Tuesday, March 19, 2024

InfoSec News Feeds

Packetstorm

  • Lynis Auditing Tool 3.1.1
    on 18 March 2024 at 2:31 PM

    Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated […]

  • dav1d Integer Overflow / Out-Of-Bounds Write
    on 18 March 2024 at 2:24 PM

    There is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write.

  • Ubuntu Security Notice USN-6696-1
    on 18 March 2024 at 2:19 PM

    Ubuntu Security Notice 6696-1 - Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered […]

THN

PortSwigger

Security Affaris

  • Earth Krahang APT breached tens of government...
    by Pierluigi Paganini on 19 March 2024 at 8:33 AM

    Trend Micro uncovered a sophisticated campaign conducted by Earth Krahang APT group that breached 70 organizations worldwide. Trend Micro researchers uncovered a sophisticated campaign conducted by a threat actor tracked as Earth Krahang while investigating the activity of China-linked APT Earth […]

  • PoC exploit for critical RCE flaw in Fortra...
    by Pierluigi Paganini on 18 March 2024 at 8:41 PM

    Fortra addressed a critical remote code execution vulnerability impacting its FileCatalyst file transfer product. Fortra has released updates to address a critical vulnerability, tracked as CVE-2024-25153 (CVSS score 9.8) impacting its FileCatalyst file transfer solution. A remote, […]

  • Fujitsu suffered a malware attack and probably a...
    by Pierluigi Paganini on 18 March 2024 at 7:05 PM

    Technology giant Fujitsu announced it had suffered a cyberattack that may have resulted in the theft of customer information. Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information. The company revealed […]

HackerOne

WeLiveSecurity

TheRegister

  • Fujitsu reveals malware installed on internal...
    by Jessica Lyons on 18 March 2024 at 8:30 PM

    Sneaky software slips past shields, spurring scramble Fujitsu has confirmed that miscreants have compromised some of its internal computers, deployed malware, and may have stolen some customer information.…

  • Cyberattack gifts esports pros with cheats,...
    by Connor Jones on 18 March 2024 at 1:15 PM

    Virtual gunslingers forcibly became cheaters via mystery means Updated  Esports pros competing in the Apex Legends Global Series (ALGS) Pro League tournament were forced to abandon their match today due to a suspected cyberattack.…

  • Filipino police free hundreds of slaves toiling...
    by Laura Dobberstein on 18 March 2024 at 5:46 AM

    875 workers liberated after falling for promises of lucrative work, nine arrested Filipino police rescued 875 "workers" – including 504 foreigners – in a raid late last week on a firm that posed as an online gaming company but in reality operated a forced labor camp that housed romance scam […]

Security Week

  • UnitedHealth Says It Has Made Progress on...
    by Associated Press on 19 March 2024 at 2:25 AM

    UnitedHealth is testing the last major system it must restore from last month’s Change Healthcare cyberattack, but it has no date yet for finishing the recovery. The post UnitedHealth Says It Has Made Progress on Recovering From Massive Cyberattack appeared first on SecurityWeek.

  • UK Government Releases Cloud SCADA Security...
    by Eduard Kovacs on 18 March 2024 at 2:33 PM

    UK’s NCSC releases security guidance for OT organizations considering migrating their SCADA solutions to the cloud. The post UK Government Releases Cloud SCADA Security Guidance appeared first on SecurityWeek.

  • Fujitsu Data Breach Impacts Personal, Customer...
    by Ionut Arghire on 18 March 2024 at 2:10 PM

    Fujitsu says hackers infected internal systems with malware, stole personal and customer information. The post Fujitsu Data Breach Impacts Personal, Customer Information appeared first on SecurityWeek.

Exploit-DB Updates