Security Pop Quiz! q530.mp3

News

Packet Storm Security

• Hacker Conference Speaker Axed Over Abortion Views
• Exposed Database Dumps PII Of 1.6 Million Job Seekers
• Telegram DDoS Attack Launched Mostly From China
• U.S. Defense, Intelligence Ramps Up Efforts To Insert Malware In Russia's Grid
• Evernote Critical Flaw Opened Personal Data Of Millions To Attack

Security Affairs

• DHS also issued an alert for the Windows BlueKeep flaw
• Multiple DoS vulnerabilities affect Linux and FreeBSD
• A free Decryptor tool for GandCrab Ransomware released
• NYT Report: U.S. Cyber units planted destructive Malware in Russian Power Grid
• New phishing campaign targets bank customers with WSH RAT

Looking Glass Cyber

• Information Security-as-a-Service
• scoutTHREAT™
• B-Sides Houston
• API Houston Cyber Security 2019
• scoutSHIELD™

securingtomorrow.mcafee.com

• The 2019 Job Seeker & The Cybersecurity Skills Shortage
• How to Book Your Next Holiday Online and NOT Get Scammed
• 5 Digital Risks to Help Your Teen Navigate this Summer
• ST05: Protecting Intellectual Property with Andrew Lancashire and Kate Scarcella
• Stop Discarding Devices Frequently- It’s Risky for Mother Earth as Well As Your Cybersecurity

Quick Heal

• The website I visited behaves weirdly. I wonder if I’m hacked?
• Beware! The padlock icon and HTTPS are no more indicators of safe website
• What makes Quick Heal’s Next Generation Suite of Features a SMART choice to protect your privacy?
• APT-27 like Newcore RAT, Virut exploiting MySQL for targeted attacks on enterprise
• CVE-2019-11815: Experts discovered a privilege escalation vulnerability in the Linux Kernel

Threat Post

• Irked Researcher Discloses Facebook WordPress Plugin Flaws
• 5,000 Twitter Accounts Linked to Disinformation Campaigns
• A Spate of University Breaches Highlight Email Threats in Higher Ed
• Microsoft Pushes Azure Users to Patch Linux Systems
• Ransomware: A Persistent Scourge Requiring Corporate Action Now

Naked Security

• Yubico recalls FIPS Yubikey tokens after flaw found
• Privacy foul for soccer league app that eavesdropped on users
• I’d like to add you to my professional network of people to spy on
• Widely used medical infusion pump can be remotely hijacked
• Monday review – the hot 21 stories of the week

ESET

• Malware sidesteps Google permissions policy with new 2FA bypass technique
• Week in security with Tony Anscombe
• GDPR one year on: Most Europeans know at least some of their rights
• Spain’s top soccer league fined over its app’s ‘tactics’
• Why cybercriminals are eyeing smart buildings

CIS

• Future of Cloud Security: Thoughts from AWS Public Sector Summit Fri, 14 Jun 2019 20:05:05 +0000
  

  The CIS team wrapped up a great week at AWS Public Sector Summit in Washington, DC. In addition to spreading the word about CIS at our booth on the busy expo floor we also participated in sessions. Read on to find out what we learned about the future of cloud security. Charles DeVoe Jr. – […]

  The post Future of Cloud Security: Thoughts from AWS Public Sector Summit appeared first on CIS.

Malware Patrol

• Infosec Articles (5/13/19 – 5/27/19)
• Infosec Articles (4/29/19 – 5/13/19)

SecList

• What kids get up to online
  To help children avoid potential dangers in the digital world, parents must understand what their children are interested in, know about the latest online trends, and be aware of ​​what might pose a risk.

