#auth

Red Hat Security Advisory 2024-1876-03 - An update for shim is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.

The Federal Trade Commission (FTC) has reached a settlement with online mental health services company Cerebral after the company was charged with failing to secure and protect sensitive health data.

The missing ingredient in NIST's newest cybersecurity framework? Recovery.

Industry leaders aim to solve the threat to both the mental health of workers and security of organizations with solutions that recognize the enormous pressures facing cybersecurity professionals.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Unitronics Equipment: Vision series PLCs Vulnerability: Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to log in to the Remote HMI feature, where the PLC may be factory reset, stopped, and restarted. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Unitronics Vision 230 PLCs are affected: Vision 230: All versions Vision 280: All versions Vision 290: All versions Vision 530: All versions Vision 120: All versions 3.2 Vulnerability Overview 3.2.1 Storing Passwords in a Recoverable Format CWE-257 Unitronics Vision Standard PLCs allow a remote, unauthenticated individual to retrieve the 'Information Mode' password in plaintext. CVE-2024-1480 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H...

JuicyFields was an investment scam that urged victims to invest in cannabis production.

Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "non-sensitive-only" was set as "webserver.expose_config" configuration (The celery provider is the only community provider currently that has sensitive configurations). You should migrate to Airflow 2.9 or change your "expose_config" configuration to False as a workaround. This is similar, but different to CVE-2023-46288 https://github.com/advisories/GHSA-9qqg-mh7c-chfq which concerned API, not UI configuration page.

Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode and other malware onto victim machines.

A survey of cybercrime experts assessing the top cybercrime-producing nations results in some expected leaders — Russia, Ukraine, and China — but also some surprises.

Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That's according to the Microsoft Threat Intelligence team, which said the flaws have been weaponized since the start of April 2024. OpenMetadata is an open-source platform that operates as a