Security Pop Quiz! q518.mp3

News

Packet Storm Security

* Secret Service Creates Cyber Fraud Task Forces
* How To Protect Yourself From Identity Theft During COVID-19
* LinkedIn Sued For Snooping On iOS
* Israeli Court Dismisses Amnesty Bid To Block Spyware Firm NSO
* Signal's New PIN Feature Worries Cybersecurity Experts

Security Affairs

* Trump admits to have authorized a cyber attack on Russian troll farm in 2018
* Personal details and SSNs of 40,000 US citizens available for sale
* Malware campaign attempts to evade analysis with Any.Run sandbox
* Hacker claims to have breached Night Lion security firm
* Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Looking Glass Cyber

* Need a (SMB)Ghost Buster?
* Making Cybersecurity Policy Work for You: Tunable security mitigation at attack speed
* Elevating Security Orchestration with CACAO
* LookingGlass Cyber Solutions Announces Plans to Relaunch the Cyveillance Brand
* Social Engineering - Ever Present, Often Overlooked

securingtomorrow.mcafee.com

Quick Heal

* How to make online classes safe for your children from digital threats
* New malware via gaming portals may affect thousands of personal computers
* 70% apps in common use have security flaws. Are you protected?
* BHIM App attacked! Secure your online banking today with Quick Heal
* Poulight- An info-stealing trojan might be teaching you how to play Minecraft

Threat Post

* Critical SAP Bug Allows Full Enterprise System Takeover
* TrickBot Sample Accidentally Warns Victims They're Infected
* Secret Service Creates Cyber Fraud Task Forces
* A 'New Age' of Sophisticated Business Email Compromise is Coming
* The Enemy Within: How Insider Threats Are Changing

Naked Security

* Digicert revokes a raft of web security certificates
* Monday review - the hot stories of the week
* Mozilla turns off "Firefox Send" following malware abuse reports
* Kinda sorta weakened version of EARN IT Act creeps closer
* Company web names hijacked via outdated cloud DNS records

ESET

* Zoom patches zero‑day flaw in Windows client
* Week in security with Tony Anscombe
* Popular home routers plagued by critical security flaws
* Billions of stolen passwords for sale on the dark web
* More evil: A deep look at Evilnum and its toolset

CIS

• CIS Controls Community Volunteer Spotlight: Alan Watkins Mon, 13 Jul 2020 13:59:08 +0000
  

  The CIS Controls Community is fortunate to include many experienced IT security professionals who volunteer their time and expertise to help improve cybersecurity best practices and make the connected world a safer place. Alan Watkins has been a CIS Controls Ambassador and Volunteer since 2017. Most recently, he contributed to the Version 7.1 updates. Read […]

  The post CIS Controls Community Volunteer Spotlight: Alan Watkins appeared first on CIS.

Malware Patrol

* InfoSec Articles (06/20/20 - 07/04/20)
* InfoSec Articles (06/05/20 - 06/19/20)

SecList

• Redirect auction
  We've already looked at links under old YouTube videos or in Wikipedia articles which at some point turned bad and began pointing to partner program pages, phishing sites, or even malware. It was as if the attackers were purposely buying up domains, but such a scenario always seemed to us too complicated.

MySonicWall

Critical Infrastructure

* US Senate passes bill to extend CFATS
* PG&E offers personalized emergency plan tool for customers
* Protecting Industrial IoT devices

* Port Canaveral awarded Federal grant for Port Security Upgrades
* Visitors to Chicago from 15 states must quarantine for 14 days
* Qatar Airways requires face shields and face masks

* California adopts workplace safety standards for nighttime agricultural workers
* ISACA guide outlines how to strengthen enterprise supply chain resiliency
* TSA updates roadmap to address current global risks & threats to nation's transportation systems

Case Studies

* EL AL Airlines: Integrating Security into CI/CD with Seeker IAST from Synopsys
* Cybersecurity at Val Verde ISD
* Safeguarding Security and Loss Prevention at Gap Inc.

* Texas Window Film Company Working to Provide More Emergency Response Times in Schools
* 3M™ Window Film Adds Time, Increased Protection Against Active Shooters
* Collecting Insights and Metrics with Guard Tour Software

Tools

* Sifter 8.2
* nfstream 5.1.6
* Sifter 8
* TOR Virtual Network Tunneling Tool 0.4.3.6
* GNU Privacy Guard 2.2.21

* OSINT tutorial to Find Information from a Phone Number - PhoneInfoga Tool
* 5G - A Business Owner's Dream, A Hacker's Fantasy

Exploits

* Online Birth Certificate System 1.0 SQL Injection / Code Execution
* Curfew e-Pass Management System 1.0 SQL Injection
* Small CRM 2.0 SQL Injection
* User Registration And Login And User Management System 2.1 SQL Injection
* Online Polling System SQL Injection
* Park Ticketing Management System 1.0 SQL Injection
* Online DJ Booking Management System Project Report 1.0 SQL Injection / Code Execution
* Liferay Portal Remote Code Execution
* Responsive Online Blog 1.0 SQL Injection
* Pandora FMS 7.0 NG 7XX Remote Command Execution

Last 20 Website Defacements - Zone-h

* http://www.comune.rhemes-st-georges.ao.it/_input_3_.gif
* https://isc.idaho.gov/gsh.html
* http://gaffargaonpourashava.gov.bd/read.htm
* http://omb.gov.ph
* https://labour.py.gov.in/sites/default/files
* https://wcd.py.gov.in/sites/default/files
* https://tcpd.py.gov.in/sites/default/files
* https://dcsca.py.gov.in/sites/default/files
* https://info.py.gov.in//sites/default/files
* http://perpustakaan.pn-mungkid.go.id/repository/irev.txt
* http://perpustakaan.pt-jambi.go.id/repository/irev.txt
* http://sipulan.pn-manna.go.id/repository/irev.txt
* https://kkp.go.id
* http://donphothong.go.th/y.php
* http://civil.sakaeocity.go.th/pr.php
* http://www.samtambon.go.th/silence.html
* http://probien.gob.ar/0.htm
* http://ville-revin.fr/irev.txt
* http://secondary34.go.th/robh.htm
* http://www.pn-sinjai.go.id/a.php

Press Play to hear the answer!