MySonicWall

Critical Infrastructure

• Product Spotlight: GSOC Products And Solutions
• Cybersecurity for Critical Infrastructure
• How to Meet the Growing Demand for Cybersecurity Professionals

• London's Heathrow Airport to End Ban on Liquids in Carry On Luggage
• Sen. Rick Scott Unveils Budget for Port Security and Infrastructure in Florida
• Don't Forget Accommodations: Ensuring Traveler Safety 24/7

• Drug Positivity Rates Affecting Retail, Healthcare and More Sectors
• Cargo Thefts Declined in Q1 2019
• Chicago Metra Launches ‘COPS’ Crime-Reporting App

Case Studies

• Security Risk Management in Maryland's Seaports
• When Physical Intrusions Lead to Digital Breaches
• How Unified Device Management Is Critical to BYOD Enterprises

• Collecting Insights and Metrics with Guard Tour Software
• Florida-based Company Protects Government Buildings with Window Film
• Simplify Connected Campus Security

Tools

• Falco 0.15.3
• Falco 0.15.2
• Hyperion Runtime Encrypter 2.0
• HiddenWall Linux Firewall
• Zed Attack Proxy 2.8.0 Cross Platform Package

• Acunetix Integrated with OpenVAS for Network Pentest
• Introducing Data Security: Why is it Important for Every Organization?

Exploits

• Exim 4.91 Local Privilege Escalation
• Netperf 2.6.0 Buffer Overflow
• AROX School-ERP Pro Unauthenticated Remote Code Execution
• HC10 HC.Server Service 10.14 Remote Invalid Pointer Write
• Microsoft Word (2016) Deceptive File Reference
• Spring Security OAuth 2.3 Open Redirection
• Microsoft Windows UAC Protection Bypass
• RedwoodHQ 2.5.5 Authentication Bypass
• Clever Dog Smart Camera DOG-2W / DOG-2W-V4 File Disclosure / Backdoor
• Java Card Proof Of Concepts

Last 20 Website Defacements - Zone-h

• http://dz-water.gov.sy/Relaz.php
• http://www.bappeda.acehselatankab.go.id/ind3x.php
• http://siumkm.diskopukmnaker.banjarbarukota.go.id/maxxct.txt
• http://galerikumkmbanjarbaru.diskopukmnaker.banjarbarukota.go.id/maxxct.txt
• http://dppkad.nagekeokab.go.id/erere.htm
• http://admpemb.nagekeokab.go.id/erere.htm
• http://dishubkominfo.nagekeokab.go.id/erere.htm
• https://csa.gov.pk/raiz.html
• https://dded.gov.in/Legito.txt
• http://deorangpur.gov.bd/ip.php
• http://www.onur.gov.lk
• http://www.gramashakthi.gov.lk
• http://nrce.gov.in
• https://sameep.gov.ar/z.htm
• https://tampico.gob.mx/Legito.txt
• http://www.jeep.com.do/by.htm
• http://www.kamkoksoong.go.th
• http://www.paeng.go.th
• http://www.bayaolocal.go.th
• http://bp2kp.manggaraibaratkab.go.id/lin.php

Press Play to hear the answer!

