Security Pop Quiz! q532.mp3

News

Packet Storm Security

* Surveillance Tech Didn't Stop The Uvalde Massacre
* Critical Flaws In Popular ICS Platform Can Trigger RCE
* GitHub Saved Plaintext Passwords Of npm Users In Log Files, Post Mortem Reveals
* Malware Uses PowerShell To Inject Malicious Extension Into Chrome
* Hacker Steals $1.4 Million In NFTs From Collector In One Sweep

Security Affairs

* Android pre-installed apps are affected by high-severity vulnerabilities
* GhostTouch: how to remotely control touchscreens with EMI
* FBI: Compromised US academic credentials available on various cybercrime forums
* ERMAC 2.0 Android Banking Trojan targets over 400 apps
* Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Looking Glass Cyber

securingtomorrow.mcafee.com

* How Secure Is Video Conferencing?
* Crypto Scammers Exploit: Elon Musk Speaks on Cryptocurrency
* How To Do A Virus Scan
* Phishing Campaigns featuring Ursnif Trojan on the Rise
* A Guide to Identity Theft Statistics for 2022

Quick Heal

* Beware - Banking Trojans using enhanced techniques to spread malware.
* Critical Zero-Day "Log4Shell" Vulnerability "CVE-2021-44228" Exploited in the Wild
* Update Security Certificate to Install Quick Heal Product Successfully
* Caution! Beware of the Fake WhatsApp Mother's Day Scam.
* Introduction of DNS tunneling and how attackers use it.

Threat Post

* Critical Flaws in Popular ICS Platform Can Trigger RCE
* Cybergang Claims REvil is Back, Executes DDoS Attacks
* Link Found Connecting Chaos, Onyx and Yashma Ransomware
* Zoom Patches 'Zero-Click' RCE Bug
* Verizon Report: Ransomware, Human Error Among Top Security Risks

Naked Security

* S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]
* Who's watching your webcam? The Screencastify Chrome extension story…
* Poisoned Python and PHP packages purloin passwords for AWS access
* Clearview AI face-matching service fined a lot less than expected
* Mozilla patches Wednesday's Pwn2Own double-exploit… on Friday!

ESET

* Scams targeting NFT investors - Week in security with Tony Anscombe
* Cybersecurity: A global problem that requires a global answer
* ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit
* 5 reasons why GDPR was a milestone for data protection
* Common NFT scams and how to avoid them

CIS

• What SLTTs Should Know About the FREE CIS SecureSuite Membership Wed, 25 May 2022 12:55:00 -0400
  CIS has made CIS SecureSuite Membership free to SLTT governments in the United States. Learn how this can help you revamp your organization's cybersecurity […]

Malware Patrol

* InfoSec Articles (05/09/2022 - 05/23/2022)
* InfoSec Articles (04/25/2022 - 05/09/2022)

SecList

• IT threat evolution in Q1 2022. Mobile statistics
  According to Kaspersky Security Network, in Q1 2022 516,617 mobile malware installation packages were detected, of which 53,947 packages were related to mobile banking trojans, and 1,942 packages were mobile ransomware trojans.

MySonicWall

Critical Infrastructure

* How the manufacturing sector can protect against cyberattacks
* Collaboration is key to energy sector cyber defense
* Reflecting on the anniversary of Colonial Pipeline ransomware attack

* Global incidents show rogue drones have increased
* TSA preps for uptick in summer travel
* Tokyo International Airport adds security screening technology

* How the manufacturing sector can protect against cyberattacks
* Frank Castellon named CSO at Metrolink
* Port of Vancouver USA founds cybersecurity intelligence sharing group

Case Studies

* Tech university stops cyberattack with AI
* Coding robot teaches K-12 students about cybersecurity
* Anti-human trafficking organization combats abuse with data analytics

* Security Design Project of the Year awards accepting nominations
* Early-warning fire and security system protects manufacturing facility
* How AI helps prevent workplace harassment

