Security Pop Quiz! q103.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber securingtomorrow.mcafee.com Quick Heal Threat Post Naked Security ESET CIS
  • Top 10 Malware July 2019 Tue, 20 Aug 2019 12:00:05 +0000

    The identified malware variants remain mostly consistent with June 2019, with the exception of the return of Cerber and Brambul activity. Top 10 malware activity accounted for 66% of total malware activity, a 3% increase over June. The proportion of top 10 malware to total malware remains above 60% since April 2019. This indicates a […]

    The post Top 10 Malware July 2019 appeared first on CIS.

Malware Patrol SecList
  • Agent 1433: remote attack on Microsoft SQL Server
    One of the most common attack on Microsoft SQL Server — the remote attack based on malicious jobs — has been around for a long time, but it is still used to get access to workstations through less-than-strong administrator password.
MySonicWall

Critical Infrastructure

Case Studies

Tools

Exploits

Last 20 Website Defacements - Zone-h

Press Play to hear the answer!

Advisories

  • Red Hat Security Advisory 2019-2543-01 Wed, 21 Aug 2019 19:45:34 GMT
    Red Hat Security Advisory 2019-2543-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A data disclosure vulnerability was addressed.
  • Red Hat Security Advisory 2019-2542-01 Wed, 21 Aug 2019 19:44:47 GMT
    Red Hat Security Advisory 2019-2542-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A data disclosure vulnerability was addressed.
  • Red Hat Security Advisory 2019-2545-01 Wed, 21 Aug 2019 19:44:06 GMT
    Red Hat Security Advisory 2019-2545-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A data disclosure vulnerability was addressed.
  • Red Hat Security Advisory 2019-2544-01 Wed, 21 Aug 2019 19:43:21 GMT
    Red Hat Security Advisory 2019-2544-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. A data disclosure vulnerability was addressed.
  • Ubuntu Security Notice USN-4109-1 Wed, 21 Aug 2019 19:43:14 GMT
    Ubuntu Security Notice 4109-1 - It was discovered that OpenJPEG incorrectly handled certain PGX files. An attacker could possibly use this issue to cause a denial of service or possibly remote code execution. It was discovered that OpenJPEG incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJPEG incorrectly handled certain PNM files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
  • Red Hat Security Advisory 2019-2541-01 Wed, 21 Aug 2019 19:42:49 GMT
    Red Hat Security Advisory 2019-2541-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.
  • Ubuntu Security Notice USN-4108-1 Wed, 21 Aug 2019 19:38:23 GMT
    Ubuntu Security Notice 4108-1 - It was discovered that Zstandard incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
  • Red Hat Security Advisory 2019-2538-01 Wed, 21 Aug 2019 19:38:16 GMT
    Red Hat Security Advisory 2019-2538-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a bypass vulnerability.
  • Debian Security Advisory 4504-1 Wed, 21 Aug 2019 19:35:50 GMT
    Debian Linux Security Advisory 4504-1 - Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed.
  • FreeBSD Security Advisory - FreeBSD-SA-19:24.mqueuefs Wed, 21 Aug 2019 19:35:29 GMT
    FreeBSD Security Advisory - System calls operating on file descriptors obtain a reference to relevant struct file which due to a programming error was not always put back, which in turn could be used to overflow the counter of affected struct file. A local user can use this flaw to obtain access to files, directories, sockets, etc., opened by processes owned by other users. If obtained struct file represents a directory from outside of user's jail, it can be used to access files outside of the jail. If the user in question is a jailed root they can obtain root privileges on the host system.
  • FreeBSD Security Advisory - FreeBSD-SA-19:23.midi Wed, 21 Aug 2019 19:35:17 GMT
    FreeBSD Security Advisory - The kernel driver for /dev/midistat implements a handler for read(2). This handler is not thread-safe, and a multi-threaded program can exploit races in the handler to cause it to copy out kernel memory outside the boundaries of midistat's data buffer. The races allow a program to read kernel memory within a 4GB window centered at midistat's data buffer. The buffer is allocated each time the device is opened, so an attacker is not limited to a static 4GB region of memory. On 32-bit platforms, an attempt to trigger the race may cause a page fault in kernel mode, leading to a panic.
  • FreeBSD Security Advisory - FreeBSD-SA-19:22.mbuf Wed, 21 Aug 2019 19:34:21 GMT
    FreeBSD Security Advisory - Due do a missing check in the code of m_pulldown(9) data returned may not be contiguous as requested by the caller. Extra checks in the IPv6 code catch the error condition and trigger a kernel panic leading to a remote DoS (denial-of-service) attack with certain Ethernet interfaces. At this point it is unknown if any other than the IPv6 code paths can trigger a similar condition.
  • Red Hat Security Advisory 2019-2534-01 Wed, 21 Aug 2019 19:34:00 GMT
    Red Hat Security Advisory 2019-2534-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This release of Red Hat 3scale API Management 2.6.0 replaces Red Hat 3scale API Management 2.5.1.
  • Ubuntu Security Notice USN-4107-1 Tue, 20 Aug 2019 22:04:25 GMT
    Ubuntu Security Notice 4107-1 - It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service.
  • Ubuntu Security Notice USN-4106-1 Tue, 20 Aug 2019 22:04:19 GMT
    Ubuntu Security Notice 4106-1 - Mike Salvatore discovered that NLTK mishandled crafted ZIP archives during extraction. A remote attacker could use this vulnerability to write arbitrary files to the filesystem.
  • Ubuntu Security Notice USN-4105-1 Tue, 20 Aug 2019 22:04:14 GMT
    Ubuntu Security Notice 4105-1 - Stephan Zeisberg discovered that the CUPS SNMP backend incorrectly handled encoded ASN.1 inputs. A remote attacker could possibly use this issue to cause CUPS to crash by providing specially crafted network traffic. It was discovered that CUPS did not properly handle client disconnection events. A local attacker could possibly use this issue to cause a denial of service or disclose memory from the CUPS server. Various other issues were also addressed.
  • Ubuntu Security Notice USN-4104-1 Tue, 20 Aug 2019 22:04:08 GMT
    Ubuntu Security Notice 4104-1 - Donny Davis discovered that the Nova Compute service could return configuration or other information in response to a failed API request in some situations. A remote attacker could use this to expose sensitive information.
  • Ubuntu Security Notice USN-4103-2 Tue, 20 Aug 2019 22:04:02 GMT
    Ubuntu Security Notice 4103-2 - Jasiel Spelman discovered that a double free existed in the docker-credential- helpers dependency of Docker. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
  • Ubuntu Security Notice USN-4103-1 Tue, 20 Aug 2019 22:03:56 GMT
    Ubuntu Security Notice 4103-1 - Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
  • MediaWiki OAuth2 Client 0.3 Cross Site Request Forgery Mon, 19 Aug 2019 15:09:50 GMT
    MediaWiki OAuth2 Client version 0.3 suffers from a cross site request forgery vulnerability.
  • Ubuntu Security Notice USN-4078-2 Mon, 19 Aug 2019 15:08:21 GMT
    Ubuntu Security Notice 4078-2 - USN-4078-1 fixed several vulnerabilities in openldap. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that OpenLDAP incorrectly handled rootDN delegation. A database administrator could use this issue to request authorization as an identity from another database, contrary to expectations. Various other issues were also addressed.
  • Ubuntu Security Notice USN-4102-1 Mon, 19 Aug 2019 15:08:16 GMT
    Ubuntu Security Notice 4102-1 - It was discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. It was discovered that LibreOffice incorrectly handled embedded scripts in document files. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary code. Various other issues were also addressed.
  • Ubuntu Security Notice USN-4100-1 Mon, 19 Aug 2019 15:08:05 GMT
    Ubuntu Security Notice 4100-1 - It was discovered that KConfig and KDE libraries have a vulnerability where an attacker could hide malicious code under desktop and configuration files. It was discovered that KConfig allows remote attackers to write to arbitrary files via a ../ in a filename in an archive file.
  • Red Hat Security Advisory 2019-2519-01 Mon, 19 Aug 2019 15:07:57 GMT
    Red Hat Security Advisory 2019-2519-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow, bypass, cross site scripting, denial of service, information leakage, and null pointer vulnerabilities.
  • Debian Security Advisory 4503-1 Mon, 19 Aug 2019 15:07:50 GMT
    Debian Linux Security Advisory 4503-1 - Three vulnerabilities have been discovered in the Go programming language; "net/url" accepted some invalid hosts in URLs which could result in authorisation bypass in some applications and the HTTP/2 implementation was susceptible to denial of service.