Security
Headlines
HeadlinesLatestCVEs

Tag

#aws

Ubuntu Security Notice USN-7089-3

Ubuntu Security Notice 7089-3 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Packet Storm
#vulnerability#web#mac#microsoft#amazon#ubuntu#linux#dos#oracle#perl#samba#aws#amd
Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials. The package in question is "fabrice," which typosquats a popular Python library known as "fabric," which is designed to execute shell commands remotely over

Google Cloud to Enforce MFA on Accounts in 2025

Google Cloud will take a phased approach to make multifactor authentication mandatory for all users.

Ubuntu Security Notice USN-7088-3

Ubuntu Security Notice 7088-3 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users

Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security. "We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025," Mayank Upadhyay, vice president of engineering and distinguished engineer at

Canadian Authorities Arrest Attacker Who Stole Snowflake Data

The suspect, tracked as UNC5537, allegedly bragged about hacking several Snowflake victims on Telegram, drawing attention to himself.

NAKIVO Backup for MSP: Best Backup Solution for MSPs

Explore the features of the NAKIVO MSP backup solution. Choose the best MSP backup software to protect client…

EmeraldWhale's Massive Git Breach Highlights Config Gaps

The large-scale operation took advantage of open repositories, hardcoded credentials in source code, and other cloud oversights.

Chinese APTs Cash In on Years of Edge Device Attacks

The sophisticated Chinese cyberattacks of today rest on important groundwork laid during the pandemic and before.

EMERALDWHALE Steals 15,000+ Cloud Credentials, Stores Data in S3 Bucket

Operation EMERALDWHALE compromises over 15,000 cloud credentials, exploiting exposed Git and Laravel files. Attackers use compromised S3 buckets…