Advisories

• Red Hat Security Advisory 2020-2412-01 Mon, 13 Jul 2020 19:31:01 GMT
  Red Hat Security Advisory 2020-2412-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution, cross site scripting, denial of service, and man-in-the-middle vulnerabilities.
• Red Hat Security Advisory 2020-2413-01 Mon, 13 Jul 2020 19:30:53 GMT
  Red Hat Security Advisory 2020-2413-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and use-after-free vulnerabilities.
• Red Hat Security Advisory 2020-2894-01 Mon, 13 Jul 2020 19:29:04 GMT
  Red Hat Security Advisory 2020-2894-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2020-2897-01 Mon, 13 Jul 2020 19:25:57 GMT
  Red Hat Security Advisory 2020-2897-01 - jbig2dec is a decoder implementation of the JBIG2 image compression format. Issues addressed include a buffer overflow vulnerability.
• Red Hat Security Advisory 2020-2893-01 Mon, 13 Jul 2020 19:22:59 GMT
  Red Hat Security Advisory 2020-2893-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
• Red Hat Security Advisory 2020-2895-01 Mon, 13 Jul 2020 19:22:41 GMT
  Red Hat Security Advisory 2020-2895-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass, denial of service, and integer overflow vulnerabilities.
• Ubuntu Security Notice USN-4376-2 Thu, 09 Jul 2020 18:42:27 GMT
  Ubuntu Security Notice 4376-2 - USN-4376-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Cesar Pereida Garc
• Ubuntu Security Notice USN-4419-1 Wed, 08 Jul 2020 21:24:55 GMT
  Ubuntu Security Notice 4419-1 - It was discovered that a race condition existed in the Precision Time Protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.
• Ubuntu Security Notice USN-4421-1 Wed, 08 Jul 2020 21:24:49 GMT
  Ubuntu Security Notice 4421-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird would continue an unencrypted connection when configured to use STARTTLS for IMAP if the server responded with PREAUTH. A remote attacker could potentially exploit this to perform a person-in-the-middle attack in order to obtain sensitive information. Various other issues were also addressed.
• Red Hat Security Advisory 2020-2870-01 Wed, 08 Jul 2020 15:44:46 GMT
  Red Hat Security Advisory 2020-2870-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2020-2863-01 Tue, 07 Jul 2020 19:52:45 GMT
  Red Hat Security Advisory 2020-2863-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2020-2861-01 Tue, 07 Jul 2020 19:52:38 GMT
  Red Hat Security Advisory 2020-2861-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include cross site scripting, denial of service, and server-side request forgery vulnerabilities.
• Red Hat Security Advisory 2020-2864-01 Tue, 07 Jul 2020 19:52:31 GMT
  Red Hat Security Advisory 2020-2864-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a resource exhaustion vulnerability.
• Applebot Incorrect Robots.txt Interpretation Tue, 07 Jul 2020 19:50:57 GMT
  Applebot/0.1 does not fully obey robots.txt as it interprets allow entries for Googlebot as implied permission for Applebot.
• MikroTik RouterOS Null Pointer Dereference / Division-By-Zero Tue, 07 Jul 2020 16:25:16 GMT
  MikroTik RouterOS versions prior to stable 6.47 suffer from multiple null pointer dereference vulnerabilities and one division-by-zero vulnerability.
• Ubuntu Security Notice USN-4420-1 Tue, 07 Jul 2020 16:21:03 GMT
  Ubuntu Security Notice 4420-1 - David Hill and Eric Harney discovered that Cinder and os-brick incorrectly handled ScaleIO backend credentials. An attacker could possibly use this issue to expose sensitive information.
• Red Hat Security Advisory 2020-2854-01 Tue, 07 Jul 2020 16:20:56 GMT
  Red Hat Security Advisory 2020-2854-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include denial of service, memory leak, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
• Red Hat Security Advisory 2020-2842-01 Tue, 07 Jul 2020 16:19:47 GMT
  Red Hat Security Advisory 2020-2842-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Sampling issues were addressed.
• Red Hat Security Advisory 2020-2840-01 Tue, 07 Jul 2020 16:18:36 GMT
  Red Hat Security Advisory 2020-2840-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a file read vulnerability.
• Red Hat Security Advisory 2020-2846-01 Tue, 07 Jul 2020 16:18:26 GMT
  Red Hat Security Advisory 2020-2846-01 - The gettext packages provide a documentation for producing multi-lingual messages in programs, set of conventions about how programs should be written, a runtime library, and a directory and file naming organization for the message catalogs. Issues addressed include a double free vulnerability.
• Red Hat Security Advisory 2020-2839-01 Tue, 07 Jul 2020 16:18:09 GMT
  Red Hat Security Advisory 2020-2839-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
• Red Hat Security Advisory 2020-2838-01 Tue, 07 Jul 2020 16:18:00 GMT
  Red Hat Security Advisory 2020-2838-01 - The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Issues addressed include an out of bounds read vulnerability.
• Red Hat Security Advisory 2020-2844-01 Tue, 07 Jul 2020 16:17:52 GMT
  Red Hat Security Advisory 2020-2844-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.
• Red Hat Security Advisory 2020-2833-01 Tue, 07 Jul 2020 16:17:43 GMT
  Red Hat Security Advisory 2020-2833-01 - The K Desktop Environment is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment. Issues addressed include a code execution vulnerability.
• Red Hat Security Advisory 2020-2835-01 Tue, 07 Jul 2020 16:17:01 GMT
  Red Hat Security Advisory 2020-2835-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include an underflow vulnerability.