Security Pop Quiz! q468.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber securingtomorrow.mcafee.com
    Quick Heal Threat Post Naked Security ESET CIS Malware Patrol SecList
    • Sunburst backdoor – code overlaps with Kazuar
      While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.
    MySonicWall

    Critical Infrastructure

    Case Studies

    Tools

    Exploits

    Last 20 Website Defacements - Zone-h

    Press Play to hear the answer!

    Advisories

    • Ubuntu Security Notice USN-4689-4 Thu, 21 Jan 2021 15:21:07 GMT
      Ubuntu Security Notice 4689-4 - USN-4689-3 fixed vulnerabilities in the NVIDIA server graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. Various other issues were also addressed.
    • Red Hat Security Advisory 2021-0079-01 Wed, 20 Jan 2021 17:24:48 GMT
      Red Hat Security Advisory 2021-0079-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.374. Issues addressed include crlf injection and man-in-the-middle vulnerabilities.
    • Ubuntu Security Notice USN-4697-2 Wed, 20 Jan 2021 14:23:50 GMT
      Ubuntu Security Notice 4697-2 - USN-4697-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4689-3 Wed, 20 Jan 2021 14:20:32 GMT
      Ubuntu Security Notice 4689-3 - It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4701-1 Wed, 20 Jan 2021 14:20:27 GMT
      Ubuntu Security Notice 4701-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, or execute arbitrary code. It was discovered that the proxy.onRequest API did not catch view-source URLs. If a user were tricked in to installing an extension with the proxy permission and opening View Source, an attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
    • Red Hat Security Advisory 2021-0034-01 Wed, 20 Jan 2021 14:20:21 GMT
      Red Hat Security Advisory 2021-0034-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include XML injection, crlf injection, and information leakage vulnerabilities.
    • Ubuntu Security Notice USN-4700-1 Wed, 20 Jan 2021 14:15:14 GMT
      Ubuntu Security Notice 4700-1 - Alexandre D'Hondt discovered that PyXDG did not properly sanitize input. An attacker could exploit this with a crafted .menu file to execute arbitrary code.
    • Red Hat Security Advisory 2021-0155-01 Tue, 19 Jan 2021 14:46:21 GMT
      Red Hat Security Advisory 2021-0155-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
    • Red Hat Security Advisory 2021-0154-01 Tue, 19 Jan 2021 14:46:12 GMT
      Red Hat Security Advisory 2021-0154-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
    • Ubuntu Security Notice USN-4699-1 Tue, 19 Jan 2021 14:46:03 GMT
      Ubuntu Security Notice 4699-1 - It was discovered that Apache Log4net incorrectly handled certain configuration files. An attacker could possibly use this issue to expose sensitive information.
    • Red Hat Security Advisory 2021-0153-01 Tue, 19 Jan 2021 14:45:56 GMT
      Red Hat Security Advisory 2021-0153-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
    • Red Hat Security Advisory 2021-0190-01 Tue, 19 Jan 2021 14:45:45 GMT
      Red Hat Security Advisory 2021-0190-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The compliance-operator image updates are now available for OpenShift Container Platform 4.6. Issues addressed include denial of service and integer overflow vulnerabilities.
    • Red Hat Security Advisory 2021-0156-01 Tue, 19 Jan 2021 14:45:36 GMT
      Red Hat Security Advisory 2021-0156-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server.
    • Red Hat Security Advisory 2021-0151-01 Tue, 19 Jan 2021 14:45:29 GMT
      Red Hat Security Advisory 2021-0151-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.
    • Red Hat Security Advisory 2021-0152-01 Tue, 19 Jan 2021 14:45:21 GMT
      Red Hat Security Advisory 2021-0152-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.
    • Red Hat Security Advisory 2021-0150-01 Tue, 19 Jan 2021 14:45:12 GMT
      Red Hat Security Advisory 2021-0150-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.
    • Red Hat Security Advisory 2021-0187-01 Tue, 19 Jan 2021 14:44:02 GMT
      Red Hat Security Advisory 2021-0187-01 - Red Hat OpenShift Virtualization release 2.5.3 is now available with updates to packages and images that fix several bugs and security issues. Issues addressed include denial of service and integer overflow vulnerabilities.
    • Ubuntu Security Notice USN-4698-1 Tue, 19 Jan 2021 14:43:50 GMT
      Ubuntu Security Notice 4698-1 - Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
    • Red Hat Security Advisory 2021-0189-01 Tue, 19 Jan 2021 14:43:43 GMT
      Red Hat Security Advisory 2021-0189-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a buffer overflow vulnerability.
    • Red Hat Security Advisory 2021-0183-01 Tue, 19 Jan 2021 14:43:35 GMT
      Red Hat Security Advisory 2021-0183-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include a buffer overflow vulnerability.
    • Red Hat Security Advisory 2021-0184-01 Tue, 19 Jan 2021 14:43:27 GMT
      Red Hat Security Advisory 2021-0184-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
    • Red Hat Security Advisory 2021-0181-01 Tue, 19 Jan 2021 14:43:19 GMT
      Red Hat Security Advisory 2021-0181-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
    • Ubuntu Security Notice USN-4697-1 Tue, 19 Jan 2021 14:43:11 GMT
      Ubuntu Security Notice 4697-1 - It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. Various other issues were also addressed.
    • Red Hat Security Advisory 2021-0037-01 Tue, 19 Jan 2021 14:43:03 GMT
      Red Hat Security Advisory 2021-0037-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.12.
    • Red Hat Security Advisory 2021-0039-01 Tue, 19 Jan 2021 14:42:53 GMT
      Red Hat Security Advisory 2021-0039-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.