Security News
A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of creating an encryptor to target FreeBSD servers. [...]
The maintainers of the FreeBSD Project have released security updates to address a high-severity flaw in OpenSSH that attackers could potentially exploit to execute arbitrary code remotely with elevated privileges. The vulnerability, tracked as CVE-2024-7589, carries a CVSS score of 7.4 out of a maximum of 10.0, indicating high severity.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Please turn on your JavaScript for this page to function normally. FreeBSD provides sophisticated features in networking, performance, security, and compatibility.
One of the first low-level network tools that any computer user learns about is the venerable ping utility. As a result, ping it uses a much lower-level protocol than TCP. Indeed, ping doesn't even use TCP's more casual cousin UDP, short for user datagram protocol, which a way of transmitting data chunks that is fast and easy, but is popularly referred to as send-and-hope.
The maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution. The issue, assigned the identifier CVE-2022-23093, impacts all supported versions of FreeBSD and concerns a stack-based buffer overflow vulnerability in the ping service.
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. The ransomware's Linux version also fails to trigger the encryption if executed without root privileges because it attempts to drop the ransom note on compromised devices' root file systems.
OpenVPN, WireGuard, IKEv2/IPSec also vulnerable to unmasking flaw, we're told A bug in the way Unix-flavored systems handle TCP connections could put VPN users at risk of having their encrypted...
Three vulnerabilities in the FreeBSD and Linux kernels could allow attackers to induce a denial-of-service by clogging networking I/O.
The Skein hash function is now part of FreeBSD....