Security Pop Quiz! q360.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber
    securingtomorrow.mcafee.com Quick Heal Threat Post Naked Security ESET CIS
    • How to Get Up and Running with CIS WorkBench Thu, 12 May 2022 18:09:00 Z
      Communities are at the heart of what CIS is all about. That's what led us to create CIS WorkBench. Read on to learn how this collaborative hub works.
    Malware Patrol SecList
    • HTML attachments in phishing e-mails
      In this article we review phishing HTML attachments, explaining common tricks the attackers use, and give statistics on HTML attachments detected by Kaspersky solutions.
    MySonicWall

    Critical Infrastructure

    Case Studies

    Tools

    Exploits

    Last 20 Website Defacements - Zone-h

    Press Play to hear the answer!

    Advisories

    • Ubuntu Security Notice USN-5421-1 Mon, 16 May 2022 14:16:31 GMT
      Ubuntu Security Notice 5421-1 - It was discovered that LibTIFF incorrectly handled certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Chintan Shah discovered that LibTIFF incorrectly handled memory when handling certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code.
    • Red Hat Security Advisory 2022-2253-01 Mon, 16 May 2022 14:16:11 GMT
      Red Hat Security Advisory 2022-2253-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a traversal vulnerability.
    • Red Hat Security Advisory 2022-2256-01 Mon, 16 May 2022 13:59:19 GMT
      Red Hat Security Advisory 2022-2256-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a traversal vulnerability.
    • Red Hat Security Advisory 2022-2255-01 Mon, 16 May 2022 13:55:34 GMT
      Red Hat Security Advisory 2022-2255-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a traversal vulnerability.
    • Red Hat Security Advisory 2022-2236-01 Fri, 13 May 2022 16:05:30 GMT
      Red Hat Security Advisory 2022-2236-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes.
    • Red Hat Security Advisory 2022-1699-01 Fri, 13 May 2022 16:05:21 GMT
      Red Hat Security Advisory 2022-1699-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.50.
    • Ubuntu Security Notice USN-5419-1 Fri, 13 May 2022 16:05:08 GMT
      Ubuntu Security Notice 5419-1 - It was discovered that Rsyslog improperly handled certain invalid input. An attacker could use this issue to cause Rsyslog to crash.
    • Ubuntu Security Notice USN-5420-1 Fri, 13 May 2022 16:04:39 GMT
      Ubuntu Security Notice 5420-1 - It was discovered that Vorbis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.
    • Red Hat Security Advisory 2022-2234-01 Thu, 12 May 2022 16:35:42 GMT
      Red Hat Security Advisory 2022-2234-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes.
    • Red Hat Security Advisory 2022-2237-01 Thu, 12 May 2022 16:35:35 GMT
      Red Hat Security Advisory 2022-2237-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes.
    • Red Hat Security Advisory 2022-2232-01 Thu, 12 May 2022 16:34:47 GMT
      Red Hat Security Advisory 2022-2232-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 8.3.1 replaces Data Grid 8.3.0 and includes bug fixes and enhancements. Issues addressed include a denial of service vulnerability.
    • Ubuntu Security Notice USN-5417-1 Thu, 12 May 2022 16:00:53 GMT
      Ubuntu Security Notice 5417-1 - Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information.
    • Ubuntu Security Notice USN-5418-1 Thu, 12 May 2022 16:00:27 GMT
      Ubuntu Security Notice 5418-1 - Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in the guest.
    • Ubuntu Security Notice USN-5416-1 Thu, 12 May 2022 15:59:16 GMT
      Ubuntu Security Notice 5416-1 - Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service.
    • Ubuntu Security Notice USN-5415-1 Thu, 12 May 2022 15:59:00 GMT
      Ubuntu Security Notice 5415-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.
    • Ubuntu Security Notice USN-5413-1 Thu, 12 May 2022 15:56:30 GMT
      Ubuntu Security Notice 5413-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
    • Red Hat Security Advisory 2022-2200-01 Thu, 12 May 2022 15:56:14 GMT
      Red Hat Security Advisory 2022-2200-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 5.0.214 and .NET Core Runtime 5.0.17. Issues addressed include a denial of service vulnerability.
    • Red Hat Security Advisory 2022-2216-01 Thu, 12 May 2022 15:55:09 GMT
      Red Hat Security Advisory 2022-2216-01 - Logging Subsystem 5.4.1 - Red Hat OpenShift. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.
    • Red Hat Security Advisory 2022-2199-01 Thu, 12 May 2022 15:53:37 GMT
      Red Hat Security Advisory 2022-2199-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 6.0.105 and .NET Core Runtime 6.0.5. Issues addressed include a denial of service vulnerability.
    • Red Hat Security Advisory 2022-2218-01 Thu, 12 May 2022 15:53:27 GMT
      Red Hat Security Advisory 2022-2218-01 - Openshift Logging Bug Fix Release. Issues addressed include HTTP request smuggling, denial of service, and man-in-the-middle vulnerabilities.
    • Red Hat Security Advisory 2022-2210-01 Thu, 12 May 2022 15:53:18 GMT
      Red Hat Security Advisory 2022-2210-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration. Issues addressed include a denial of service vulnerability.
    • Red Hat Security Advisory 2022-2201-01 Thu, 12 May 2022 15:52:58 GMT
      Red Hat Security Advisory 2022-2201-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.
    • Red Hat Security Advisory 2022-2186-01 Thu, 12 May 2022 15:52:46 GMT
      Red Hat Security Advisory 2022-2186-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
    • Red Hat Security Advisory 2022-2197-01 Thu, 12 May 2022 15:52:31 GMT
      Red Hat Security Advisory 2022-2197-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.
    • Red Hat Security Advisory 2022-2202-01 Thu, 12 May 2022 15:51:27 GMT
      Red Hat Security Advisory 2022-2202-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.419 and .NET Core Runtime 3.1.25. Issues addressed include a denial of service vulnerability.