14 matches found
EUVD-2023-60404
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix potential panic dues to unprotected smcllcsrvaddlink There is a certain chance to trigger the following panic: PID: 5900 TASK: ffff88c1c8af4100 CPU: 1 COMMAND: "kworker/1:48" 0 ffff9456c1cc79a0 machinekexec at...
CVE-2023-54237
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix potential panic dues to unprotected smcllcsrvaddlink There is a certain chance to trigger the following panic: PID: 5900 TASK: ffff88c1c8af4100 CPU: 1 COMMAND: "kworker/1:48" 0 ffff9456c1cc79a0 machinekexec at...
Linux Distros Unpatched Vulnerability : CVE-2023-54237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/smc: fix potential panic dues to unprotected smcllcsrvaddlink There is a certain chance to trigger the following panic: PID: 5900 TASK: ffff88c1c8af4100 CPU...
The Future of Cybersecurity Risk Management: Risk Operations Center (ROC) delivered by Qualys Enterprise TruRisk™ Management (ETM)
" A problem well defined is a problem half solved." – Charles Kettering In today’s digital landscape, organizations are overwhelmed with risk signals from all directions—cloud vulnerabilities, misconfigurations in custom code, operational technology OT gaps, and third-party integrations, to name ...
CSAF - Cyber Security Awareness Framework
The Cyber Security Awareness Framework CSAF is a structured approach aimed at enhancing Cybersecurity" title="Cybersecurity"cybersecurity awareness and understanding among individuals, organizations, and communities. It provides guidance for the development of effective Cybersecurity"...
RCE (Remote Code Execution) com.h2database:h2 Dependency in Bamboo Data Center and Server
This High severity com.h2database:h2 Dependency vulnerability was introduced in versions 9.1.0, 9.2.1, 9.3.0, and 9.4.0 of Bamboo Data Center and Server. This com.h2database:h2 Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H...
Threat Source newsletter (Jan. 19, 2023): Talent retention and institutional knowledge
Welcome to this weeks edition of the Threat Source newsletter. Talent retention and institutional knowledge go hand in hand. Both are critical to ensuring the security of your network environment. To that end, I want to talk briefly about why talent retention isnt just about money. So I am going ...
IT Security Takeaways from the Wiseasy Hack
Last month Tech Crunch reported that payment terminal manufacturer Wiseasy had been hacked. Although Wiseasy might not be well known in North America, their Android-based payment terminals are widely used in the Asia Pacific region and hackers managed to steal passwords for 140,000 payment...
Product Overview - Cynet Centralized Log Management
For most organizations today, the logs produced by their security tools and environments provide a mixed bag. On the one hand, they can be a trove of valuable data on security breaches, vulnerabilities, attack patterns, and general security insights. On the other, organizations don't have the rig...
Injecting a Backdoor into SolarWinds Orion
Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process: Key Points SUNSPOT is StellarParticles malware used to insert the SUNBURST backdoor into software builds of the SolarWinds Orion IT management product. SUNSPOT monitors...
Free Download: The Ultimate Security Pros’ Checklist
You are a cybersecurity professional with the responsibility to keep your organization secured, you know your job chapter and verse, from high-level reporting duties to the bits and bytes of what malware targeted your endpoints a week ago. But it’s a lot to hold in one’s mind, so to make your lif...
New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware
Researchers have identified a new threat actor that is using impersonation fraud to purchase digital certificates that are then used for the spread of malware. Security firm ReversingLabs identified a bad actor that deceives certificate authorities into selling them legitimate digital certificate...
Fedora 20 : mksh-50c-1.fc20 (2014-12242)
R50c is a security fix release : - Know more rare signals when generating syssigname replacement - OpenBSD sync mostly RCSID only - Document HISTSIZE limit; found by luigi345 on IRC - Fix link to Debian .mkshrc - Cease exporting $RANDOM Debian 760857 - Fix C99 compatibility - Work around klibc bu...
What every CIO should know about the new ISO 27001:2013 framework
Originally released in 2005, the ISO 27001 standard has recently been updated with additional guidelines for assessing risks within information management systems. These changes constitute the first revisions to the standard in eight years and have major implications for organizational compliance...