EUVD-2023-29505

Malicious code in bioql PyPI...

Microsoft and Security Incentives

Former senior White House cyber policy director A. J. Grotto talks about the economic incentives for companies to improve their security--in particular, Microsoft: Grotto told us Microsoft had to be "dragged kicking and screaming" to provide logging capabilities to the government by default, and...

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable th...

Samsung Notes libspenbase library maetd_cpy_slice function buffer overflow vulnerability

Samsung Notes is a South Korean company Samsung's Samsung application used to provide note-taking capabilities. A buffer overflow vulnerability exists in the maetdcpyslice function of the Samsung Notes libspenbase library, which can be exploited by an attacker to execute arbitrary code...

[SECURITY] Fedora 23 Update: sudo-1.8.17p1-1.fc23

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...