Past four years sees surge in ICS vulnerability disclosures with most vulnerabilities of low complexity
python-pillow-9.0.1-6.fc36
FEDORA-2022-2e4c6ac063
Packages in this update:
python-pillow-9.0.1-6.fc36
Update description:
Fix incorrect mingw package name.
#CCSE22: Why Are Organizations Getting Zero Trust “Wrong”?
A star-studded panel discussion explored implementing zero trust and reducing overall risk
usbguard-1.1.0-1.fc36
FEDORA-2022-1f97de95ba
Packages in this update:
usbguard-1.1.0-1.fc36
Update description:
Security fix for CVE-2019-25058
usbguard-1.1.0-1.fc34
FEDORA-2022-668038c1da
Packages in this update:
usbguard-1.1.0-1.fc34
Update description:
Security fix for CVE-2019-25058
usbguard-1.1.0-1.fc35
FEDORA-2022-0b97f87195
Packages in this update:
usbguard-1.1.0-1.fc35
Update description:
Security fix for CVE-2019-25058
USN-5311-1: containerd vulnerability
It was discovered that containerd allows attackers to gain access to read-
only copies of arbitrary files and directories on the host via a specially-
crafted image configuration. An attacker could possibly use this issue to
obtain sensitive information.
usbguard-1.1.0-1.fc37
FEDORA-2022-1869fe2aec
Packages in this update:
usbguard-1.1.0-1.fc37
Update description:
Automatic update for usbguard-1.1.0-1.fc37.
Changelog
* Thu Mar 3 2022 Radovan Sroka <rsroka@redhat.com> – 1.1.0-1
– rebase to 1.1.0
Resolves: rhbz#2058450
– fixed CVE-2019-25058 usbguard: Fix unauthorized access via D-Bus
Resolves: rhbz#2058466
US legislation brings mandatory cyberattack and ransomware reporting one step closer
New legislation, unanimously passed by the US Senate could – amongst other things – require organisations working in critical industry sectors to alert the US Government about hacks and ransomware attacks.
Read more in my article on the Tripwire State of Security blog.
Smashing Security podcast #264: Hacked car chargers, Telegram sextortionists, and secret bossware
Why might Russian EV chargers be displaying an anti-Putin message? Why are Telegram groups sharing sharing explicit images of women without their consent? And who is watching you in the workplace?
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.