Security
Headlines
HeadlinesLatestCVEs

Tag

#aws

Ubuntu Security Notice USN-7100-2

Ubuntu Security Notice 7100-2 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Packet Storm
Open in Source
#vulnerability#web#android#mac#amazon#ubuntu#linux#dos#git#perl#samba#vmware#aws#ssl
Amazon Employee Data Compromised in MOVEit Breach

The data leak was not actually due to a breach in Amazon's systems but rather that of a third-party vendor; the supply chain incident affected several other clients as well.

CrowdStrike Spends to Boost Identity Threat Detection

Adaptive Shield is the third security posture management provider the company has acquired in the last 14 months as identity-based attacks continue to rise.

Data Vigilante Leaks 8 Million Employee Records from Amazon, HP and Others

Aftermath of MOVEit vulnerability: Data vigilante ‘Nam3L3ss’ leaks nearly 8 million employee records from industry giants like Amazon,…

The Power of the Purse: How to Ensure Security by Design

CISA should make its recommended goals mandatory and perform audits to ensure compliance.

Ubuntu Security Notice USN-7100-1

Ubuntu Security Notice 7100-1 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Kernel Live Patch Security Notice LSN-0107-1

A significant amount of vulnerabilities in the Linux kernel have been resolved that include use-after-free and race conditions.

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent access, leveraging unpatched vulnerabilities to infiltrate critical infrastructures," CloudSEK said in a

New SteelFox Malware Posing as Popular Software to Steal Browser Data

SteelFox malware targets software pirates through fake activation tools, stealing credit card data and deploying crypto miners. Learn…