Security Pop Quiz! q507.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber
    securingtomorrow.mcafee.com
      Quick Heal Threat Post Naked Security ESET CIS
      • Top 10 Malware December 2022 Fri, 20 Jan 2023 11:59:00 -0500
        In December 2022, the Top 10 Malware list remained consistent with November's list except for the return of three malware strains.
      Malware Patrol SecList
      • What your SOC will be facing in 2023
        Supply chain and reoccurring attacks, data destruction, lack of staff — what challenges will your security operations center be facing in 2023?
      MySonicWall

      Critical Infrastructure

      Case Studies

      Tools

      Exploits

      Last 20 Website Defacements - Zone-h

      Press Play to hear the answer!

      Advisories

      • Debian Security Advisory 5328-1 Fri, 27 Jan 2023 15:25:01 GMT
        Debian Linux Security Advisory 5328-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
      • Red Hat Security Advisory 2023-0483-01 Fri, 27 Jan 2023 15:20:17 GMT
        Red Hat Security Advisory 2023-0483-01 - This asynchronous update patches Red Hat Fuse 7.11.1 on Karaf and Red Hat Fuse 7.11.1 on Spring Boot and several includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a server-side request forgery vulnerability.
      • Ubuntu Security Notice USN-5822-2 Fri, 27 Jan 2023 15:13:12 GMT
        Ubuntu Security Notice 5822-2 - USN-5822-1 fixed vulnerabilities in Samba. The update for Ubuntu 20.04 LTS introduced regressions in certain environments. Pending investigation of these regressions, this update temporarily reverts the security fixes. It was discovered that Samba incorrectly handled the bad password count logic. It was discovered that Samba supported weak RC4/HMAC-MD5 in NetLogon Secure Channel. Greg Hudson discovered that Samba incorrectly handled PAC parsing. Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets.
      • Red Hat Security Advisory 2023-0476-01 Fri, 27 Jan 2023 15:09:20 GMT
        Red Hat Security Advisory 2023-0476-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
      • Debian Security Advisory 5329-1 Fri, 27 Jan 2023 15:08:37 GMT
        Debian Linux Security Advisory 5329-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service against named.
      • Red Hat Security Advisory 2023-0481-01 Fri, 27 Jan 2023 15:07:34 GMT
        Red Hat Security Advisory 2023-0481-01 - Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud. This advisory contains bug fixes and enhancements to the Submariner container images.
      • Apple Security Advisory 2023-01-24-1 Fri, 27 Jan 2023 15:06:30 GMT
        Apple Security Advisory 2023-01-24-1 - tvOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.
      • Red Hat Security Advisory 2023-0208-01 Fri, 27 Jan 2023 15:05:09 GMT
        Red Hat Security Advisory 2023-0208-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
      • Red Hat Security Advisory 2023-0210-01 Fri, 27 Jan 2023 15:04:50 GMT
        Red Hat Security Advisory 2023-0210-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.
      • Red Hat Security Advisory 2023-0479-01 Fri, 27 Jan 2023 15:04:34 GMT
        Red Hat Security Advisory 2023-0479-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration.
      • Red Hat Security Advisory 2023-0470-01 Fri, 27 Jan 2023 15:03:38 GMT
        Red Hat Security Advisory 2023-0470-01 - An update is now available for Migration Toolkit for Runtimes (v1.0.1).
      • Red Hat Security Advisory 2023-0469-01 Fri, 27 Jan 2023 15:02:40 GMT
        Red Hat Security Advisory 2023-0469-01 - Red Hat Integration Camel Extensions for Quarkus 2.13.2 is now available. Issues addressed include denial of service and memory exhaustion vulnerabilities.
      • Red Hat Security Advisory 2023-0471-01 Fri, 27 Jan 2023 15:01:22 GMT
        Red Hat Security Advisory 2023-0471-01 - An update is now available for Migration Toolkit for Runtimes (v1.0.1). Issues addressed include a denial of service vulnerability.
      • Ubuntu Security Notice USN-5829-1 Thu, 26 Jan 2023 15:35:16 GMT
        Ubuntu Security Notice 5829-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
      • Red Hat Security Advisory 2023-0468-01 Thu, 26 Jan 2023 15:35:03 GMT
        Red Hat Security Advisory 2023-0468-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
      • Red Hat Security Advisory 2023-0466-01 Thu, 26 Jan 2023 15:34:56 GMT
        Red Hat Security Advisory 2023-0466-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
      • Red Hat Security Advisory 2023-0467-01 Thu, 26 Jan 2023 15:34:49 GMT
        Red Hat Security Advisory 2023-0467-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a bypass vulnerability.
      • Ubuntu Security Notice USN-5828-1 Thu, 26 Jan 2023 15:34:41 GMT
        Ubuntu Security Notice 5828-1 - It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
      • Ubuntu Security Notice USN-5827-1 Thu, 26 Jan 2023 15:34:29 GMT
        Ubuntu Security Notice 5827-1 - Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10.
      • Ubuntu Security Notice USN-5826-1 Thu, 26 Jan 2023 15:34:11 GMT
        Ubuntu Security Notice 5826-1 - Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this issue to cause a denial of service. Artem Ivanov discovered that Privoxy incorrectly handled input validations. An attacker could possibly use this issue to perform cross-site scripting attacks.
      • Red Hat Security Advisory 2023-0274-01 Thu, 26 Jan 2023 15:33:45 GMT
        Red Hat Security Advisory 2023-0274-01 - Angular JavaScript library packaged for setuptools / pip.
      • Red Hat Security Advisory 2023-0459-01 Thu, 26 Jan 2023 15:33:36 GMT
        Red Hat Security Advisory 2023-0459-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
      • Red Hat Security Advisory 2023-0276-01 Thu, 26 Jan 2023 15:33:27 GMT
        Red Hat Security Advisory 2023-0276-01 - Python ServerView Common Command Interface Client Library.
      • Red Hat Security Advisory 2023-0462-01 Thu, 26 Jan 2023 15:33:21 GMT
        Red Hat Security Advisory 2023-0462-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
      • Red Hat Security Advisory 2023-0461-01 Thu, 26 Jan 2023 15:30:40 GMT
        Red Hat Security Advisory 2023-0461-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.