Sixty vulnerabilities were patched in the latest version of file transfer utility Rsync, including two allowing malicious code execution on servers. Clients only need anonymous read-access for exploitation. Hackers could also control a server to read/write files from any connected client, potentially extracting sensitive data. All issues affect Rsync versions prior to v3.4.0. Users are urged to implement the fixes, and updated Rsync packages have been released for Ubuntu and Debian.
HHS reaches HIPAA settlement with Solara Medical Supplies
Medical supplier Solara Medical Supplies has agreed to pay $3 million and undergo a corrective action plan in a settlement with the HHS Office for
