Security Pop Quiz! q507.mp3

News

Packet Storm Security

* US Hacks Back Against Hive Ransomware Crew
* 2 Federal Agencies Hacked With Remote Monitoring
* Russian Hackers Launch Attack On Germany In Leopard Retaliation
* Google Slays Thousands Of Fake News Vids Posted By Dragonbridge
* What Happens When Crypto Derivatives Crash

Security Affairs

* Copycat Criminals mimicking Lockbit gang in northern Europe
* Sandworm APT targets Ukraine with new SwiftSlicer wiper
* ISC fixed high-severity flaws in DNS software suite BIND
* Patch management is crucial to protect Exchange servers, Microsoft warns
* Hacker accused of having stolen personal data of all Austrians and more

Looking Glass Cyber

securingtomorrow.mcafee.com

Quick Heal

* AsyncRAT Analysis with ChatGPT
* Quick Heal Supports Windows 10 Version 22H2
* Protect yourself from Vishing Attack!!
* Proactive Measures to Safeguard against the Ransomware Menace
* Your Data and Devices are safe with Quick Heal

Threat Post

* Student Loan Breach Exposes 2.5M Records
* Watering Hole Attacks Push ScanBox Keylogger
* Tentacles of '0ktapus' Threat Group Victimize 130 Firms
* Ransomware Attacks are on the Rise
* Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Naked Security

* Hive ransomware servers shut down at last, says FBI
* Dutch suspect locked up for alleged personal data megathefts
* S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
* GoTo admits: Customer cloud backups stolen together with decryption key
* Apple patches are out - old iPhones get an old zero-day fix at last!

ESET

* Are you in control of your personal data? - Week in security with Tony Anscombe
* SwiftSlicer: New destructive wiper malware strikes Ukraine
* Why your data is more valuable than you may realize
* Mastodon vs. Twitter: Know the differences
* 5 valuable skills your children can learn by playing video games

CIS

• Top 10 Malware December 2022 Fri, 20 Jan 2023 11:59:00 -0500
  In December 2022, the Top 10 Malware list remained consistent with November's list except for the return of three malware strains.

Malware Patrol

* InfoSec Articles (01/04/2023 - 01/16/2023)
* InfoSec Articles (12/19/2022 - 01/04/2023)

SecList

• What your SOC will be facing in 2023
  Supply chain and reoccurring attacks, data destruction, lack of staff — what challenges will your security operations center be facing in 2023?

MySonicWall

Critical Infrastructure

* Water storage is under cyber threat
* Cryptomining, credential theft & data exfiltration: Cyber threats in 2022
* The US electrical grid: Protecting our most vulnerable and needed assets

* 2022 breaks record for TSA firearm interceptions
* 5 geopolitical risk factors affecting organizations in 2023
* The future of airport security technology

* OSHA cites Amazon for unsafe working conditions
* 736 million passengers benefit from TSA improvements
* São Paulo metro system deploys facial recognition in transit stations

Case Studies

* The Old Spaghetti Factory restaurant chain ups network & physical security
* K-8 students learn cybersecurity through gamification
* Electric company uses SAP monitoring to bolster cybersecurity

* New York healthcare network expands K-9 security program
* Bridgestone Arena enhances NHL fan safety via screening system
* Polk State College adds emergency notification app

Tools

* Logwatch 7.8
* TOR Virtual Network Tunneling Tool 0.4.7.13
* Wireshark Analyzer 4.0.3
* MIMEDefang Email Scanner 3.3
* tcpdump 4.99.3

* OSINT tutorial to Find Information from a Phone Number - PhoneInfoga Tool
* 5G - A Business Owner's Dream, A Hacker's Fantasy

Exploits

* Razer Synapse 3.7.0731.072516 Local Privilege Escalation
* Micro Focus GroupWise Session ID Disclosure
* PHPJabbers Car Rental Script 3.0 SQL Injection
* Secure Web Gateway 10.2.11 Cross Site Scripting
* Inout Jobs Portal 2.2.2 Cross Site Scripting
* Inout Jobs Portal 2.2.2 SQL Injection
* Inout Music 5.1.1 SQL Injection
* Cacti 1.2.22 Command Injection
* Inout Search Engine 10.1.3 Cross Site Scripting
* Inout Homestay 2.2 SQL Injection

Last 20 Website Defacements - Zone-h

* https://epamil.gob.ec/ownz.html
* https://sbtp.gov.pk
* https://khulnattc.gov.bd
* https://sipp.pa-maninjau.go.id/ownz.html
* https://sisutan.pa-maninjau.go.id/ownz.html
* https://pa-maninjau.go.id/readme.html
* https://www.mada.gov.my/readme.html
* https://www.moe.gov.np/b.htm
* https://e-jurnal.peraturan.go.id/index2.php
* https://bkd.solokkab.go.id/index.php
* http://tsfc.gov.pk
* https://satpolpp.semarangkab.go.id/px2.html
* https://inspektorat.bonebolangokab.go.id/freedom.php
* http://kuedchang.go.th
* http://kcph.go.th
* https://www.bramley-pc.gov.uk
* http://testdj.cssphares.gouv.qc.ca/freedom.php
* https://ressourcespedagogiques.cssphares.gouv.qc.ca/freedom.php
* https://recit.cssphares.gouv.qc.ca/freedom.php
* https://cia-mistral.cssphares.gouv.qc.ca/freedom.php

Press Play to hear the answer!

