Microsoft Incident Response lessons on preventing cloud identity compromise

Microsoft observed a surge in cyberattacks targeting identities in 2023, with attempted password-based attacks increasing by more than tenfold in the first quarter of 2023 compared to the same period ...

Continue Reading
(RHSA-2023:6365) Moderate: mod_auth_openidc security and bug fix update

The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...

Continue Reading
Possible user mocking that bypasses basic authentication

Impact next-auth applications prior to version 4.24.5 that rely on the default Middleware authorization are affected. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issu ...

Continue Reading
grafana security and enhancement update

[9.2.10-7] - resolve RHEL-12649 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch [9.2.1 ...

Continue Reading
API Leaks

## Grasping the Fundamentals of API Breaches API, short for [Application Programming Interface]( "Application Programming Interface" ), consists of a stipulated set of guidelines and procedures enabli ...

Continue Reading
Moderate: mod_auth_openidc:2.3 security and bug fix update

The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...

Continue Reading
Microsoft Incident Response lessons on preventing cloud identity compromise

Microsoft observed a surge in cyberattacks targeting identities in 2023, with attempted password-based attacks increasing by more than tenfold in the first quarter of 2023 compared to the same period ...

Continue Reading
Oracle Linux 8 : grafana (ELSA-2023-6972)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-6972 advisory. Grafana is validating Azure AD accounts based on the email cla ...

Continue Reading

Back to Main

Subscribe for the latest news: