Security Pop Quiz! q272.mp3

News

Packet Storm Security

• Medical Records For 24.3 Million Left Exposed
• New Algorithms Aim To Stamp Out Abuse On Twitter
• Poor Protocol Design For IoT Devices Fueling DDoS
• Novaestrat Exec Arrested After Ecuadorian Data Leak
• Alleged JPMorgan Hacker Set To Plead Guilty

Security Affairs

• More than 737 million medical radiological images found on open PACS servers
• Memory corruption flaw in AMD Radeon driver allows VM escape
• Skidmap Linux miner leverages kernel-mode rootkits to evade detection
• United States government files civil lawsuit against Edward Snowden
• Australia is confident that China was behind attack on parliament, political parties

Looking Glass Cyber

• Health-ISAC 2019 Fall Summit
• Integrating Cyber Intelligence with a Mature Network
• Protecting Organizations with Integrated Client + Network Cybersecurity
• Threat Modeling: ATT&CK-ing Risk Management
• Cybersecurity Fabric: The Future of Advanced Threat Response

securingtomorrow.mcafee.com

• Solving the Gamer’s Dilemma: Security vs. Performance
• Are Cash Transfer Apps Safe to Use? Here’s What Your Family Needs to Know
• Millions of Car Buyer Records Exposed: How to Bring This Breach to a Halt
• Countdown to MPOWER 2019: Survival Guide
• How To Practise Good Social Media Hygiene

Quick Heal

• Trivia! 5 things you never imagined could be hacked by cyber criminals
• The Free Mobile Anti-virus you are using can be a Fake!
• Teacher’s Day Special – Things that teachers must know about their students to make them cyber safe
• PowerShell: Living off the land!
• Cybersquatting and Typosquatting victimizing innocent customers and brands

Threat Post

• Marc Rogers: Success of Anonymous Bug Submission Program ‘Takes A Village’
• IRS Emails Promise a Refund But Deliver Botnet Recruitment
• Rethinking Responsibilities and Remedies in Social-Engineering Attacks
• Emotet Returns from Summer Vacation, Ramps Up Stolen Email Tactic
• Edward Snowden Sued by U.S. Over New Memoir

Naked Security

• WannaCry – the worm that just won’t die
• Is $100 million enough to save the web from ads?
• Leaky database spills data on 20 million Ecuadorians and businesses
• Common storage and router devices are still hopelessly broken
• Teenage gamer jailed over lethal swatting

ESET

• Remote access flaws found in popular routers, NAS devices
• Nearly all of Ecuador’s citizens caught up in data leak
• Week in security with Tony Anscombe
• A vulnerability in Instagram exposes personal information of users
• Selfies for kids – A guide for parents

CIS

• 4 Cyber Defense Tips for Finance Industry CISOs Tue, 17 Sep 2019 12:00:46 +0000
  

  By Sean Atkinson, Chief Information Security Officer When we think of a sector or industry most prone to cybercriminal activity, the financial sector comes to mind. With growing ransomware exploits and malware threats, financial sector organizations need to implement strict security controls to minimize risk. At the Center for Internet Security (CIS) we see the […]

  The post 4 Cyber Defense Tips for Finance Industry CISOs appeared first on CIS.

Malware Patrol

• Infosec Articles (8/25/19 – 9/8/19)
• Infosec Articles (8/11/19 – 8/24/19)

SecList

• Assessing the impact of protection from web miners
  Cryptocurrency mining is an energy-intensive business. According to some estimates, Bitcoin miners consume the same amount of energy as the Czech Republic.

MySonicWall

Critical Infrastructure

• Instituting Security in IoT Networks to Prepare for Massive 5G Rollouts
• Two Teens Jump Fence at Nuclear Reactor Facility
• Stepping Up Security for Transit Riders

• George Anderson, World Trade Center Security Director for the Port Authority of New York and New Jersey, to Receive 2019 SIA Insightful Practitioner Award
• American Airlines Mechanic Accused of Tampering with Plane
• Ensuring Duty of Care for Traveling Employees

• Cincinnati Metro Introduces New Buses with Surveillance Cameras
• Dean Stecklair Named 2018 Amtrak Police Department Officer of the Year
• Bay Area Rapid Transit Receives $1.7 Million Federal Grant for Police Patrols

