LinuxSecurity.com

Fix for CVE-2024-31497

Fix for CVE-2024-31497

Update to 115.10.1 https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/ Fix https://bugzilla.redhat.com/show_bug.cgi?id=2276078 Including security update to 115.10.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/

Update to 1.15.8 Fix CVE-2024-32462

Updates Fedora 30 to Kubernetes 1.27.13. Resolves CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin. In addition, a few bug and regression fixes.

fix Usage of disabled protocol (CVE-2024-2004) fix HTTP/2 push headers memory-leak (CVE-2024-2398)

Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a Debian-based operating system that enables users to remain incognito online and securely browse the web.

In Complete Guide to Keylogging in Linux: Part 1 , we discussed how to write keyloggers for Linux by reading keyboard device events. This article will continue to discuss keyboard event capture so you have more techniques to use for keylogger attacks in network security.

Fedora 40 , the newest version of the Fedora operating system, is an efficient and lightning-fast release with various new and useful features. Compared to its previous releases, Fedora 40 is lightning-fast and offers maximum efficiency to users.

Keylogger attacks in network security have become more popular over time. Therefore, businesses must implement procedures and tactics to prevent these network security issues from harming a server.

The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew of improvements and new features that will certainly intrigue security practitioners. This release aims to enhance user-facing features while addressing compatibility and security issues.

The alarming discovery of a backdoor in the xz data compression library , which had the potential to compromise Linux systems, has dominated recent security news. While the backdoor did not make its way into production Linux distributions, the incident raises crucial questions about open-source security and the need for vigilance in the face of emerging threats.

update to 124.0.6367.60 High CVE-2024-3832: Object corruption in V8 High CVE-2024-3833: Object corruption in WebAssembly High CVE-2024-3914: Use after free in V8 High CVE-2024-3834: Use after free in Downloads

New upstream release (125.0)

Security fix for CVE-2023-5752

Update to 1.15.8 Fixes CVE-2024-32462

Security fix for CVE-2024-27316

Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on Windows systems but later shifted its attention to Linux servers, mainly targeting VMware ESXi virtual machines. The ransomware leverages different methods for initial access to target networks, such as exploiting known flaws in Cisco appliances, spear phishing, and abusing VPN services lacking multi-factor authentication protections. It also utilizes various tools for setting up persistence, privilege escalation, and lateral movement within networks.

In the world of open-source software , security vulnerabilities can have widespread consequences. The recent publication of a Linux privilege-escalation proof-of-concept exploit has sent shockwaves through the Linux community, demanding the immediate attention of Linux admins, infosec professionals, internet security enthusiasts, and sysadmins.