CyberSecurityBoard
Sponsor Register Login

18th Anniversary Post: New Species of Pygmy Squid Discovered

They're Ryukyuan pygmy squid and Hannan's pygmy squid.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Yes, this is the eighteenth anniversary of Friday Squid Blogging.
The first squid post is from January 6, 2006, and I have been posting them weekly since then.
Never did I believe there would be so much to write about squid-but the links never seem to end.


This Cyber News was published on www.schneier.com. Publication date: Fri, 05 Jan 2024 22:43:28 +0000


Cyber News related to 18th Anniversary Post: New Species of Pygmy Squid Discovered

18th Anniversary Post: New Species of Pygmy Squid Discovered - They're Ryukyuan pygmy squid and Hannan's pygmy squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Yes, this is the eighteenth anniversary of Friday Squid Blogging. The first squid ...
10 months ago Schneier.com
CVE-2024-23638 - Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of ...
6 months ago
CVE-2024-25617 - Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Collapse of Data into Unsafe Value bug ,Squid may be vulnerable to a Denial of Service attack against HTTP header parsing. This problem allows a remote ...
7 months ago
CVE-2023-46724 - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate ...
1 year ago
Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
1 month ago Aws.amazon.com
Cisco's Commitment to Human Rights: A Tribute to the 75th Anniversary of the Universal Declaration of Human Rights - December 10 marks the 75th anniversary of the United Nations' adoption of the Universal Declaration of Human Rights, a landmark document that for the first time recognized human rights and freedoms are inherent to all individuals, regardless of ...
11 months ago Feedpress.me
Government Quash All Post Office Horizon Convictions - It comes after the government in July 2021 had promised to compensate those postmasters who had their Horizon-related convictions overturned. The Government said this week it has committed to making sure these convictions are overturned by the end of ...
10 months ago Silicon.co.uk
CVE-2019-18678 - An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches ...
4 years ago
CVE-2023-49288 - Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to ...
11 months ago Tenable.com
Post-Quantum Cryptography Alliance Launches to Advance Post-Quantum Cryptography - PRESS RELEASE. SAN FRANCISCO, Feb. 6, 2024 /PRNewswire/ - The Linux Foundation is excited to announce the launch of the Post-Quantum Cryptography Alliance, an open and collaborative initiative to drive the advancement and adoption of post-quantum ...
9 months ago Darkreading.com
East Texas hospital network can't receive ambulances because of potential cybersecurity incident - GetTime();if(!(u<=a&&d<=l throw new RangeError("Invalid interval");return r.inclusive?u<=l&&d<=a:ut||isNaN(t. Step):1;if(s<1||isNaN(s throw new RangeError("`options. Step):1;if(l<1||isNaN(l throw new RangeError("`options. GetTime()<=n throw new ...
11 months ago Cnn.com
Friday Squid Blogging: New Foods from Squid Fins - We only eat about half of a squid, ignoring the fins. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. It's just a complaint; the SEC still has to prove the allegations in court. It's ...
10 months ago Schneier.com
Friday Squid Blogging: New Squid Species - About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998. I'm a fellow and ...
4 months ago Schneier.com
Friday Squid Blogging: Footage of Black-Eyed Squid Brooding Her Eggs - Amazing footage of a black-eyed squid carrying thousands of eggs. They tend to hang out about 6,200 feet below sea level. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Corton January ...
9 months ago Schneier.com
Friday Squid Blogging: Operation Squid - Operation Squid found 1.3 tons of cocaine hidden in frozen fish. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Gay parades for all you must all be gay or kneel before the gays in ...
8 months ago Schneier.com
CVE-2019-12525 - An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if ...
2 years ago
CVE-2020-15811 - An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser ...
3 years ago
Toward greater transparency: Unveiling Cloud Service CVEs - Welcome to the second installment in our series on transparency at the Microsoft Security Response Center. In this ongoing discussion, we discuss our commitment to provide comprehensive vulnerability information to our customers. At MSRC, our mission ...
4 months ago Msrc.microsoft.com
CVE-2023-49285 - Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are ...
11 months ago Tenable.com
CVE-2024-25111 - Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause ...
8 months ago Tenable.com
CVE-2023-50269 - Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request ...
11 months ago Tenable.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
11 months ago Feeds.dzone.com
Tech Giants Form Post-Quantum Cryptography Alliance - The Linux Foundation today announced the launch of the Post-Quantum Cryptography Alliance, an initiative to advance and drive the adoption of post-quantum cryptography. Founded by AWS, Cisco, IBM, IntellectEU, Nvidia, QuSecure, SandboxAQ, and the ...
9 months ago Securityweek.com
Type Juggling Leads to Two Vulnerabilities in POST SMTP Mailer WordPress Plugin - On December 14th, 2023, during our Bug Bounty Program Holiday Bug Extravaganza, we received a submission for an Authorization Bypass vulnerability in POST SMTP Mailer, a WordPress plugin with over 300,000+ active installations. This vulnerability ...
10 months ago Wordfence.com
CVE-2020-35650 - Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Groups for LearnDash before v3.7 allow authenticated remote attackers to inject arbitrary JavaScript or HTML via the ulgm_code_redeem POST Parameter in user-code-redemption.php, the ...
3 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)