-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Jul 22, 2023
> Distributed Denial of Service (DDoS) botnets have been used to actively exploit a critical vulnerability found in Zyxel firewall models.
> The flaw, identified by Fortinet security researchers as CVE-2023-28771, explicitly affects Linux platforms.
> Exploiting the vulnerability, remote attackers gain unauthorized control over the vulnerable systems, enabling them to conduct DDoS attacks.
> [...]
> "The severity of this flaw, rated 9.8 on the CVSS scoring system, was reported by researchers from TRAPA Security," Lin wrote.
> Repeated breaches of cloud computing services makes understanding a recent incident affecting Microsoft essential.
> Active since 2016, the group known as Syssphinx continues to refine its attack methods to deploy ransomware.
> Security updates have been issued by Fedora (golang, nodejs16, nodejs18, and R-jsonlite), Red Hat (java-1.8.0-openjdk and java-17-openjdk), SUSE (container-suseconnect, redis, and redis7), and Ubuntu (wkhtmltopdf).
> Lawrence Abrams takes us through a recent Coveware report on Clop’s shifting strategies and how recent trends in exfiltration-only have impacted the amount of ransom victims are paying.
> To celebrate Franco-German friendship, German Transport Minister Wissing and his French counterpart Beaune came up with something special: 30,000 free Interrail tickets per country for travel in Germany and France for young adults between 18 and 27. Codename: “Passe France Allemagne”
> However, many things went wrong when the Interrail passes were distributed. In the following, we want to take you on a journey through the stages of the not-so-well-implemented ticket and show you how you could still get a pass after registration ended.
> According to a recently-released meeting agenda, the Securities and Exchange Commission’s (“SEC”) upcoming July 26, 2023 meeting will include consideration of adopting rules to enhance disclosures regarding cybersecurity risk management, governance, and incidents by publicly traded companies.
> The leaked data contains sensitive information like home address, phone number, date of birth, and even T-shirt size.
> Letters highlight concerns stemming from use of technologies that may share a user’s sensitive health information
-- Response ended
-- Page fetched on Sat Jun 1 08:41:44 2024