Security Bulletin

CVE: CVE-2023-50387 Title: KeyTrap - Extreme CPU consumption in DNSSEC validator Document version: 2.0 Posting date: 13 February 2024 Program impacted: BIND 9 Versions affected: BIND 9.0.0 -> 9.16.46 9.18.0 -> 9.18.22 9.19.0 -> 9.19.20 (Versions...

CVE: CVE-2023-6516 Title: Specific recursive query patterns may lead to an out-of-memory condition Document version: 2.0 Posting date: 13 February 2024 Program impacted: BIND 9 Versions affected: BIND 9.16.0 -> 9.16.45 BIND Supported Preview Edition...

CVE: CVE-2023-5680 Title: Cleaning an ECS-enabled cache may cause excessive CPU load Document version: 2.0 Posting date: 13 February 2024 Program impacted: BIND 9 Versions affected: BIND Supported Preview Edition 9.11.3-S1 -> 9.11.37-S1 9.16.8-S1 ->...

CVE: CVE-2023-5679 Title: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution Document version: 2.0 Posting date: 13 February 2024 Program impacted: BIND 9 Versions affected: BIND 9.16.12 -> 9.16.45 9.18.0 -...

CVE: CVE-2023-5517 Title: Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled Document version: 2.0 Posting date: 13 February 2024 Program impacted: BIND 9 Versions affected: BIND 9.12.0 -> 9.16.45 9.18...

CVE: CVE-2023-4408 Title: Parsing large DNS messages may cause excessive CPU load Document version: 2.0 Posting date: 13 February 2024 Program impacted: BIND 9 Versions affected: BIND 9.0.0 -> 9.16.45 9.18.0 -> 9.18.21 9.19.0 -> 9.19.19 (Versions...

StateScoop reports that Florida lawmakers have been mulling to return $40 million in funding meant to advance state and local entities' cybersecurity defenses to the state's general fund.

The ongoing campaign incorporates individualized phishing lures and has targeted hundreds of user accounts across dozens of organizations.

Business Operations Manager Marifer started the We Are Cisco Singers as a way to connect when that was difficult, and it was an idea that changed her life.

California-based data security technology provider Cohesity has revealed plans to purchase Veritas Software's data protection unit for $7 billion, in a deal that is poised to be finalized by the latter part of this year, reports CRN.

CISA released one Industrial Control Systems (ICS) advisory on February 13, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-044-01 Mitsubishi Electric MELSEC iQ-R...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Safety CPU and SIL2 Process CPU Module Vulnerability: Incorrect Privilege Assignment 2. RISK...