Who doesn’t fancy earning US $2.5 million?
That’s the reward that’s on offer from US authorities for information leading to the arrest and/or conviction of the man who allegedly was a key figure behind the development and distribution of the notorious Angler Exploit Kit.
Read more in my article on the Tripwire State of Security blog.
BlackByte, linked to the Conti group, exploited VMware ESXi CVE-2024-37085 to control virtual machines
apr-1.7.5-1.fc39
This update to the apr package fixes a security issue in the handling of shared memory permissions.
SECURITY: CVE-2023-49582: Apache Portable Runtime (APR):
Unexpected lax shared memory permissions (cve.mitre.org)
Lax permissions set by the Apache Portable Runtime library on
Unix platforms would allow local users read access to named
shared memory segments, potentially revealing sensitive
application data.
apr-1.7.5-1.fc40
This update to the apr package fixes a security issue in the handling of shared memory permissions.
SECURITY: CVE-2023-49582: Apache Portable Runtime (APR):
Unexpected lax shared memory permissions (cve.mitre.org)
Lax permissions set by the Apache Portable Runtime library on
Unix platforms would allow local users read access to named
shared memory segments, potentially revealing sensitive
application data.
Threat actors are exploiting a vulnerability found in CCTV cameras used in critical infrastructure to spread a Mirai malware variant
Chainalysis report reveals a likely increase in new internet scams this year as fraudsters adapt to increasing enforcement efforts
CISA and the FBI warned that Iranian APT group, Fox Kitten, has helped ransomware groups to attack US organizations since 2017
2024 looks set to be the highest-grossing year yet for ransomware gangs, due – in no small part – to emboldened cybercriminals causing costly disruption at larger companies.
Read more in my article on the Exponential-e blog.
Hackers who seized control of the official Instagram account of McDonald’s claim that they managed to steal US $700,000 from unsuspecting investors by promoting a fake cryptocurrency.
Read more in my article on the Hot for Security blog.
apr-1.7.5-1.fc41
Update APR to version 1.7.5.