Tools

* I2P 1.8.0
* Deliverance 0.018-daf9452 File Descriptor Fuzzer
* TP-Link Backup Decryption Utility
* Lynis Auditing Tool 3.0.8
* COOPER Analysis Tool

* OSINT tutorial to Find Information from a Phone Number - PhoneInfoga Tool
* 5G - A Business Owner's Dream, A Hacker's Fantasy

Exploits

* Tigase XMPP Server Stanza Smuggling
* ChromeOS usbguard Bypass
* qdPM 9.1 Remote Code Execution
* Print Spooler Remote DLL Injection
* Online Fire Reporting System 1.0 SQL Injection
* CLink Office 2.0 SQL Injection
* Zoom XMPP Stanza Smuggling Remote Code Execution
* iTop Remote Command Execution
* m1k1o's Blog 1.3 Remote Code Execution
* Blockchain FiatExchanger 2.2.1 SQL Injection

Last 20 Website Defacements - Zone-h

* https://amnat-ed.go.th/1975.html
* http://kuis.kpu-tangerangkab.go.id/idolsec.html
* http://rpp.kpu-tangerangkab.go.id/idolsec.html
* http://www.siproh.kpu-tangerangkab.go.id/idolsec.html
* http://aplikasi.kpu-tangerangkab.go.id/idolsec.html
* http://www.ppid.kpu-tangerangkab.go.id/idolsec.html
* http://www.northshoa.gov.et
* http://rumahpintar.kpu-tangerangkab.go.id/407.php
* http://www.mhs-pao.go.th/zil.php
* https://pdpb.kpu-tangerangkab.go.id/idolsec.html
* https://kpu-tangerangkab.go.id/README.html
* http://cems.diw.go.th/sadme.htm
* http://policeubon.go.th/o.htm
* https://portal.deliserdangkab.go.id
* https://pmd.deliserdangkab.go.id
* http://koperindag.beraukab.go.id/ohh.htm
* http://kesbangpol.beraukab.go.id/ohh.htm
* http://seleksi.beraukab.go.id/ohh.htm
* http://kec-sambaliung.beraukab.go.id/ohh.htm
* http://bpbd.beraukab.go.id/ohh.htm

Press Play to hear the answer!

