| 4:05p |
Security updates for Tuesday
Security updates have been issued by openSUSE (chromium), Oracle (firefox), Red Hat (kernel), Scientific Linux (firefox), Slackware (sudo), SUSE (firefox, nodejs10, nodejs12, and nodejs14), and Ubuntu (apt, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-4.15, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-hwe-5.8, linux-oem-5.6, linux-oracle, linux-oracle-5.4, nvidia-graphics-drivers-390, nvidia-graphics-drivers-450, nvidia-graphics-drivers-460, python-apt, and xdg-utils). |
| 6:26p |
Google series on in-the-wild exploits The Google Project Zero blog is carrying a
six-part series exploring, in great detail, a set of sophisticated exploits discovered in the wild. " These exploit chains are designed
for efficiency & flexibility through their modularity. They are
well-engineered, complex code with a variety of novel exploitation methods,
mature logging, sophisticated and calculated post-exploitation techniques,
and high volumes of anti-analysis and targeting checks. We believe that
teams of experts have designed and developed these exploit chains. We hope
this blog post series provides others with an in-depth look at exploitation
from a real world, mature, and presumably well-resourced actor." |