#ssl

Ubuntu Security Notice 7119-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

QR codes are disproportionately effective at bypassing most anti-spam filters. Talos discovered two effective methods for defanging malicious QR codes, a necessary step to make them safe for consumption.

Since surfacing in August, the likely LockBit variant has claimed more than two dozen victims and appears poised to strike many more.

In further proof of the professionalization of Russian cybercriminal groups, ransomware gangs have been posting job ads for security positions such as pen testers, looking to boost their ransomware deployment operations.

Ubuntu Security Notice 7104-1 - It was discovered that curl could overwrite the HSTS expiry of the parent domain with the subdomain's HSTS entry. This could lead to curl switching back to insecure HTTP earlier than otherwise intended, resulting in information exposure.

Individual companies and entire industries alike must take responsibility for protecting customer data — and doing the right thing when they fail.

A widespread social media campaign for EditProAI turns out to spread information stealers for both Windows and MacOS users.

A vulnerability found in the Really Simple Security plug-in allows an attacker to remotely gain access to any account on an affected website, including the administrator, when 2FA is enabled.

### Summary utils.get_shared_secret() always returns -1 - allows anyone to connect to cobbler XML-RPC as user '' password -1 and make any changes. ### Details utils.py get_shared_secret: ``` def get_shared_secret() -> Union[str, int]: """ The 'web.ss' file is regenerated each time cobblerd restarts and is used to agree on shared secret interchange between the web server and cobblerd, and also the CLI and cobblerd, when username/password access is not required. For the CLI, this enables root users to avoid entering username/pass if on the Cobbler server. :return: The Cobbler secret which enables full access to Cobbler. """ try: with open("/var/lib/cobbler/web.ss", 'rb', encoding='utf-8') as fd: data = fd.read() except: return -1 return str(data).strip() ``` Always returns `-1` because of the following exception: ``` binary mode doesn't take an encoding argument ``` This appears to have been introduced by commit 32c5cad...

Legal documents released as part of an ongoing legal tussle between Meta's WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app to deliver Pegasus, including one even after it was sued by Meta for doing so. They also show that NSO Group repeatedly found ways to install the invasive surveillance tool on the target's devices as