Security Pop Quiz! q518.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber securingtomorrow.mcafee.com
    Quick Heal Threat Post Naked Security ESET CIS Malware Patrol SecList
    • Redirect auction
      We've already looked at links under old YouTube videos or in Wikipedia articles which at some point turned bad and began pointing to partner program pages, phishing sites, or even malware. It was as if the attackers were purposely buying up domains, but such a scenario always seemed to us too complicated.
    MySonicWall

    Critical Infrastructure

    Case Studies

    Tools

    Exploits

    Last 20 Website Defacements - Zone-h

    Press Play to hear the answer!

    Advisories

    • Red Hat Security Advisory 2020-2412-01 Mon, 13 Jul 2020 19:31:01 GMT
      Red Hat Security Advisory 2020-2412-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution, cross site scripting, denial of service, and man-in-the-middle vulnerabilities.
    • Red Hat Security Advisory 2020-2413-01 Mon, 13 Jul 2020 19:30:53 GMT
      Red Hat Security Advisory 2020-2413-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and use-after-free vulnerabilities.
    • Red Hat Security Advisory 2020-2894-01 Mon, 13 Jul 2020 19:29:04 GMT
      Red Hat Security Advisory 2020-2894-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.
    • Red Hat Security Advisory 2020-2897-01 Mon, 13 Jul 2020 19:25:57 GMT
      Red Hat Security Advisory 2020-2897-01 - jbig2dec is a decoder implementation of the JBIG2 image compression format. Issues addressed include a buffer overflow vulnerability.
    • Red Hat Security Advisory 2020-2893-01 Mon, 13 Jul 2020 19:22:59 GMT
      Red Hat Security Advisory 2020-2893-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
    • Red Hat Security Advisory 2020-2895-01 Mon, 13 Jul 2020 19:22:41 GMT
      Red Hat Security Advisory 2020-2895-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass, denial of service, and integer overflow vulnerabilities.
    • Ubuntu Security Notice USN-4376-2 Thu, 09 Jul 2020 18:42:27 GMT
      Ubuntu Security Notice 4376-2 - USN-4376-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Cesar Pereida Garc
    • Ubuntu Security Notice USN-4419-1 Wed, 08 Jul 2020 21:24:55 GMT
      Ubuntu Security Notice 4419-1 - It was discovered that a race condition existed in the Precision Time Protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4421-1 Wed, 08 Jul 2020 21:24:49 GMT
      Ubuntu Security Notice 4421-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird would continue an unencrypted connection when configured to use STARTTLS for IMAP if the server responded with PREAUTH. A remote attacker could potentially exploit this to perform a person-in-the-middle attack in order to obtain sensitive information. Various other issues were also addressed.
    • Red Hat Security Advisory 2020-2870-01 Wed, 08 Jul 2020 15:44:46 GMT
      Red Hat Security Advisory 2020-2870-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
    • Red Hat Security Advisory 2020-2863-01 Tue, 07 Jul 2020 19:52:45 GMT
      Red Hat Security Advisory 2020-2863-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
    • Red Hat Security Advisory 2020-2861-01 Tue, 07 Jul 2020 19:52:38 GMT
      Red Hat Security Advisory 2020-2861-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include cross site scripting, denial of service, and server-side request forgery vulnerabilities.
    • Red Hat Security Advisory 2020-2864-01 Tue, 07 Jul 2020 19:52:31 GMT
      Red Hat Security Advisory 2020-2864-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a resource exhaustion vulnerability.
    • Applebot Incorrect Robots.txt Interpretation Tue, 07 Jul 2020 19:50:57 GMT
      Applebot/0.1 does not fully obey robots.txt as it interprets allow entries for Googlebot as implied permission for Applebot.
    • MikroTik RouterOS Null Pointer Dereference / Division-By-Zero Tue, 07 Jul 2020 16:25:16 GMT
      MikroTik RouterOS versions prior to stable 6.47 suffer from multiple null pointer dereference vulnerabilities and one division-by-zero vulnerability.
    • Ubuntu Security Notice USN-4420-1 Tue, 07 Jul 2020 16:21:03 GMT
      Ubuntu Security Notice 4420-1 - David Hill and Eric Harney discovered that Cinder and os-brick incorrectly handled ScaleIO backend credentials. An attacker could possibly use this issue to expose sensitive information.
    • Red Hat Security Advisory 2020-2854-01 Tue, 07 Jul 2020 16:20:56 GMT
      Red Hat Security Advisory 2020-2854-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include denial of service, memory leak, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
    • Red Hat Security Advisory 2020-2842-01 Tue, 07 Jul 2020 16:19:47 GMT
      Red Hat Security Advisory 2020-2842-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Sampling issues were addressed.
    • Red Hat Security Advisory 2020-2840-01 Tue, 07 Jul 2020 16:18:36 GMT
      Red Hat Security Advisory 2020-2840-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a file read vulnerability.
    • Red Hat Security Advisory 2020-2846-01 Tue, 07 Jul 2020 16:18:26 GMT
      Red Hat Security Advisory 2020-2846-01 - The gettext packages provide a documentation for producing multi-lingual messages in programs, set of conventions about how programs should be written, a runtime library, and a directory and file naming organization for the message catalogs. Issues addressed include a double free vulnerability.
    • Red Hat Security Advisory 2020-2839-01 Tue, 07 Jul 2020 16:18:09 GMT
      Red Hat Security Advisory 2020-2839-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
    • Red Hat Security Advisory 2020-2838-01 Tue, 07 Jul 2020 16:18:00 GMT
      Red Hat Security Advisory 2020-2838-01 - The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Issues addressed include an out of bounds read vulnerability.
    • Red Hat Security Advisory 2020-2844-01 Tue, 07 Jul 2020 16:17:52 GMT
      Red Hat Security Advisory 2020-2844-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.
    • Red Hat Security Advisory 2020-2833-01 Tue, 07 Jul 2020 16:17:43 GMT
      Red Hat Security Advisory 2020-2833-01 - The K Desktop Environment is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment. Issues addressed include a code execution vulnerability.
    • Red Hat Security Advisory 2020-2835-01 Tue, 07 Jul 2020 16:17:01 GMT
      Red Hat Security Advisory 2020-2835-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include an underflow vulnerability.