Case Studies

• Safeguarding Security and Loss Prevention at Gap Inc.
• When Physical Intrusions Lead to Digital Breaches
• How Unified Device Management Is Critical to BYOD Enterprises

• Collecting Insights and Metrics with Guard Tour Software
• Florida-based Company Protects Government Buildings with Window Film
• Simplify Connected Campus Security

Tools

• Packet Fence 9.1.0
• Wireshark Analyzer 3.0.4
• OpenSSL Toolkit 1.1.1d
• Wapiti Web Application Vulnerability Scanner 3.0.2
• SQLMAP - Automatic SQL Injection Tool 1.3.9

• An Overview of the Jooble Platform
• The Future Of iTunes For Windows: Bright or Not Much?

Exploits

• Hospital-Management 1.26 SQL Injection
• Oracle Mojarra JSF / Eclipse Mojarra JSF 2.2 / 2.3 Cross Site Scripting
• Google Chrome Password Disclosure
• Microsoft Windows Internet Settings Security Feature Bypass
• V8 Map Migration Type Confusion
• LastPass Credential Leak From Previous Site
• Inteno IOPSYS Gateway 3DES Key Extraction Improper Access
• docPrint Pro 8.0 SEH Buffer Overflow
• AppXSvc 17763.1.amd64fre.rs5_release.180914-1434 Privilege Escalation
• Master Data Online Cross Site Request Forgery / Data Tampering

Last 20 Website Defacements - Zone-h

• http://www.elum.go.th/jp.htm
• http://biropemhumas.sulutprov.go.id/y.txt
• http://dishubkominfo.sulutprov.go.id/y.txt
• http://sigm-homolog.ima.sp.gov.br
• http://sigm-treinamento.campinas.sp.gov.br
• https://smeb.cearamirim.rn.gov.br
• https://sehab.cearamirim.rn.gov.br
• https://comunica.cearamirim.rn.gov.br
• https://pontoeletronico.cearamirim.rn.gov.br
• https://semsur.cearamirim.rn.gov.br
• http://centralaglab.gov.np/rizky.html
• https://www.necma.vic.gov.au/vps.html
• http://sisfa.sineace.gob.pe/LiL.html
• http://www.eliasmotsoaledi.gov.za/mike/justice.html
• http://www.fgtm.gov.za/lim368_odl/justice.html
• http://www.makhuduthamaga.gov.za/documents/justice.html
• http://www.fetakgomo.gov.za/counter/justice.html
• http://www.makhado.gov.za/sstaff/justice.html
• http://www.greaterletaba.gov.za/greaterletaba_old/justice.html
• http://keelek-phatumrat.go.th

Press Play to hear the answer!

Advisories

• Ubuntu Security Notice USN-4128-2 Wed, 18 Sep 2019 21:22:58 GMT
  Ubuntu Security Notice 4128-2 - It was discovered that the Tomcat 9 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. It was discovered that Tomcat 9 did not address HTTP/2 connection window exhaustion on write while addressing CVE-2019-0199. An attacker could possibly use this issue to cause a denial of service.
• Ubuntu Security Notice USN-4136-2 Wed, 18 Sep 2019 21:22:51 GMT
  Ubuntu Security Notice 4136-2 - USN-4136-1 fixed a vulnerability in wpa_supplicant. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that wpa_supplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service.
• Ubuntu Security Notice USN-4136-1 Wed, 18 Sep 2019 21:22:46 GMT
  Ubuntu Security Notice 4136-1 - It was discovered that wpa_supplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service.
• Ubuntu Security Notice USN-4135-1 Wed, 18 Sep 2019 21:22:40 GMT
  Ubuntu Security Notice 4135-1 - Peter Pi discovered a buffer overflow in the virtio network backend implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service or possibly execute arbitrary code in the host OS. It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
• Ubuntu Security Notice USN-4135-2 Wed, 18 Sep 2019 21:22:34 GMT
  Ubuntu Security Notice 4135-2 - Peter Pi discovered a buffer overflow in the virtio network backend implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service or possibly execute arbitrary code in the host OS. It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
• Red Hat Security Advisory 2019-2791-01 Tue, 17 Sep 2019 20:58:39 GMT
  Red Hat Security Advisory 2019-2791-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the openshift-enterprise-console-operator container image for Red Hat OpenShift Container Platform 4.1.16.
• Red Hat Security Advisory 2019-2792-01 Tue, 17 Sep 2019 20:58:29 GMT
  Red Hat Security Advisory 2019-2792-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the openshift-enterprise-container container image for Red Hat OpenShift Container Platform 4.1.16. Issues addressed include a cross site request forgery vulnerability.
• Red Hat Security Advisory 2019-2775-01 Tue, 17 Sep 2019 20:58:22 GMT
  Red Hat Security Advisory 2019-2775-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2019-2780-01 Tue, 17 Sep 2019 20:57:40 GMT
  Red Hat Security Advisory 2019-2780-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. A TLS man-in-the-middle vulnerability was addressed.
• Ubuntu Security Notice USN-4113-2 Tue, 17 Sep 2019 16:48:23 GMT
  Ubuntu Security Notice 4113-2 - USN-4113-1 fixed vulnerabilities in the Apache HTTP server. Unfortunately, that update introduced a regression when proxying balancer manager connections in some configurations. This update fixes the problem. Various other issues were also addressed.
• Red Hat Security Advisory 2019-2804-01 Tue, 17 Sep 2019 16:47:39 GMT
  Red Hat Security Advisory 2019-2804-01 - Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat Fuse 6.3 and Red Hat A-MQ 6.3. It includes bug fixes, which are documented in the patch notes accompanying the package on the download page. Issues addressed include code execution, cross site request forgery, and deserialization vulnerabilities.
• Debian Security Advisory 4524-1 Tue, 17 Sep 2019 16:47:28 GMT
  Debian Linux Security Advisory 4524-1 - Multiple vulnerabilities have been discovered in the Dino XMPP client, which could allow spoofing message, manipulation of a user's roster (contact list) and unauthorised sending of message carbons.
• Slackware Security Advisory - expat Updates Tue, 17 Sep 2019 16:47:22 GMT
  Slackware Security Advisory - New expat packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
• Red Hat Security Advisory 2019-2779-01 Tue, 17 Sep 2019 16:46:38 GMT
  Red Hat Security Advisory 2019-2779-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. A TLS man-in-the-middle vulnerability was addressed.
• Red Hat Security Advisory 2019-2778-01 Tue, 17 Sep 2019 16:45:52 GMT
  Red Hat Security Advisory 2019-2778-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. A TLS man-in-the-middle vulnerability was addressed.
• Red Hat Security Advisory 2019-2777-01 Tue, 17 Sep 2019 16:45:02 GMT
  Red Hat Security Advisory 2019-2777-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. A TLS man-in-the-middle vulnerability was addressed.
• Ubuntu Security Notice USN-4124-2 Mon, 16 Sep 2019 16:00:28 GMT
  Ubuntu Security Notice 4124-2 - USN-4124-1 fixed a vulnerability in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands. Various other issues were also addressed.
• Debian Security Advisory 4523-1 Mon, 16 Sep 2019 16:00:11 GMT
  Debian Linux Security Advisory 4523-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, information disclosure and a covert content attack on S/MIME encryption using a crafted multipart/alternative message.
• Red Hat Security Advisory 2019-2774-01 Mon, 16 Sep 2019 15:56:49 GMT
  Red Hat Security Advisory 2019-2774-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.
• Ubuntu Security Notice USN-4134-1 Mon, 16 Sep 2019 15:56:34 GMT
  Ubuntu Security Notice 4134-1 - Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user.
• Ubuntu Security Notice USN-4133-1 Mon, 16 Sep 2019 15:53:09 GMT
  Ubuntu Security Notice 4133-1 - It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.
• Debian Security Advisory 4522-1 Mon, 16 Sep 2019 15:52:44 GMT
  Debian Linux Security Advisory 4522-1 - Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed.
• Ubuntu Security Notice USN-4129-2 Thu, 12 Sep 2019 20:42:18 GMT
  Ubuntu Security Notice 4129-2 - USN-4129-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
• Ubuntu Security Notice USN-4132-2 Thu, 12 Sep 2019 20:42:12 GMT
  Ubuntu Security Notice 4132-2 - USN-4132-1 fixed a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
• Ubuntu Security Notice USN-4132-1 Thu, 12 Sep 2019 20:42:05 GMT
  Ubuntu Security Notice 4132-1 - It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.