![]() Sonrai Security has made a name for itself by securing enterprise clouds from the inside out, securing every identity, access, and permission in the cloud. ( Bleeping Computer) Thanks to this week’s episode sponsor, Sonrai Security Did you know that 81% of breaches are due to compromised identities? It’s a sobering statistic and one that enterprise organizations cannot afford to ignore. The company has explained in a statement that the problem was introduced by an error in the configuration of a server settings file. The problem has been extensively reported on social media and discussion platforms since May 16, 2023, with people appearing puzzled by the simultaneous connectivity issues on multiple ASUS routers and others complaining about the lack of communication from the vendor’s side. ( The Hacker News) ASUS routers knocked offline worldwide by bad security updateĪSUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity. Little else is known about how the flaw may be exploited, but vulnerabilities in Samsung phones have been weaponized by commercial spyware vendors in the past to deploy malicious software. Samsung described the issue as an information disclosure flaw that could be exploited by a privileged attacker to bypass address space layout randomization (ASLR) protections, a security technique designed to thwart memory corruption and code execution flaws by obscuring the location of an executable in a device’s memory. Tracked as CVE-2023-21492 (CVSS score: 4.4), it impacts select Samsung devices running Android versions 11, 12, and 13. ( The Hacker News) New security flaw exposed in Samsung devicesĬISA is now warning of active exploitation of a medium-severity flaw affecting Samsung devices. No additional details about the nature of the malware and threat actors involved in publishing those rogue packages to PyPI were disclosed. The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled the ability for users to sign up and upload new packages until further notice.”The volume of malicious users and malicious projects being created on the index in the past week has outpaced our ability to respond to it in a timely fashion, especially with multiple PyPI administrators on leave,” the admins said in a notice published on May 20, 2023. ( Bleeping Computer) PyPI repository under attack: User sign-ups and package uploads temporarily halted Since the buggy update seems to install automatically onto Internet-connected printers, HP customers are advised to disable their devices’ Internet connection and wait for a firmware update to fix the bricking issue. Customers in the U.S., the U.K., Germany, the Netherlands, Australia, Poland, New Zealand, and France have been posting complaints and reports. Affected customers report that their devices display blue screens with “83C0000B” errors on the built-in touchscreen. HP is working to address a bad firmware update that has been bricking HP Office Jet printers worldwide since it was released earlier this month. HP rushes to fix bricked printers after faulty firmware update
0 Comments
Leave a Reply. |