Security Pop Quiz! q34.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber securingtomorrow.mcafee.com
    Quick Heal Threat Post Naked Security ESET CIS
    • September 2020 Top 10 Malware Tue, 20 Oct 2020 12:00:57 +0000

      In September 2020, we had 3 malware return to the Top 10: CoinMiner, CryptoWall, and Emotet. The Top 10 Malware variants composed 87% of Total Malware activity in September 2020, up from 78% in August 2020. This increase is largely due to the recent Shlayer campaign ramping up, as the education year begins for universities […]

      The post September 2020 Top 10 Malware appeared first on CIS.

    Malware Patrol SecList
    • GravityRAT: The spy returns
      In 2019, on VirusTotal, we encountered a curious piece of Android spyware which, when analyzed, seemed connected to GravityRAT. The cybercriminals had added a spy module to Travel Mate, an Android app for travelers to India, the source code of which is available on Github.
    MySonicWall

    Critical Infrastructure

    Case Studies

    Tools

    Exploits

    Last 20 Website Defacements - Zone-h

    Press Play to hear the answer!

    Advisories

    • Red Hat Security Advisory 2020-4274-01 Mon, 19 Oct 2020 15:57:34 GMT
      Red Hat Security Advisory 2020-4274-01 - The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. Issues addressed include a code execution vulnerability.
    • Red Hat Security Advisory 2020-4272-01 Mon, 19 Oct 2020 15:51:52 GMT
      Red Hat Security Advisory 2020-4272-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
    • Gentoo Linux Security Advisory 202010-02 Sun, 18 Oct 2020 20:02:22 GMT
      Gentoo Linux Security Advisory 202010-2 - Multiple vulnerabilities have been found in Mozilla Firefox and Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 81.0 are affected.
    • Gentoo Linux Security Advisory 202010-01 Sat, 17 Oct 2020 19:32:22 GMT
      Gentoo Linux Security Advisory 202010-1 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 86.0.4240.75 are affected.
    • Ubuntu Security Notice USN-4546-2 Fri, 16 Oct 2020 15:16:38 GMT
      Ubuntu Security Notice 4546-2 - USN-4546-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, spoof the site displayed in the download dialog, or execute arbitrary code. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4584-1 Fri, 16 Oct 2020 15:13:56 GMT
      Ubuntu Security Notice 4584-1 - It was discovered that HtmlUnit incorrectly initialized Rhino engine. An attacker could possibly use this issue to execute arbitrary Java code.
    • Ubuntu Security Notice USN-4585-1 Fri, 16 Oct 2020 15:13:45 GMT
      Ubuntu Security Notice 4585-1 - It was discovered that Newsbeuter didn't handle the command line input properly. An remote attacker could use it to ran remote code by crafting a special input file. It was discovered that Newsbeuter didn't handle metacharacters in its filename properly. An remote attacker could use it to ran remote code by crafting a special filename.
    • Ubuntu Security Notice USN-4589-2 Fri, 16 Oct 2020 15:09:17 GMT
      Ubuntu Security Notice 4589-2 - USN-4589-1 fixed a vulnerability in containerd. This update provides the corresponding update for docker.io. It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4589-1 Fri, 16 Oct 2020 15:05:04 GMT
      Ubuntu Security Notice 4589-1 - It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials.
    • Kernel Live Patch Security Notice LSN-0072-1 Wed, 14 Oct 2020 20:15:10 GMT
      It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information (kernel memory). It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). Other issues where also addressed.
    • Ubuntu Security Notice USN-4583-1 Wed, 14 Oct 2020 20:14:14 GMT
      Ubuntu Security Notice 4583-1 - It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain HTTP cookies. An attacker could possibly use this issue to forge cookie which is supposed to be secure. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4582-1 Wed, 14 Oct 2020 20:14:09 GMT
      Ubuntu Security Notice 4582-1 - It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS. It was discovered that Vim incorrectly handled restricted mode. A local attacker could possibly use this issue to bypass restricted mode and execute arbitrary commands. Note: This update only makes executing shell commands more difficult. Restricted mode should not be considered a complete security measure. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4581-1 Wed, 14 Oct 2020 20:13:59 GMT
      Ubuntu Security Notice 4581-1 - It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection.
    • Red Hat Security Advisory 2020-4256-01 Wed, 14 Oct 2020 16:52:31 GMT
      Red Hat Security Advisory 2020-4256-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include a memory leak vulnerability.
    • Red Hat Security Advisory 2020-4257-01 Wed, 14 Oct 2020 16:52:24 GMT
      Red Hat Security Advisory 2020-4257-01 - Red Hat JBoss Enterprise Application Platform 7.3 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include a memory leak vulnerability.
    • Red Hat Security Advisory 2020-4255-01 Wed, 14 Oct 2020 16:52:18 GMT
      Red Hat Security Advisory 2020-4255-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.
    • Red Hat Security Advisory 2020-4254-01 Wed, 14 Oct 2020 16:52:12 GMT
      Red Hat Security Advisory 2020-4254-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.
    • Red Hat Security Advisory 2020-4252-01 Wed, 14 Oct 2020 16:52:06 GMT
      Red Hat Security Advisory 2020-4252-01 - This release of Red Hat build of Quarkus 1.7.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution and remote SQL injection vulnerabilities.
    • Red Hat Security Advisory 2020-4251-01 Wed, 14 Oct 2020 16:51:59 GMT
      Red Hat Security Advisory 2020-4251-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.445. Issues addressed include a code execution vulnerability.
    • Ubuntu Security Notice USN-4580-1 Wed, 14 Oct 2020 16:51:53 GMT
      Ubuntu Security Notice 4580-1 - Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
    • Ubuntu Security Notice USN-4579-1 Wed, 14 Oct 2020 16:51:47 GMT
      Ubuntu Security Notice 4579-1 - Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that the XFS file system in the Linux kernel did not properly validate inode metadata in some situations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4578-1 Wed, 14 Oct 2020 16:51:40 GMT
      Ubuntu Security Notice 4578-1 - Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that the XFS file system in the Linux kernel did not properly validate inode metadata in some situations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4577-1 Wed, 14 Oct 2020 16:51:34 GMT
      Ubuntu Security Notice 4577-1 - Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Giuseppe Scrivano discovered that the overlay file system in the Linux kernel did not properly perform permission checks in some situations. A local attacker could possibly use this to bypass intended restrictions and gain read access to restricted files. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4576-1 Wed, 14 Oct 2020 16:51:29 GMT
      Ubuntu Security Notice 4576-1 - Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4575-1 Wed, 14 Oct 2020 16:51:24 GMT
      Ubuntu Security Notice 4575-1 - It was discovered that dom4j incorrectly handled reading XML data. A remote attacker could exploit this with a crafted XML file to expose sensitive data or possibly execute arbitrary code.