Security Pop Quiz! q154.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber securingtomorrow.mcafee.com Quick Heal Threat Post Naked Security ESET CIS Malware Patrol SecList
  • Threats to macOS users
    An extremely dangerous threat is a targeted attack on macOS and iOS users, mainly business users. Several well-known cybercriminal groups are currently working to develop malware for these operating systems.
MySonicWall

Critical Infrastructure

Case Studies

Tools

Exploits

Last 20 Website Defacements - Zone-h

Press Play to hear the answer!

Advisories

  • Ubuntu Security Notice USN-4129-2 Thu, 12 Sep 2019 20:42:18 GMT
    Ubuntu Security Notice 4129-2 - USN-4129-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
  • Ubuntu Security Notice USN-4132-2 Thu, 12 Sep 2019 20:42:12 GMT
    Ubuntu Security Notice 4132-2 - USN-4132-1 fixed a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
  • Ubuntu Security Notice USN-4132-1 Thu, 12 Sep 2019 20:42:05 GMT
    Ubuntu Security Notice 4132-1 - It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
  • Red Hat Security Advisory 2019-2766-01 Thu, 12 Sep 2019 20:40:57 GMT
    Red Hat Security Advisory 2019-2766-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains updated container images for multus-cni, operator-lifecycle-manager, and operator-registry in Red Hat OpenShift Container Platform 4.1.15. Each of these container images includes gRPC, which has been updated with the fixes for unbounded memory growth issues.
  • Red Hat Security Advisory 2019-2756-01 Thu, 12 Sep 2019 14:33:15 GMT
    Red Hat Security Advisory 2019-2756-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.255. Issues addressed include a code execution vulnerability.
  • Red Hat Security Advisory 2019-2746-01 Thu, 12 Sep 2019 14:32:51 GMT
    Red Hat Security Advisory 2019-2746-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.
  • Red Hat Security Advisory 2019-2745-01 Thu, 12 Sep 2019 14:32:43 GMT
    Red Hat Security Advisory 2019-2745-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.
  • Red Hat Security Advisory 2019-2743-01 Thu, 12 Sep 2019 14:32:34 GMT
    Red Hat Security Advisory 2019-2743-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Issues addressed include a code execution vulnerability.
  • Slackware Security Advisory - mozilla-thunderbird Updates Thu, 12 Sep 2019 14:32:20 GMT
    Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.
  • Slackware Security Advisory - openssl Updates Thu, 12 Sep 2019 14:32:14 GMT
    Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix security issues.
  • Slackware Security Advisory - curl Updates Thu, 12 Sep 2019 14:32:07 GMT
    Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
  • Ubuntu Security Notice USN-4130-1 Wed, 11 Sep 2019 20:00:19 GMT
    Ubuntu Security Notice 4130-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
  • Ubuntu Security Notice USN-4131-1 Wed, 11 Sep 2019 20:00:11 GMT
    Ubuntu Security Notice 4131-1 - It was discovered that VLC incorrectly handled certain media files. If a user were tricked into opening a specially-crafted file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code.
  • Red Hat Security Advisory 2019-2741-01 Wed, 11 Sep 2019 20:00:04 GMT
    Red Hat Security Advisory 2019-2741-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, and use-after-free vulnerabilities.
  • Red Hat Security Advisory 2019-2736-01 Wed, 11 Sep 2019 19:59:56 GMT
    Red Hat Security Advisory 2019-2736-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.
  • Red Hat Security Advisory 2019-2690-01 Wed, 11 Sep 2019 19:58:47 GMT
    Red Hat Security Advisory 2019-2690-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include unbounded memory growth.
  • Red Hat Security Advisory 2019-2737-01 Wed, 11 Sep 2019 19:58:39 GMT
    Red Hat Security Advisory 2019-2737-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.
  • Red Hat Security Advisory 2019-2732-01 Wed, 11 Sep 2019 14:02:08 GMT
    Red Hat Security Advisory 2019-2732-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 2.1.13, and 2.2.7. Issues addressed include a denial of service vulnerability.
  • Red Hat Security Advisory 2019-2731-01 Wed, 11 Sep 2019 14:02:01 GMT
    Red Hat Security Advisory 2019-2731-01 - NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 2.1.509 and Runtime 2.1.13. Issues addressed include a denial of service vulnerability.
  • Ubuntu Security Notice USN-4129-1 Wed, 11 Sep 2019 14:01:52 GMT
    Ubuntu Security Notice 4129-1 - Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code.
  • Red Hat Security Advisory 2019-2729-01 Wed, 11 Sep 2019 14:01:46 GMT
    Red Hat Security Advisory 2019-2729-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Issues addressed include cross site scripting and use-after-free vulnerabilities.
  • Red Hat Security Advisory 2019-2720-01 Wed, 11 Sep 2019 14:01:38 GMT
    Red Hat Security Advisory 2019-2720-01 - The Public Key Infrastructure Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System. Issues addressed include code execution and deserialization vulnerabilities.
  • Red Hat Security Advisory 2019-2713-01 Wed, 11 Sep 2019 14:01:30 GMT
    Red Hat Security Advisory 2019-2713-01 - Poppler is a Portable Document Format rendering library, used by applications such as Evince. Issues addressed include buffer overflow and null pointer vulnerabilities.
  • Red Hat Security Advisory 2019-2722-01 Wed, 11 Sep 2019 14:00:42 GMT
    Red Hat Security Advisory 2019-2722-01 - The libwmf packages provide a library for reading and converting Windows Metafile Format vector graphics. The library is used by applications such as GIMP and ImageMagick. Multiple double-free vulnerabilities were addressed.
  • Red Hat Security Advisory 2019-2730-01 Wed, 11 Sep 2019 14:00:35 GMT
    Red Hat Security Advisory 2019-2730-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer and use-after-free vulnerabilities.