Security Pop Quiz! q261.mp3

News

Packet Storm Security

* Dozens Of Popular Minecraft Mods Found Infected With Fracturiser Malware
* VMware Discloses Trio Of High Severity Bugs In Network Monitoring Tool
* Hacker Attempts To Exploit Old And New Bugs Up 55%
* People Are Pirating GPT-4 By Scraping Exposed API Keys
* Deepfakes Of Victims Used In Sextortion Attacks Spike, FBI Warns

Security Affairs

* Stealth Soldier backdoor used is targeted espionage attacks in Libya
* Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue
* Experts detail a new Kimsuky social engineering campaign
* German recruiter Pflegia leaks sensitive job seeker info
* Cisco fixes privilege escalation bug in Cisco Secure Client

Looking Glass Cyber

securingtomorrow.mcafee.com

Quick Heal

* Antivirus Security and the Role of Artificial Intelligence (AI)
* The Threat Landscape: Emerging Viruses and Malware to Watch Out For in 2023
* What is Anti-Virus Software? And Do I really need it ?
* BEWARE: Fake Applications are Disguised as Legitimate Ones
* Deep Dive into Royal Ransomware

Threat Post

* Student Loan Breach Exposes 2.5M Records
* Watering Hole Attacks Push ScanBox Keylogger
* Tentacles of '0ktapus' Threat Group Victimize 130 Firms
* Ransomware Attacks are on the Rise
* Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Naked Security

* S3 Ep138: I like to MOVEit, MOVEit
* Firefox 114 is out: No 0-days, but one fascinating "teachable moment" bug
* Chrome and Edge zero-day: "This exploit is in the wild", so check your versions now
* MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do…
* Researchers claim Windows "backdoor" affects hundreds of Gigabyte motherboards

ESET

* Asylum Ambuscade: crimeware or cyberespionage?
* Hear no evil: Ultrasound attacks on voice assistants
* 7 tips for spotting a fake mobile app
* API security in the spotlight - Week in security with Tony Anscombe
* All eyes on APIs: Top 3 API security risks and how to mitigate them

CIS

• CIS Controls Volunteer Spotlight: Tony Krzyzewski Thu, 01 Jun 2023 17:25:00 -0400
  Tony Krzyzewski has done a lot to support cyber defense as an ambassador and volunteer in the CIS Controls Community. Hear his story.

Malware Patrol

* InfoSec Articles (05/30/23 - 06/06/23)
* InfoSec Articles (05/23/23 - 05/30/23)

SecList

• IT threat evolution Q1 2023
  Recent BlueNoroff and Roaming Mantis activities, new APT related to the Russo-Ukrainian conflict, ChatGPT and threat intelligence, malvertising through search engines, cryptocurrency theft campaign and fake Tor browser

MySonicWall

Critical Infrastructure

* Protecting critical infrastructure with radar
* Resin and circuitry company cited by OSHA for chemical exposure risks
* Florida city investigated by OSHA for whistleblower treatment

* CISA MTS Guide may enhance critical infrastructure resilience
* DNV appoints Anette Roll Richardsen as Director of Cybersecurity
* Fishing vessel cited for electrical hazards and poor sanitation

* Managing third-party risks in the supply chain
* IT-ISAC launches food and agriculture analysis center
* TSA strengthens security for Memorial Day travel rush

Case Studies

* Häfele recovers from ransomware attack with new SASE platform
* Ride-hailing company, inDrive, uses new platform to prevent fraud
* The Old Spaghetti Factory restaurant chain ups network & physical security

* San Antonio updates security radio system
* London to implement new police body cameras
* Wrigley Field expands security measures

Tools

* Falco 0.35.0
* Faraday 4.4.0
* AIEngine 2.4.0
* OpenSSL Toolkit 3.1.1
* OpenSSL Toolkit 3.0.9

* OSINT tutorial to Find Information from a Phone Number - PhoneInfoga Tool
* 5G - A Business Owner's Dream, A Hacker's Fantasy

Exploits

* RenderDoc 1.26 Local Privilege Escalation / Remote Code Execution
* Microsoft Windows PowerShell Remote Command Execution
* WordPress Directorist 7.5.4 Insecure Direct Object Reference / Privilege Escalation
* Delta Electronics InfraSuite Device Master Deserialization
* Expert Restaurant eCommerce 1.0 Cross Site Scripting
* Expert Restaurant eCommerce 1.0 SQL Injection
* MVC Shop 0.5 Cross Site Scripting
* NETXPERTS CMS 0.1 SQL Injection
* Microsoft HVCIScan DLL Hijacking
* Anuranan SBAdmin 2 Insecure Settings

Last 20 Website Defacements - Zone-h

* https://www.rick.gov.sd/license.html
* http://www.mkhondo.gov.za/gh.html
* https://dgaie.gov.bf/kurd.htm
* https://rbco.denr.gov.ph/s1.html
* https://gobiernodezapotillo.gob.ec/fake.html
* https://zbs.go.tz/readme.htm
* https://cgcla.go.tz/readme.htm
* http://arturnogueira.sp.gov.br
* http://informatica.arturnogueira.sp.gov.br/index.html
* http://cactix.ib.itaborai.rj.gov.br
* http://sireg-transparencia.ib.itaborai.rj.gov.br
* http://nac.gov.ss/CR4P5.txt
* http://redeeducativa.ms.gov.br/CR4P5.txt
* http://notamaisfacil.novaiguacu.rj.gov.br
* http://nfse.novaiguacu.rj.gov.br
* https://bangkok.doae.go.th/province/
* http://www.haec01.doae.go.th/wp-content/
* https://fundacc.sp.gov.br/nda.html
* https://mapas.fundacc.sp.gov.br/nda.html
* https://arquivopublico.fundacc.sp.gov.br/nda.html

Press Play to hear the answer!