Advisories

• Debian Security Advisory 5328-1 Fri, 27 Jan 2023 15:25:01 GMT
  Debian Linux Security Advisory 5328-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
• Red Hat Security Advisory 2023-0483-01 Fri, 27 Jan 2023 15:20:17 GMT
  Red Hat Security Advisory 2023-0483-01 - This asynchronous update patches Red Hat Fuse 7.11.1 on Karaf and Red Hat Fuse 7.11.1 on Spring Boot and several includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.
• Ubuntu Security Notice USN-5822-2 Fri, 27 Jan 2023 15:13:12 GMT
  Ubuntu Security Notice 5822-2 - USN-5822-1 fixed vulnerabilities in Samba. The update for Ubuntu 20.04 LTS introduced regressions in certain environments. Pending investigation of these regressions, this update temporarily reverts the security fixes. It was discovered that Samba incorrectly handled the bad password count logic. It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure Channel. Greg Hudson discovered that Samba incorrectly handled PAC parsing. Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets.
• Red Hat Security Advisory 2023-0476-01 Fri, 27 Jan 2023 15:09:20 GMT
  Red Hat Security Advisory 2023-0476-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
• Debian Security Advisory 5329-1 Fri, 27 Jan 2023 15:08:37 GMT
  Debian Linux Security Advisory 5329-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service against named.
• Red Hat Security Advisory 2023-0481-01 Fri, 27 Jan 2023 15:07:34 GMT
  Red Hat Security Advisory 2023-0481-01 - Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud. This advisory contains bug fixes and enhancements to the Submariner container images.
• Apple Security Advisory 2023-01-24-1 Fri, 27 Jan 2023 15:06:30 GMT
  Apple Security Advisory 2023-01-24-1 - tvOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.
• Red Hat Security Advisory 2023-0208-01 Fri, 27 Jan 2023 15:05:09 GMT
  Red Hat Security Advisory 2023-0208-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
• Red Hat Security Advisory 2023-0210-01 Fri, 27 Jan 2023 15:04:50 GMT
  Red Hat Security Advisory 2023-0210-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
• Red Hat Security Advisory 2023-0479-01 Fri, 27 Jan 2023 15:04:34 GMT
  Red Hat Security Advisory 2023-0479-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration.
• Red Hat Security Advisory 2023-0470-01 Fri, 27 Jan 2023 15:03:38 GMT
  Red Hat Security Advisory 2023-0470-01 - An update is now available for Migration Toolkit for Runtimes (v1.0.1).
• Red Hat Security Advisory 2023-0469-01 Fri, 27 Jan 2023 15:02:40 GMT
  Red Hat Security Advisory 2023-0469-01 - Red Hat Integration Camel Extensions for Quarkus 2.13.2 is now available. Issues addressed include denial of service and memory exhaustion vulnerabilities.
• Red Hat Security Advisory 2023-0471-01 Fri, 27 Jan 2023 15:01:22 GMT
  Red Hat Security Advisory 2023-0471-01 - An update is now available for Migration Toolkit for Runtimes (v1.0.1). Issues addressed include a denial of service vulnerability.
• Ubuntu Security Notice USN-5829-1 Thu, 26 Jan 2023 15:35:16 GMT
  Ubuntu Security Notice 5829-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
• Red Hat Security Advisory 2023-0468-01 Thu, 26 Jan 2023 15:35:03 GMT
  Red Hat Security Advisory 2023-0468-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
• Red Hat Security Advisory 2023-0466-01 Thu, 26 Jan 2023 15:34:56 GMT
  Red Hat Security Advisory 2023-0466-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
• Red Hat Security Advisory 2023-0467-01 Thu, 26 Jan 2023 15:34:49 GMT
  Red Hat Security Advisory 2023-0467-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a bypass vulnerability.
• Ubuntu Security Notice USN-5828-1 Thu, 26 Jan 2023 15:34:41 GMT
  Ubuntu Security Notice 5828-1 - It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
• Ubuntu Security Notice USN-5827-1 Thu, 26 Jan 2023 15:34:29 GMT
  Ubuntu Security Notice 5827-1 - Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10.
• Ubuntu Security Notice USN-5826-1 Thu, 26 Jan 2023 15:34:11 GMT
  Ubuntu Security Notice 5826-1 - Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this issue to cause a denial of service. Artem Ivanov discovered that Privoxy incorrectly handled input validations. An attacker could possibly use this issue to perform cross-site scripting attacks.
• Red Hat Security Advisory 2023-0274-01 Thu, 26 Jan 2023 15:33:45 GMT
  Red Hat Security Advisory 2023-0274-01 - Angular JavaScript library packaged for setuptools / pip.
• Red Hat Security Advisory 2023-0459-01 Thu, 26 Jan 2023 15:33:36 GMT
  Red Hat Security Advisory 2023-0459-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
• Red Hat Security Advisory 2023-0276-01 Thu, 26 Jan 2023 15:33:27 GMT
  Red Hat Security Advisory 2023-0276-01 - Python ServerView Common Command Interface Client Library.
• Red Hat Security Advisory 2023-0462-01 Thu, 26 Jan 2023 15:33:21 GMT
  Red Hat Security Advisory 2023-0462-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
• Red Hat Security Advisory 2023-0461-01 Thu, 26 Jan 2023 15:30:40 GMT
  Red Hat Security Advisory 2023-0461-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.