Tuesday, March 19, 2024

InfoSec News Feeds

Packetstorm

  • Lynis Auditing Tool 3.1.1
    on 18 March 2024 at 2:31 PM

    Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated […]

  • dav1d Integer Overflow / Out-Of-Bounds Write
    on 18 March 2024 at 2:24 PM

    There is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write.

  • Ubuntu Security Notice USN-6696-1
    on 18 March 2024 at 2:19 PM

    Ubuntu Security Notice 6696-1 - Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered […]

THN

PortSwigger

Security Affaris

  • Fujitsu suffered a malware attack and probably a...
    by Pierluigi Paganini on 18 March 2024 at 7:05 PM

    Technology giant Fujitsu announced it had suffered a cyberattack that may have resulted in the theft of customer information. Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information. The company revealed […]

  • Remove WordPress miniOrange plugins, a critical...
    by Pierluigi Paganini on 18 March 2024 at 12:48 PM

    A critical vulnerability in WordPress miniOrange’s Malware Scanner and Web Application Firewall plugins can allow site takeover. On March 1st, 2024, WordPress security firm Wordfence received a submission for a Privilege Escalation vulnerability in miniOrange’s Malware Scanner as part of the […]

  • The Aviation and Aerospace Sectors Face...
    by Pierluigi Paganini on 18 March 2024 at 10:32 AM

    Resecurity reported about the increasing wave of cyber incidents targeting the aerospace and aviation sectors. The experts emphasized the importance of rigorous cybersecurity risk assessments for airports and proactive threat intelligence in the context of the activity of major ransomware groups […]

HackerOne

WeLiveSecurity

TheRegister

  • Cyberattack gifts esports pros with cheats,...
    by Connor Jones on 18 March 2024 at 1:15 PM

    Virtual gunslingers forcibly became cheaters via mystery means Updated  Esports pros competing in the Apex Legends Global Series (ALGS) Pro League tournament were forced to abandon their match today due to a suspected cyberattack.…

  • Filipino police free hundreds of slaves toiling...
    by Laura Dobberstein on 18 March 2024 at 5:46 AM

    875 workers liberated after falling for promises of lucrative work, nine arrested Filipino police rescued 875 "workers" – including 504 foreigners – in a raid late last week on a firm that posed as an online gaming company but in reality operated a forced labor camp that housed romance scam […]

  • FTC goes undercover to probe suspected antivirus...
    by Brandon Vigliarolo on 14 March 2024 at 8:24 PM

    Imagine trying to trick folks into buying $500 of unnecessary repairs – and they turn out to be federal agents A pair of tech support businesses accused of swindling marks out of their hard-earned cash have agreed to cough up a $26 million settlement following an undercover probe by the FTC.…

Security Week

  • UK Government Releases Cloud SCADA Security...
    by Eduard Kovacs on 18 March 2024 at 2:33 PM

    UK’s NCSC releases security guidance for OT organizations considering migrating their SCADA solutions to the cloud. The post UK Government Releases Cloud SCADA Security Guidance appeared first on SecurityWeek.

  • Fujitsu Data Breach Impacts Personal, Customer...
    by Ionut Arghire on 18 March 2024 at 2:10 PM

    Fujitsu says hackers infected internal systems with malware, stole personal and customer information. The post Fujitsu Data Breach Impacts Personal, Customer Information appeared first on SecurityWeek.

  • Cisco Completes $28 Billion Acquisition of Splunk
    by SecurityWeek News on 18 March 2024 at 1:41 PM

    The networking giant paid $157 per share in cash for Splunk, a powerhouse in data analysis, security and observability tools, in a deal first announced in September 2023. The post Cisco Completes $28 Billion Acquisition of Splunk appeared first on SecurityWeek.

Exploit-DB Updates