Advisories
-
Veeam Backup and Replication Deserialization Vulnerability (CVE-2024-40711)
What is the Vulnerability?CVE-2024-40711 is a critical unauthenticated Remote Code Execution (RCE) vulnerability in Veeam Backup & Replication software. Threat actors could execute arbitrary code on a vulnerable system without authentication, which poses a significant risk to organizations using Veeam for backup and data protection. The vulnerability has been added to Known Exploited Vulnerabilities Catalog…
-
A glimmer of good news on the ransomware front, as encryption rates plummet
No-one would be bold enough to say that the ransomware problem is receding, but a newly-published report by Microsoft does deliver a slither of encouraging news amongst the gloom. And boy do we need some good news – amid reports that 389 US-based healthcare institutions were hit by ransomware last year – more than one…
-
USN-7069-2: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: – x86 architecture; – Cryptographic API; – CPU frequency scaling framework; – HW tracing; – ISDN/mISDN subsystem; – Media drivers; – Network drivers; – NVME drivers; – S/390…
-
thunderbird-128.3.2-1.fc41
FEDORA-2024-884a589289 Packages in this update: thunderbird-128.3.2-1.fc41 Update description: Update to 128.3.2 https://www.thunderbird.net/en-US/thunderbird/128.3.2esr/releasenotes/ Update to 128.3.1 https://www.thunderbird.net/en-US/thunderbird/128.3.1esr/releasenotes/ Update to 128.3.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-49/ https://www.thunderbird.net/en-US/thunderbird/128.3.0esr/releasenotes/ Read More
-
USN-7028-2: Linux kernel (Azure) vulnerabilities
It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws…
-
USN-7076-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: – Microsoft Azure Network Adapter (MANA) driver; – Watchdog drivers; – Netfilter; – Network traffic control; (CVE-2024-27397, CVE-2024-45016, CVE-2024-45001, CVE-2024-38630) Read More
-
Cicada3301 Ransomware Targets Critical Sectors in US and UK
Cicada3301 ransomware has targeted critical sectors in US/UK, leaking data from 30 firms in three months Read More
-
USN-7059-2: OATH Toolkit vulnerability
USN-7059-1 fixed a vulnerability in OATH Toolkit library. This update provides the corresponding update for Ubuntu 24.10. Original advisory details: Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root owned files, leading to a privilege escalation attack. (CVE-2024-47191) Read More
-
USN-7073-2: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: – Watchdog drivers; – Netfilter; – Memory management; – Network traffic control; (CVE-2024-27397, CVE-2024-38630, CVE-2024-45016, CVE-2024-26960) Read More
-
US Charges Anonymous Sudan Members in DDoS Cybercrime Case
US authorities have charged two Sudanese linked to DDoS cybercrime group, Anonymous Sudan, which caused $10m in damages Read More