Security
Headlines
HeadlinesLatestCVEs

Tag

#amazon

CVE-2022-35648: Nautilus Recalls Treadmills Due to Fall Hazard

Nautilus treadmills T616 S/N 100672PRO21140001 through 100672PRO21171980 and T618 S/N 100647PRO21130111 through 100647PRO21183960 with software before 2022-06-09 allow physically proximate attackers to cause a denial of service (fall) by connecting the power cord to a 120V circuit (which may lead to self-starting at an inopportune time).

CVE
Open in Source
#amazon#dos
Paladin Cloud Launches New Cloud Security and Governance Platform

The new open source security-as-code platform will help developers and security teams automatically detect security policy violations across the organization's cloud infrastructure.

Fake Google Software Updates Spread New Ransomware

"HavanaCrypt" is also using a command-and-control server that is hosted on a Microsoft Hosting Service IP address, researchers say.

Stealthy Cyber-Campaign Ditches Cobalt Strike for Rival 'Brute Ratel' Pen Test Tool

The latest criminal use of a legitimate red-teaming tool helps attackers stay under the radar and better access living-off-the-land binaries.

CVE-2021-4234: Access Server Release Notes | OpenVPN

OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack.

Cloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 Bucket: 'Lives at Stake'

The unsecured server exposed more than 1.5 million files, including airport worker ID photos and other PII, highlighting the ongoing cloud-security challenges worldwide.

Name That Edge Toon: On Guard

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Ubuntu Security Notice USN-5500-1

Ubuntu Security Notice 5500-1 - Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. Lin Ma discovered that the NFC Controller Interface implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

My Body, My Data Act would lock down reproductive and sexual health data

A new bill proposes the strongest Federal data privacy protections yet for reproductive and sexual health data. The post My Body, My Data Act would lock down reproductive and sexual health data appeared first on Malwarebytes Labs.

Google cracks down on sites with ties to hack-for-hire groups in UAE, Russia, India

By Deeba Ahmed Currently, over 30 sites have been marked as malicious by Google’s Safe Browsing feature. Google TAG (Threat Analysis… This is a post from HackRead.com Read the original post: Google cracks down on sites with ties to hack-for-hire groups in UAE, Russia, India