AT&T Discloses Breach of Customer Data

On July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers.     CISA encourages customers to review the following AT&T article for additional information and follow necessary guidance to help protect personal information.    AT&T: Unlawful access of customer data…

Read More

Apache HTTP Server Prior to 2.4.60 Multiple Security Vulnerabilities

Qualys Security Advisory The Apache HTTP Server is a free and open-source cross-platform web server software. Multiple vulnerabilities have been addressed in Apache HTTP Server version 2.4.60. These vulnerabilities affect versions prior to 2.4.59 and have been resolved in version 2.4.60. Vulnerabilities DoS by Null Pointer in WebSocket over HTTP/2 (CVE-2024-36387) Description: Serving WebSocket protocol…

Read More

RHSA-2024:4542: Moderate: ruby security update

Redhat Security Advisory An update for ruby is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the…

Read More

USN-6898-1: Linux kernel vulnerabilities

Ubuntu Security Advisory Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained…

Read More