Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

Ubuntu Security Notice USN-6760-1

Ubuntu Security Notice 6760-1 - George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure when parsing certain nested RS-274X format files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.

Packet Storm
Open in Source
#vulnerability#ios#mac#ubuntu#dos#js#c++#perl#sap
Everyone's an Expert: How to Empower Your Employees for Cybersecurity Success

There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you’ve got to remain prepared to confront those very same threats. As a decision-maker for your organization, you know this well. But no matter how many experts or trusted cybersecurity tools your organization has a standing guard,

GHSA-jxgr-gcj5-cqqg: nautobot has reflected Cross-site Scripting potential in all object list views

### Impact It was discovered that due to improper handling and escaping of user-provided query parameters, a maliciously crafted Nautobot URL could potentially be used to execute a Reflected Cross-Site Scripting (Reflected XSS) attack against users. All filterable object-list views in Nautobot are vulnerable, including: - /dcim/location-types/ - /dcim/locations/ - /dcim/racks/ - /dcim/rack-groups/ - /dcim/rack-reservations/ - /dcim/rack-elevations/ - /tenancy/tenants/ - /tenancy/tenant-groups/ - /extras/tags/ - /extras/statuses/ - /extras/roles/ - /extras/dynamic-groups/ - /dcim/devices/ - /dcim/platforms/ - /dcim/virtual-chassis/ - /dcim/device-redundancy-groups/ - /dcim/interface-redundancy-groups/ - /dcim/device-types/ - /dcim/manufacturers/ - /dcim/cables/ - /dcim/console-connections/ - /dcim/power-connections/ - /dcim/interface-connections/ - /dcim/interfaces/ - /dcim/front-ports/ - /dcim/rear-ports/ - /dcim/console-ports/ - /dcim/console-server-ports/ - /dcim/power-ports/ - /dc...

Wireless carriers fined $200 million after illegally sharing customer location data

Four major wireless carriers have been fined by the FCC for sharing access to customers’ location data without consent.

To Damage OT Systems, Hackers Tap USBs, Old Bugs & Malware

USBs have something the newest, hottest attack techniques lack: the ability to bridge air gaps.

Wireless Carriers Face $200M FCC Fine As Data Privacy Waters Roil

Verizon, AT&T, and T-Mobile USA are being fined for sharing location data. They plan to appeal the decision, which is the culmination of a four-year investigation into how carriers sold customer data to third parties.

The White House Has a New Master Plan to Stop Worst-Case Scenarios

President Joe Biden has updated the directives to protect US critical infrastructure against major threats, from cyberattacks to terrorism to climate change.

School Employee Allegedly Framed a Principal With Racist Deepfake Rant

Plus: Google holds off on killing cookies, Samourai Wallet founders get arrested, and GM stops driver surveillance program.

Thousands of Qlik Sense Servers Open to Cactus Ransomware

The business intelligence servers contain vulnerabilities that Qlik patched last year, but which Cactus actors have been exploiting since November. Swathes of organizations have not yet been patched.