Aggregator

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.82/6.0.12. Affected by this issue is the function tbnet_open. The manipulation leads to memory leak. This vulnerability is handled as CVE-2022-48955. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.83/6.0.13. Affected by this vulnerability is the function perf_pending_task. The manipulation leads to use after free. This vulnerability is known as CVE-2022-48950. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.0.13. Affected is the function snd_soc_put_volsw_sx. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2022-48951. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

These types of "long-lived" credentials pose a risk for users across all major cloud service providers, and must meet their very timely ends, researchers say.

The networking company confirms that cyberattackers illegally accessed data belonging to some of its customers.

A vulnerability was found in Linux Kernel up to 6.0.12. It has been rated as critical. This issue affects the function ip6_fragment in the library include/net/ip6_fib.h. The manipulation leads to use after free. The identification of this vulnerability is CVE-2022-48956. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.112/6.6.56/6.11.3. It has been declared as problematic. This vulnerability affects the function wd33c93_intr. The manipulation of the argument scsi_pointer leads to improper initialization. This vulnerability was named CVE-2024-50026. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.0.11. It has been classified as critical. This affects the function btrfs_qgroup_inherit of the file include/linux/sched/mm.h. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2022-49033. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.157/5.15.81/6.0.11 and classified as critical. Affected by this issue is the function e100_xmit_prepare. The manipulation leads to use after free. This vulnerability is handled as CVE-2022-49026. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.81/6.0.11 and classified as problematic. Affected by this vulnerability is the function m_can_class_free_dev. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2022-49024. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.0.11. Affected is the function in_atomic of the file net/mptcp/protocol.c of the component mptcp. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2022-49018. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.81/6.0.11. This issue affects the function of_node_get/of_node_put of the component mdiobus. The manipulation leads to improper update of reference count. The identification of this vulnerability is CVE-2022-49016. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

 

It is good to see US government leaders realize that
ransomware is a growing existential threat to our country, at the hands of our
adversaries. 

 

A top US national cybersecurity advisor stated
in a recent op-ed, “This is a troubling practice that must end.”  The government is looking at ways to disrupt
ransomware attacks.  One tactic is to get
cyber insurance companies to stop reimbursements for ransoms.

 

Undermining ransomware is possible, but the only path is to
outlaw digital extortion payments.  This
targets the root of the problem by undermining the motivation of the attacker. 

 

For decades, cybersecurity and insurance companies have taken
advantage of growing attacks and fears to sell their products, which have not provided
a meaningful solution to stop the widespread surge of ransomware.  It has become a self-serving profit center to
motivate customers to purchase more tools and policies for a problem they are
not solving.

 

Security controls are a costly tactic where the attacker
maintains a significant overall advantage because they can quickly adapt, thereby
requiring more tools to be purchased by the potential victims who are caught in
an endless spending cycle.  Insurance
does nothing to reduce attacks, as it is a mechanism to transfer risk.  In fact, paying the attacker simply motivates
them more, thereby precipitating even more attacks!

 

There are feasible and practical plans
that would work.  However, security and
insurance companies are the first to cast doubt on any plans that may disrupt
their revenue streams.  Their narratives
are foreboding, but when closely examined, the fears of outlawing payments are largely unfounded. 

 

As a nation, we are beginning to see how digital extortion is
effectively being used by international adversaries and cybercriminals.  The trend will continue, rapidly causing more
extensive harm.  Traditional measures,
like continually adding more security tools, continue to fail in fundamental
ways, and we must take a different approach.

 

It is time for the US government to take a serious step
forward to undermine ransomware, without creating an unnecessary financial
burden on the potential victims, by outlawing digital extortion payments.

The post Are Leaders Ready to Break the Ransomware Cycle appeared first on Security Boulevard.

A vulnerability classified as critical was found in Linux Kernel up to 5.4.225/5.10.157/5.15.81/6.0.11. This vulnerability affects the function sctp_stream_outq_migrate. The manipulation leads to memory leak. This vulnerability was named CVE-2022-49013. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.81/6.0.11. This affects an unknown part. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2022-49004. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.81/6.0.11. It has been rated as critical. Affected by this issue is the function get_overflow_stack. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2022-49001. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

FBI Tracking Alleged Fraudsters Using Evidence Seized From Shuttered Genesis Market
An FBI probe into shuttered cybercrime site Genesis Market has led to the indictment of Terrance Ciszek, a now-suspended police detective in Buffalo, New York, who's been accused of buying stolen payment card data and recording a video showing fraudsters how to use it anonymously.

Deal Enhances Sophos’ Managed Security Portfolio, Adds AI-Powered Taegis XDR Tool
Sophos is acquiring Secureworks in a deal valued at $859 million, aiming to integrate its managed security services with Secureworks' Taegis XDR platform. This merger is expected to deliver advanced detection and response capabilities, and enhance global cybersecurity for businesses of all sizes.

Attack Method Exploits RAG-based Tech to Manipulate AI System's Output
Researchers found an easy way to manipulate the responses of an artificial intelligence system that makes up the backend of tools such as Microsoft 365 Copilot, potentially compromising confidential information and exacerbating misinformation. Researchers called the attack "ConfusedPilot."