Advisories

• Debian Security Advisory 5421-1 Thu, 08 Jun 2023 15:10:13 GMT
  Debian Linux Security Advisory 5421-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
• Ubuntu Security Notice USN-6146-1 Thu, 08 Jun 2023 15:06:14 GMT
  Ubuntu Security Notice 6146-1 - It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the user invoking the programs. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Netatalk did not properly validate the length of user-supplied data in the ad_addcomment function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
• Red Hat Security Advisory 2023-3550-01 Thu, 08 Jun 2023 15:05:17 GMT
  Red Hat Security Advisory 2023-3550-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
• Ubuntu Security Notice USN-6145-1 Thu, 08 Jun 2023 14:22:10 GMT
  Ubuntu Security Notice 6145-1 - It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only fixed for Ubuntu 16.04 LTS. It was discovered that Sysstat incorrectly handled certain arithmetic multiplications in 64-bit systems, as a result of an incomplete fix for CVE-2022-39377. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code.
• Red Hat Security Advisory 2023-3410-01 Thu, 08 Jun 2023 14:19:24 GMT
  Red Hat Security Advisory 2023-3410-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.20.
• Debian Security Advisory 5420-1 Thu, 08 Jun 2023 14:17:32 GMT
  Debian Linux Security Advisory 5420-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
• Red Hat Security Advisory 2023-3409-01 Thu, 08 Jun 2023 14:14:35 GMT
  Red Hat Security Advisory 2023-3409-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.20.
• Red Hat Security Advisory 2023-3363-01 Wed, 07 Jun 2023 16:22:09 GMT
  Red Hat Security Advisory 2023-3363-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.61. Issues addressed include a denial of service vulnerability.
• Ubuntu Security Notice USN-6144-1 Wed, 07 Jun 2023 16:21:56 GMT
  Ubuntu Security Notice 6144-1 - It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into opening a specially crafted spreadsheet file, an attacker could possibly use this issue to execute arbitrary code. Amel Bouziane-Leblond discovered that LibreOffice did not prompt the user before loading the host document inside an IFrame. If a user were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause information disclosure or execute arbitrary code.
• Ubuntu Security Notice USN-6143-1 Wed, 07 Jun 2023 16:21:48 GMT
  Ubuntu Security Notice 6143-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.
• Debian Security Advisory 5419-1 Wed, 07 Jun 2023 16:21:38 GMT
  Debian Linux Security Advisory 5419-1 - Two vulnerabilities were discovered in c-ares, an asynchronous name resolver library.
• Red Hat Security Advisory 2023-3362-01 Wed, 07 Jun 2023 16:19:03 GMT
  Red Hat Security Advisory 2023-3362-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.61. Issues addressed include a resource exhaustion vulnerability.
• Red Hat Security Advisory 2023-3525-01 Wed, 07 Jun 2023 16:18:40 GMT
  Red Hat Security Advisory 2023-3525-01 - Flask is a lightweight but extensible web development framework for Python based on the Werkzeug WSGI toolkit, and the Jinja 2 template engine.
• Red Hat Security Advisory 2023-3366-01 Wed, 07 Jun 2023 16:13:06 GMT
  Red Hat Security Advisory 2023-3366-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.2. Issues addressed include a traversal vulnerability.
• Ubuntu Security Notice USN-6028-2 Wed, 07 Jun 2023 16:06:41 GMT
  Ubuntu Security Notice 6028-2 - USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash.
• Red Hat Security Advisory 2023-3491-01 Wed, 07 Jun 2023 16:05:35 GMT
  Red Hat Security Advisory 2023-3491-01 - An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
• Red Hat Security Advisory 2023-3490-01 Wed, 07 Jun 2023 16:02:28 GMT
  Red Hat Security Advisory 2023-3490-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
• Red Hat Security Advisory 2023-3517-01 Wed, 07 Jun 2023 15:59:50 GMT
  Red Hat Security Advisory 2023-3517-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
• Red Hat Security Advisory 2023-3481-01 Wed, 07 Jun 2023 15:59:34 GMT
  Red Hat Security Advisory 2023-3481-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.
• Red Hat Security Advisory 2023-3489-01 Wed, 07 Jun 2023 15:58:11 GMT
  Red Hat Security Advisory 2023-3489-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration.
• Ubuntu Security Notice USN-6142-1 Tue, 06 Jun 2023 17:04:35 GMT
  Ubuntu Security Notice 6142-1 - Gal Goldshtein discovered that nghttp2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.
• Red Hat Security Advisory 2023-3460-01 Tue, 06 Jun 2023 17:04:24 GMT
  Red Hat Security Advisory 2023-3460-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a denial of service vulnerability.
• Ubuntu Security Notice USN-6141-1 Tue, 06 Jun 2023 17:04:04 GMT
  Ubuntu Security Notice 6141-1 - Robin Peraglie and Johannes Moritz discovered that xfce4-settings incorrectly parsed quoted input when processed through xdg-open. A remote attacker could possibly use this issue to inject arbitrary arguments into the default browser or file manager.
• Red Hat Security Advisory 2023-3465-01 Tue, 06 Jun 2023 17:03:53 GMT
  Red Hat Security Advisory 2023-3465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
• Ubuntu Security Notice USN-6140-1 Tue, 06 Jun 2023 16:53:48 GMT
  Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.