Advisories

• Red Hat Security Advisory 2022-4767-01 Fri, 27 May 2022 15:46:01 GMT
  Red Hat Security Advisory 2022-4767-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.1 ESR.
• Red Hat Security Advisory 2022-4774-01 Fri, 27 May 2022 15:45:53 GMT
  Red Hat Security Advisory 2022-4774-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.1.
• Red Hat Security Advisory 2022-4773-01 Fri, 27 May 2022 15:45:44 GMT
  Red Hat Security Advisory 2022-4773-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.1.
• Red Hat Security Advisory 2022-2263-01 Fri, 27 May 2022 15:45:31 GMT
  Red Hat Security Advisory 2022-2263-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.58. Issues addressed include a privilege escalation vulnerability.
• Red Hat Security Advisory 2022-2265-01 Fri, 27 May 2022 15:45:21 GMT
  Red Hat Security Advisory 2022-2265-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.58.
• Red Hat Security Advisory 2022-4764-01 Fri, 27 May 2022 15:39:34 GMT
  Red Hat Security Advisory 2022-4764-01 - The ovirt-host package consolidates host package requirements into a single meta package. Issues addressed include a Bugzilla fix for vdsm where there was a disclosure of sensitive values in log files.
• Ubuntu Security Notice USN-5450-1 Fri, 27 May 2022 15:37:43 GMT
  Ubuntu Security Notice 5450-1 - Evgeny Kotkov discovered that subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. Thomas Weißschuh discovered that subversion servers did not properly handle memory in certain configurations. A remote attacker could potentially use this issue to cause a denial of service or other unspecified impact.
• Red Hat Security Advisory 2022-4711-01 Fri, 27 May 2022 15:37:28 GMT
  Red Hat Security Advisory 2022-4711-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. Issues addressed include cross site scripting and denial of service vulnerabilities.
• Red Hat Security Advisory 2022-2264-01 Fri, 27 May 2022 15:37:20 GMT
  Red Hat Security Advisory 2022-2264-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.58.
• Red Hat Security Advisory 2022-4712-01 Fri, 27 May 2022 15:37:04 GMT
  Red Hat Security Advisory 2022-4712-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The ovirt-ansible-hosted-engine-setup package provides an Ansible role for deploying Red Hat Virtualization Hosted-Engine.
• Ubuntu Security Notice USN-5449-1 Fri, 27 May 2022 15:36:57 GMT
  Ubuntu Security Notice 5449-1 - It was discovered that libXv incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.
• Ubuntu Security Notice USN-5448-1 Fri, 27 May 2022 15:36:32 GMT
  Ubuntu Security Notice 5448-1 - It was discovered that ncurses was not properly checking array bounds when executing the fmt_entry function, which could result in an out-of-bounds write. An attacker could possibly use this issue to execute arbitrary code. It was discovered that ncurses was not properly checking user input, which could result in it being treated as a format argument. An attacker could possibly use this issue to expose sensitive information or to execute arbitrary code.
• Ubuntu Security Notice USN-5402-2 Thu, 26 May 2022 16:33:01 GMT
  Ubuntu Security Notice 5402-2 - USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 16.04 ESM. Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. Aliaksei Levin discovered that OpenSSL incorrectly handled resources when decoding certificates and keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS.
• Ubuntu Security Notice USN-5447-1 Thu, 26 May 2022 16:32:50 GMT
  Ubuntu Security Notice 5447-1 - It was discovered that logrotate incorrectly handled the state file. A local attacker could possibly use this issue to keep a lock on the state file and cause logrotate to stop working, leading to a denial of service.
• Red Hat Security Advisory 2022-2272-01 Thu, 26 May 2022 16:32:44 GMT
  Red Hat Security Advisory 2022-2272-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.41.
• Ubuntu Security Notice USN-5446-1 Thu, 26 May 2022 16:04:08 GMT
  Ubuntu Security Notice 5446-1 - Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system.
• Red Hat Security Advisory 2022-2268-01 Thu, 26 May 2022 16:03:57 GMT
  Red Hat Security Advisory 2022-2268-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.51.
• Ubuntu Security Notice USN-5445-1 Thu, 26 May 2022 16:01:12 GMT
  Ubuntu Security Notice 5445-1 - Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Tomas Bortoli discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS.
• Red Hat Security Advisory 2022-4745-01 Thu, 26 May 2022 16:00:56 GMT
  Red Hat Security Advisory 2022-4745-01 - Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up.
• Red Hat Security Advisory 2022-2283-01 Wed, 25 May 2022 13:29:06 GMT
  Red Hat Security Advisory 2022-2283-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.35.
• Ubuntu Security Notice USN-5404-2 Wed, 25 May 2022 13:28:53 GMT
  Ubuntu Security Notice 5404-2 - USN-5404-1 addressed a vulnerability in Rsyslog. This update provides the corresponding update for Ubuntu 16.04 ESM. Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash.
• Red Hat Security Advisory 2022-4729-01 Wed, 25 May 2022 13:28:20 GMT
  Red Hat Security Advisory 2022-4729-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.1 ESR.
• Red Hat Security Advisory 2022-4730-01 Wed, 25 May 2022 13:28:06 GMT
  Red Hat Security Advisory 2022-4730-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.1.
• Red Hat Security Advisory 2022-4721-01 Tue, 24 May 2022 17:46:52 GMT
  Red Hat Security Advisory 2022-4721-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a privilege escalation vulnerability.
• Ubuntu Security Notice USN-5439-1 Tue, 24 May 2022 17:46:41 GMT
  Ubuntu Security Notice 5439-1 - Gunnar Hjalmarsson discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or stop responding, resulting in a denial of service.