4 Second
The OneDrive campaign uses social engineering to trick users into executing a PowerShell script
orc-0.4.39-1.fc40
Read Time:6 Second
FEDORA-2024-c7bb042d5b
Packages in this update:
orc-0.4.39-1.fc40
Update description:
Update to 0.4.39
389-ds-base-2.4.6-1.fc39
Read Time:19 Second
FEDORA-2024-c8290315df
Packages in this update:
389-ds-base-2.4.6-1.fc39
Update description:
Changelog
* Tue Jul 30 2024 Viktor Ashirov <vashirov@redhat.com> – 2.4.6-1
– Update to 2.4.6
– Resolves: CVE-2024-1062 (rhbz#2261884)
– Resolves: CVE-2024-2199 (rhbz#2283632)
– Resolves: CVE-2024-3657 (rhbz#2283631)
– Resolves: CVE-2024-5953 (rhbz#2292109)
The AI Fix #9: When AI detectors fail (spectacularly), and OpenAI’s five steps to Skynet
Read Time:22 Second
In episode nine of “The AI Fix”, our hosts learn about the world’s most dangerous vending machine, a cartoonist who hypnotises himself with AI, and OpenAI’s plans to eat Google’s lunch.
Graham tells Mark about a pig-farming professor, and Mark tests Graham’s tolerance with OpenAI’s terrifying roadmap to Artificial General Intelligence.
All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.
Stolen GenAI Accounts Flood Dark Web With 400 Daily Listings
Read Time:7 Second
According to eSentire, around 400 GenAI account logins are sold daily on the dark web, including credentials for GPT, Quillbot, Notion and Replit
USN-6928-1: Python vulnerabilities
Read Time:24 Second
It was discovered that the Python ssl module contained a memory race
condition when handling the APIs to obtain the CA certificates and
certificate store statistics. This could possibly result in applications
obtaining wrong results, leading to various SSL issues. (CVE-2024-0397)
It was discovered that the Python ipaddress module contained incorrect
information about which IP address ranges were considered “private” or
“globally reachable”. This could possibly result in applications applying
incorrect security policies. (CVE-2024-4032)
golang-github-dvsekhvalnov-jose2go-1.7.0-1.fc41
Read Time:25 Second
FEDORA-2024-8c116e555a
Packages in this update:
golang-github-dvsekhvalnov-jose2go-1.7.0-1.fc41
Update description:
Automatic update for golang-github-dvsekhvalnov-jose2go-1.7.0-1.fc41.
Changelog
* Tue Jul 30 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info> – 1.7.0-1
– Update to 1.7.0 – Closes rhbz#1922010 rhbz#2255966 rhbz#2300742
* Thu Jul 18 2024 Fedora Release Engineering <releng@fedoraproject.org> – 1.3-18
– Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
USN-6924-2: Linux kernel vulnerabilities
Read Time:18 Second
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM SCMI message protocol;
– InfiniBand drivers;
– TTY drivers;
– TLS protocol;
(CVE-2022-48655, CVE-2024-36016, CVE-2024-26584, CVE-2021-47131,
CVE-2024-26907, CVE-2024-26585, CVE-2024-26583)
389-ds-base-3.0.4-2.fc40
Read Time:25 Second
FEDORA-2024-ac07913be8
Packages in this update:
389-ds-base-3.0.4-2.fc40
Update description:
Changelog
* Tue Jul 30 2024 Viktor Ashirov <vashirov@redhat.com> – 3.0.4-2
– Replace lmdb with lmdb-libs in Requires
* Tue Jul 30 2024 Viktor Ashirov <vashirov@redhat.com> – 3.0.4-1
– Update to 3.0.4
– Resolves: CVE-2024-1062 (rhbz#2261884)
– Resolves: CVE-2024-2199 (rhbz#2283632)
– Resolves: CVE-2024-3657 (rhbz#2283631)
– Resolves: CVE-2024-5953 (rhbz#2292109)