Advisories

• Red Hat Security Advisory 2019-1483-01 Mon, 17 Jun 2019 19:16:28 GMT
  Red Hat Security Advisory 2019-1483-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2019-1482-01 Mon, 17 Jun 2019 19:16:21 GMT
  Red Hat Security Advisory 2019-1482-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2019-1481-01 Mon, 17 Jun 2019 19:16:14 GMT
  Red Hat Security Advisory 2019-1481-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2019-1488-01 Mon, 17 Jun 2019 19:16:05 GMT
  Red Hat Security Advisory 2019-1488-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2019-1479-01 Mon, 17 Jun 2019 19:15:58 GMT
  Red Hat Security Advisory 2019-1479-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.
• Debian Security Advisory 4464-1 Mon, 17 Jun 2019 17:15:16 GMT
  Debian Linux Security Advisory 4464-1 - Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.
• Ubuntu Security Notice USN-3991-3 Mon, 17 Jun 2019 17:15:15 GMT
  Ubuntu Security Notice 3991-3 - USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. Various other issues were also addressed.
• Red Hat Security Advisory 2019-1492-01 Mon, 17 Jun 2019 17:12:41 GMT
  Red Hat Security Advisory 2019-1492-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A connection rate limiting control vulnerability has been addressed.
• Red Hat Security Advisory 2019-1477-01 Mon, 17 Jun 2019 17:07:51 GMT
  Red Hat Security Advisory 2019-1477-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 75.0.3770.80. Issues addressed include buffer overflow and bypass vulnerabilities.
• Red Hat Security Advisory 2019-1476-01 Mon, 17 Jun 2019 17:05:06 GMT
  Red Hat Security Advisory 2019-1476-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.207. Issues addressed include a code execution vulnerability.
• Debian Security Advisory 4463-1 Mon, 17 Jun 2019 17:00:55 GMT
  Debian Linux Security Advisory 4463-1 - Two vulnerabilities were discovered in the ZNC IRC bouncer which could result in remote code execution (CVE-2019-12816) or denial of service via invalid encoding (CVE-2019-9917).
• Dell EMC Avamar ADMe Web UI 1.0.50 / 1.0.51 Local File Inclusion Fri, 14 Jun 2019 19:55:05 GMT
  Dell EMC Avamar ADMe Web Interface is affected by a local file inclusion vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application. Versions 1.0.50 and 1.0.51 are affected.
• Gemalto Java Card SE-2019-01 Issue 34 Fri, 14 Jun 2019 19:51:59 GMT
  This is the second of two extensive reports sent to Gemalto by Security Explorations to document vulnerabilities found in Java Card. Issue 34 is documented in this report.
• Gemalto Java Card SE-2019-01 Issues 19 And 33 Fri, 14 Jun 2019 19:50:27 GMT
  This is the first of two extensive reports sent to Gemalto by Security Explorations to document vulnerabilities found in Java Card. Issues 19 and 33 are in this report.
• Oracle Java Card SE-2019-01 Issues 26-32 Fri, 14 Jun 2019 19:49:28 GMT
  This is the third of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 26 through 32 are in this report.
• Oracle Java Card SE-2019-01 Issues 20-25 Fri, 14 Jun 2019 19:48:29 GMT
  This is the second of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 20 through 25 are in this report.
• Oracle Java Card SE-2019-01 Issues 1-18 Fri, 14 Jun 2019 19:44:38 GMT
  This is the first of three extensive reports sent to Oracle by Security Explorations to document vulnerabilities found in Java Card. Issues 1 through 18 are in this report.
• Debian Security Advisory 4462-1 Thu, 13 Jun 2019 22:22:22 GMT
  Debian Linux Security Advisory 4462-1 - Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage of this flaw to bypass authentication and connect to a DBusServer with elevated privileges.
• Slackware Security Advisory - mozilla-thunderbird Updates Thu, 13 Jun 2019 22:22:22 GMT
  Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.
• Red Hat Security Advisory 2019-1467-01 Thu, 13 Jun 2019 19:29:55 GMT
  Red Hat Security Advisory 2019-1467-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an information leakage vulnerability.
• Debian Security Advisory 4461-1 Wed, 12 Jun 2019 18:59:42 GMT
  Debian Linux Security Advisory 4461-1 - Harrison Neil discovered that the getACL() command in Zookeeper, a service for maintaining configuration information, did not validate permissions, which could result in information disclosure.
• Ubuntu Security Notice USN-4015-2 Wed, 12 Jun 2019 18:52:53 GMT
  Ubuntu Security Notice 4015-2 - USN-4015-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Joe Vennix discovered that DBus incorrectly handled DBUS_COOKIE_SHA1 authentication. A local attacker could possibly use this issue to bypass authentication and connect to DBus servers with elevated privileges. Various other issues were also addressed.
• Debian Security Advisory 4460-1 Wed, 12 Jun 2019 18:48:48 GMT
  Debian Linux Security Advisory 4460-1 - Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work, which may result in authentication bypass, denial of service, cross-site scripting, information disclosure and bypass of anti-spam measures.
• Ubuntu Security Notice USN-4016-2 Tue, 11 Jun 2019 17:22:22 GMT
  Ubuntu Security Notice 4016-2 - It was discovered that Neovim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
• Debian Security Advisory 4459-1 Tue, 11 Jun 2019 16:02:22 GMT
  Debian Linux Security Advisory 4459-1 - Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed.