A Penetration Tester’s Journey to the Code Analysis Camp

Shifting Left : A Penetration Tester’s Journey to the Code Analysis Camp

Why I Joined SAST company ShiftLeft

Most of you know me as an offensive security gal. The fact that I decided to join a SAST team frankly surprised me as well. Now that I have officially started my job at ShiftLeft, I am taking this moment to reflect on how I got here and how I see the future of application security.

Confessions of a newbie web developer

I started my career as a web developer. And I absolutely loved it! I loved building tools that solve someone else’s problems. And there is no feeling like seeing your vision materialize right in front of your eyes.

I developed many applications used by medical professionals. And my apps were often handling sensitive information of children and patients. So security was always at the back of my mind. I wanted to protect my users’ data but had no idea how to secure an application. Learning about application security felt overwhelming. And honestly, I had a lot more to worry about other than security: fixing UI meltdowns, deciphering old codebases, and dealing with surprise data losses ate up my day.

Penetration testing and bug bounties

Then, I discovered bug bounties (my first bug was a CSRF!) and eventually got into penetration testing. I worked to find vulnerabilities in client applications and helped fix security holes.

Through my experience, both building and securing web applications, I learned two things:

• Serious security vulnerabilities often stem from small programming mistakes, and
• It is easier and cheaper to find security vulnerabilities early in the software development life cycle (SDLC).

Offensive security practices like penetration testing or bug bounties are a great way to secure your applications. But they should only be used as a fail-safe to catch vulnerabilities that slip past security protocols implemented during your development cycle. Catching issues and errors early can save you a lot of time and headaches.

I became quite discouraged with what I could do to secure applications as an individual penetration tester. I can focus on securing my client’s products but can’t do much about the security environment at large. There is still a lot of insecure code out there, and I want to help change that.

Securing software is a complicated business. I want to make security approachable and help developers integrate security into their processes.

Looking ahead in #infosec

Here are some challenges I see ahead and what I hope to help solve by teaming up with the folks at ShiftLeft.

• How can we help developers learn about security concepts?
• How do we make it easier for developers to integrate security into their workflow?
• And above all, how do we make developing secure software easier for our fellow developers?

What is the most challenging part of developing secure software for you? I’d love to know. Feel free to connect on Twitter @vickieli7.

Oh, and if you’re interested in learning about ShiftLeft and how we’re approaching DevSecOps with a fresh take, feel free to join us for our one-day virtual event happening all day on 1/28/2021. You can join me and register here.

---

A Penetration Tester’s Journey to the Code Analysis Camp was originally published in ShiftLeft Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post A Penetration Tester’s Journey to the Code Analysis Camp appeared first on Security Boulevard.

Read More

The post A Penetration Tester’s Journey to the Code Analysis Camp appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/a-penetration-testers-journey-to-the-code-analysis-camp-3/?utm_source=rss&utm_medium=rss&utm_campaign=a-penetration-testers-journey-to-the-code-analysis-camp-3

The ransomware threat to the healthcare sector

2020 has witnessed an uptick in ransomware attacks targeting hospitals and healthcare facilities. See, for example, C5 Capital Founder André Pienaar’s account of a ransomware attack in the early days of COVID-19 in the U.K. Another high-profile incident occurred in late September when U.S. healthcare services company UHS was struck with Ryuk ransomware, resulting in a weeks long disruption of their networks at multiple locations. In late October, several US federal agencies released a joint advisory via the (CISA) highlighting the “imminent threat” from these ransomware operators and providing recommendations for detecting and mitigating such threats. Just since the advisory’s release, news has surfaced that healthcare systems in Oregon, New York, and Vermont have been affected by ransomware. Private sector reporting has attributed these campaigns to the Ryuk ransomware gang, sometimes known as UNC1878 or Wizard Spider, a criminal group that likely operates out of Russia.

The post The ransomware threat to the healthcare sector appeared first on Security Boulevard.

Read More

The post The ransomware threat to the healthcare sector appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/the-ransomware-threat-to-the-healthcare-sector-6/?utm_source=rss&utm_medium=rss&utm_campaign=the-ransomware-threat-to-the-healthcare-sector-6

A Penetration Tester’s Journey to the Code Analysis Camp

Shifting Left : A Penetration Tester’s Journey to the Code Analysis Camp

Why I Joined SAST company ShiftLeft

Most of you know me as an offensive security gal. The fact that I decided to join a SAST team frankly surprised me as well. Now that I have officially started my job at ShiftLeft, I am taking this moment to reflect on how I got here and how I see the future of application security.

Confessions of a newbie web developer

I started my career as a web developer. And I absolutely loved it! I loved building tools that solve someone else’s problems. And there is no feeling like seeing your vision materialize right in front of your eyes.

I developed many applications used by medical professionals. And my apps were often handling sensitive information of children and patients. So security was always at the back of my mind. I wanted to protect my users’ data but had no idea how to secure an application. Learning about application security felt overwhelming. And honestly, I had a lot more to worry about other than security: fixing UI meltdowns, deciphering old codebases, and dealing with surprise data losses ate up my day.

Penetration testing and bug bounties

Then, I discovered bug bounties (my first bug was a CSRF!) and eventually got into penetration testing. I worked to find vulnerabilities in client applications and helped fix security holes.

Through my experience, both building and securing web applications, I learned two things:

• Serious security vulnerabilities often stem from small programming mistakes, and
• It is easier and cheaper to find security vulnerabilities early in the software development life cycle (SDLC).

Offensive security practices like penetration testing or bug bounties are a great way to secure your applications. But they should only be used as a fail-safe to catch vulnerabilities that slip past security protocols implemented during your development cycle. Catching issues and errors early can save you a lot of time and headaches.

I became quite discouraged with what I could do to secure applications as an individual penetration tester. I can focus on securing my client’s products but can’t do much about the security environment at large. There is still a lot of insecure code out there, and I want to help change that.

Securing software is a complicated business. I want to make security approachable and help developers integrate security into their processes.

Looking ahead in #infosec

Here are some challenges I see ahead and what I hope to help solve by teaming up with the folks at ShiftLeft.

• How can we help developers learn about security concepts?
• How do we make it easier for developers to integrate security into their workflow?
• And above all, how do we make developing secure software easier for our fellow developers?

What is the most challenging part of developing secure software for you? I’d love to know. Feel free to connect on Twitter @vickieli7.

Oh, and if you’re interested in learning about ShiftLeft and how we’re approaching DevSecOps with a fresh take, feel free to join us for our one-day virtual event happening all day on 1/28/2021. You can join me and register here.

---

A Penetration Tester’s Journey to the Code Analysis Camp was originally published in ShiftLeft Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post A Penetration Tester’s Journey to the Code Analysis Camp appeared first on Security Boulevard.

Read More

The post A Penetration Tester’s Journey to the Code Analysis Camp appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/a-penetration-testers-journey-to-the-code-analysis-camp-2/?utm_source=rss&utm_medium=rss&utm_campaign=a-penetration-testers-journey-to-the-code-analysis-camp-2

A Penetration Tester’s Journey to the Code Analysis Camp

Shifting Left : A Penetration Tester’s Journey to the Code Analysis Camp

Why I Joined SAST company ShiftLeft

Most of you know me as an offensive security gal. The fact that I decided to join a SAST team frankly surprised me as well. Now that I have officially started my job at ShiftLeft, I am taking this moment to reflect on how I got here and how I see the future of application security.

Confessions of a newbie web developer

I started my career as a web developer. And I absolutely loved it! I loved building tools that solve someone else’s problems. And there is no feeling like seeing your vision materialize right in front of your eyes.

I developed many applications used by medical professionals. And my apps were often handling sensitive information of children and patients. So security was always at the back of my mind. I wanted to protect my users’ data but had no idea how to secure an application. Learning about application security felt overwhelming. And honestly, I had a lot more to worry about other than security: fixing UI meltdowns, deciphering old codebases, and dealing with surprise data losses ate up my day.

Penetration testing and bug bounties

Then, I discovered bug bounties (my first bug was a CSRF!) and eventually got into penetration testing. I worked to find vulnerabilities in client applications and helped fix security holes.

Through my experience, both building and securing web applications, I learned two things:

• Serious security vulnerabilities often stem from small programming mistakes, and
• It is easier and cheaper to find security vulnerabilities early in the software development life cycle (SDLC).

Offensive security practices like penetration testing or bug bounties are a great way to secure your applications. But they should only be used as a fail-safe to catch vulnerabilities that slip past security protocols implemented during your development cycle. Catching issues and errors early can save you a lot of time and headaches.

I became quite discouraged with what I could do to secure applications as an individual penetration tester. I can focus on securing my client’s products but can’t do much about the security environment at large. There is still a lot of insecure code out there, and I want to help change that.

Securing software is a complicated business. I want to make security approachable and help developers integrate security into their processes.

Looking ahead in #infosec

Here are some challenges I see ahead and what I hope to help solve by teaming up with the folks at ShiftLeft.

• How can we help developers learn about security concepts?
• How do we make it easier for developers to integrate security into their workflow?
• And above all, how do we make developing secure software easier for our fellow developers?

What is the most challenging part of developing secure software for you? I’d love to know. Feel free to connect on Twitter @vickieli7.

Oh, and if you’re interested in learning about ShiftLeft and how we’re approaching DevSecOps with a fresh take, feel free to join us for our one-day virtual event happening all day on 1/28/2021. You can join me and register here.

---

A Penetration Tester’s Journey to the Code Analysis Camp was originally published in ShiftLeft Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post A Penetration Tester’s Journey to the Code Analysis Camp appeared first on Security Boulevard.

Read More

The post A Penetration Tester’s Journey to the Code Analysis Camp appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/a-penetration-testers-journey-to-the-code-analysis-camp/?utm_source=rss&utm_medium=rss&utm_campaign=a-penetration-testers-journey-to-the-code-analysis-camp

The ransomware threat to the healthcare sector

2020 has witnessed an uptick in ransomware attacks targeting hospitals and healthcare facilities. See, for example, C5 Capital Founder André Pienaar’s account of a ransomware attack in the early days of COVID-19 in the U.K. Another high-profile incident occurred in late September when U.S. healthcare services company UHS was struck with Ryuk ransomware, resulting in a weeks long disruption of their networks at multiple locations. In late October, several US federal agencies released a joint advisory via the (CISA) highlighting the “imminent threat” from these ransomware operators and providing recommendations for detecting and mitigating such threats. Just since the advisory’s release, news has surfaced that healthcare systems in Oregon, New York, and Vermont have been affected by ransomware. Private sector reporting has attributed these campaigns to the Ryuk ransomware gang, sometimes known as UNC1878 or Wizard Spider, a criminal group that likely operates out of Russia.

The post The ransomware threat to the healthcare sector appeared first on Security Boulevard.

Read More

The post The ransomware threat to the healthcare sector appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/the-ransomware-threat-to-the-healthcare-sector-5/?utm_source=rss&utm_medium=rss&utm_campaign=the-ransomware-threat-to-the-healthcare-sector-5

The ransomware threat to the healthcare sector

2020 has witnessed an uptick in ransomware attacks targeting hospitals and healthcare facilities. See, for example, C5 Capital Founder André Pienaar’s account of a ransomware attack in the early days of COVID-19 in the U.K. Another high-profile incident occurred in late September when U.S. healthcare services company UHS was struck with Ryuk ransomware, resulting in a weeks long disruption of their networks at multiple locations. In late October, several US federal agencies released a joint advisory via the (CISA) highlighting the “imminent threat” from these ransomware operators and providing recommendations for detecting and mitigating such threats. Just since the advisory’s release, news has surfaced that healthcare systems in Oregon, New York, and Vermont have been affected by ransomware. Private sector reporting has attributed these campaigns to the Ryuk ransomware gang, sometimes known as UNC1878 or Wizard Spider, a criminal group that likely operates out of Russia.

The post The ransomware threat to the healthcare sector appeared first on Security Boulevard.

Read More

The post The ransomware threat to the healthcare sector appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/the-ransomware-threat-to-the-healthcare-sector-4/?utm_source=rss&utm_medium=rss&utm_campaign=the-ransomware-threat-to-the-healthcare-sector-4

The ransomware threat to the healthcare sector

2020 has witnessed an uptick in ransomware attacks targeting hospitals and healthcare facilities. See, for example, C5 Capital Founder André Pienaar’s account of a ransomware attack in the early days of COVID-19 in the U.K. Another high-profile incident occurred in late September when U.S. healthcare services company UHS was struck with Ryuk ransomware, resulting in a weeks long disruption of their networks at multiple locations. In late October, several US federal agencies released a joint advisory via the (CISA) highlighting the “imminent threat” from these ransomware operators and providing recommendations for detecting and mitigating such threats. Just since the advisory’s release, news has surfaced that healthcare systems in Oregon, New York, and Vermont have been affected by ransomware. Private sector reporting has attributed these campaigns to the Ryuk ransomware gang, sometimes known as UNC1878 or Wizard Spider, a criminal group that likely operates out of Russia.

The post The ransomware threat to the healthcare sector appeared first on Security Boulevard.

Read More

The post The ransomware threat to the healthcare sector appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/the-ransomware-threat-to-the-healthcare-sector-3/?utm_source=rss&utm_medium=rss&utm_campaign=the-ransomware-threat-to-the-healthcare-sector-3

The ransomware threat to the healthcare sector

2020 has witnessed an uptick in ransomware attacks targeting hospitals and healthcare facilities. See, for example, C5 Capital Founder André Pienaar’s account of a ransomware attack in the early days of COVID-19 in the U.K. Another high-profile incident occurred in late September when U.S. healthcare services company UHS was struck with Ryuk ransomware, resulting in a weeks long disruption of their networks at multiple locations. In late October, several US federal agencies released a joint advisory via the (CISA) highlighting the “imminent threat” from these ransomware operators and providing recommendations for detecting and mitigating such threats. Just since the advisory’s release, news has surfaced that healthcare systems in Oregon, New York, and Vermont have been affected by ransomware. Private sector reporting has attributed these campaigns to the Ryuk ransomware gang, sometimes known as UNC1878 or Wizard Spider, a criminal group that likely operates out of Russia.

The post The ransomware threat to the healthcare sector appeared first on Security Boulevard.

Read More

The post The ransomware threat to the healthcare sector appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/the-ransomware-threat-to-the-healthcare-sector-2/?utm_source=rss&utm_medium=rss&utm_campaign=the-ransomware-threat-to-the-healthcare-sector-2

The ransomware threat to the healthcare sector

2020 has witnessed an uptick in ransomware attacks targeting hospitals and healthcare facilities. See, for example, C5 Capital Founder André Pienaar’s account of a ransomware attack in the early days of COVID-19 in the U.K. Another high-profile incident occurred in late September when U.S. healthcare services company UHS was struck with Ryuk ransomware, resulting in a weeks long disruption of their networks at multiple locations. In late October, several US federal agencies released a joint advisory via the (CISA) highlighting the “imminent threat” from these ransomware operators and providing recommendations for detecting and mitigating such threats. Just since the advisory’s release, news has surfaced that healthcare systems in Oregon, New York, and Vermont have been affected by ransomware. Private sector reporting has attributed these campaigns to the Ryuk ransomware gang, sometimes known as UNC1878 or Wizard Spider, a criminal group that likely operates out of Russia.

The post The ransomware threat to the healthcare sector appeared first on Security Boulevard.

Read More

The post The ransomware threat to the healthcare sector appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/the-ransomware-threat-to-the-healthcare-sector/?utm_source=rss&utm_medium=rss&utm_campaign=the-ransomware-threat-to-the-healthcare-sector

DEF CON 28 Safe Mode Lock Picking Village – Zeefeene’s ‘High Security Wafer Locks – An Oxymoron?’

Many thanks to DEF CON and Conference Speakers for publishing their outstanding presentations; of which, originally appeared at the organization’s DEFCON 28 SAFE MODE Conference, and on the DEF CON YouTube channel. Enjoy!

Permalink

The post DEF CON 28 Safe Mode Lock Picking Village – Zeefeene’s ‘High Security Wafer Locks – An Oxymoron?’ appeared first on Security Boulevard.

Read More

The post DEF CON 28 Safe Mode Lock Picking Village – Zeefeene’s ‘High Security Wafer Locks – An Oxymoron?’ appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/def-con-28-safe-mode-lock-picking-village-zeefeenes-high-security-wafer-locks-an-oxymoron/?utm_source=rss&utm_medium=rss&utm_campaign=def-con-28-safe-mode-lock-picking-village-zeefeenes-high-security-wafer-locks-an-oxymoron

FBI Warnings, SolarWinds, JetBrains, Government News, & 5G – Wrap Up – SWN #92

Show summaries, JetBrains, FBI Warnings, Some Government news, and Bill Gates is about to take control of your brain and install Windows 3.0 Beta on your medula oblongata!

Timestamps:

7:39 – “Favorite Threat of the Week!”
12:44 – “Joff Thyer teaches a cool class on the 19th of Jan”
13:10 – “Chrome Extension sold and may now be updated with Malware”
14:31 – “NVIDIA warns of high severity graphics drivers flaws and release security patches”
15:45 – “FBI Warns of Swatting attacks now using doorbells to stream the swatting live”
17:16 – “FBI warns of expanding danger of EGregor”
18:40 – “Hack the Army 3.0 Bug Bounty created”
20:02 – “Anne Neuberger will be first Cybersecurity Rep on the NSC”
21:03 – “US State Department Creates the Bureau of Cyberspace Security and Emerging Technologies”
21:40 – “5G Schematic revealed for mind control is actually a guitar pedal”

Visit https://www.securityweekly.com/swn for all the latest episodes!
Show Notes: https://securityweekly.com/swn92

The post FBI Warnings, SolarWinds, JetBrains, Government News, & 5G – Wrap Up – SWN #92 appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/fbi-warnings-solarwinds-jetbrains-government-news-5g-wrap-up-swn-92/?utm_source=rss&utm_medium=rss&utm_campaign=fbi-warnings-solarwinds-jetbrains-government-news-5g-wrap-up-swn-92

The Capital

The post The Capital appeared first on Security Boulevard.

Read More

The post The Capital appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/the-capital/?utm_source=rss&utm_medium=rss&utm_campaign=the-capital

Cartoon: Shakin’ It Up at the Office

And the winner of our December cartoon caption contest is …

The post Cartoon: Shakin’ It Up at the Office appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/cartoon-shakin-it-up-at-the-office/?utm_source=rss&utm_medium=rss&utm_campaign=cartoon-shakin-it-up-at-the-office

ESB-2021.0082 – [Debian] libxstream-java: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0082
                      libxstream-java security update
                              8 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           libxstream-java
Publisher:         Debian
Operating System:  Debian GNU/Linux
Impact/Access:     Delete Arbitrary Files   -- Remote/Unauthenticated
                   Access Confidential Data -- Remote/Unauthenticated
                   Reduced Security         -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-26259 CVE-2020-26258 

Reference:         ESB-2021.0019

Original Bulletin: 
   http://www.debian.org/security/2021/dsa-4828

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-4828-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
January 07, 2021                      https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : libxstream-java
CVE ID         : CVE-2020-26258 CVE-2020-26259

Liaogui Zhong discovered two security issues in XStream, a Java library
to serialise objects to XML and back again, which could result in the
deletion of files or server-side request forgery when unmarshalling.

For the stable distribution (buster), these problems have been fixed in
version 1.4.11.1-1+deb10u2.

We recommend that you upgrade your libxstream-java packages.

For the detailed security status of libxstream-java please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libxstream-java

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl/3jg8ACgkQEMKTtsN8
TjZN1hAAoPTdyb5k7BMDfnFR3wIbVTmZcf5kRfugqHP6zUJn03U8kV5tDdqPTdxr
wORJP/MMAldelD57PVfmrSjV/x8Q1znGVZEvAr9VO6B7Kuo4s9J+A+ecK0/rjxoK
tNnFIaxb69ToznGzjGPNHzE6VLjkwS7pRFqxktrk7P+WIz7OBYdJNkSNiF5uLPJM
wmqJVr99DWZAQ0dlYDAvXe8+fYmOP0qfD+bpuW+OyNjTU2CfCL2I+hzc+TzpSZXp
j6CMvh6+EfmiGg4AYf0eZXrJN9HX4FTEfj7lshglCdChpjNOWhutU/9DuUS8qPWa
QmIEeg0sa3ecx4mMaGN7oiVdnSkxDyv0pg84NoBhoysR0X2LFu4oPg2U5ViGrnLp
lIJWcTcHOl5rJBOCskJMqwn6ubip5K6NXsb/czfDSY2F0R3N8mwpGo+QU0PVji57
qXCJpLjBipTYXLKH/Vg0QXraUhCE9bUP2He1JfAa3PBLB8nMpa07KATk+uBF0/3m
AMUlLGTNlAlY9l3yr5PDWz/ehllruYvGwwkdl9WM/Q+dWEs8/tB76JaQDeYNOAlL
neoexJuk6rsGIkPxPVPjYtTEQ86wWrYKPtLTP+RhsAh3wwoTmZtXpTyfNleEm66G
tHAXITEL9DpVVA35Lqcix+FTQ/n1oqmROWRDYxH6Jj7vs2p3ixw=
=iebc
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/exNeNLKJtyKPYoAQiRYhAAmi0d8HB6bTxnHgvzEnvsMQiwBfHD+2yF
9ZZO+EnqcaAgVRuqN+4W9RsvOopDvxpnNZp6ahHqr5iAb3OWV/3kN7N5kStvGzpm
XFIG7+EiaNk3e1N3+2tAfQEz2zbwiWCTFcv4aK59lioC/+n4mBxKXxEcxPbWC3H+
0ZsRaGIewNKe5k+d3QcCfS7F3fCKYVOR4iv/v4n9/p9L2sPVkZQHiF1q8w8lrFkK
55xVUaOzmO7KRqwVNnHZwZTZZl14NLx3BnwZznC1ypMb8tfWTOk2nMI/sOUpon95
QeQs+z8+SFpv8F9r2ikzL5VocX07lZsm84giM8IKZKwtX+YslcgBxuK/IjMQXug0
pxa4GXXvudO64T6/31YeoTdQnSZK2m5Ay2sWzC07qqtwP1mE5Ss/8YzvBKlLJL/6
cOBLCCZzek3+wpQplfdu2iWrSmbVEP79RZPes6xsF/JoWVvkLUicffF0JLWm3G3l
OHlrfJUBMqoMOiibj/pouuiB1P1o74mdrqz/DwMn9cZ1hMm0BMKJaG8+Te7ZrBKf
Nf0f42x+v5bpRybKaTiCFgNSmZiPtpAoMzuKx60OWsfIfZqygzg1ZZuhRAbGccT8
K5i2+n9lz4jigF+viCK/XQeXeDLG09DO7XvI7dwKvcK+UuRX2juiXPQKPuzq5Vzj
x7upwVdetAY=
=qcBW
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0082 – [Debian] libxstream-java: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/esb-2021-0082-debian-libxstream-java-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0082-debian-libxstream-java-multiple-vulnerabilities

ESB-2021.0081 – [Debian] firefox-esr: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0081
                        firefox-esr security update
                              8 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           firefox-esr
Publisher:         Debian
Operating System:  Debian GNU/Linux
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-16044  

Reference:         ESB-2021.0067

Original Bulletin: 
   http://www.debian.org/security/2021/dsa-4827

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-4827-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
January 07, 2021                      https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2020-16044

A security issue was found in the Mozilla Firefox web browser, which
could potentially result in the execution of arbitrary code.

For the stable distribution (buster), this problem has been fixed in
version 78.6.1esr-1~deb10u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl/3gbMACgkQEMKTtsN8
TjZMcg//ZVjuX7uVcy6YyZQ24ObP+9FMqo11t3heblWkIYWJSHGA8OgQ8zMJAnjr
SVqtwJnC/huG113QfEg+uyzx3ehgSEEAOyBdlaAX9c/RysfUzglyyP8HH0BCJBer
j0BgX9q4HsOCGLSqvHbBG/6n2Z7xdRe3zQW6uqFrHkgLdBhrm8Ow3mLWAnuyU0YN
z5ewyAzNJI+F9urCr7Sl3MFMdNa9xVkU9xNTsi9pEhZM1sg+e8nBUt8CcuU62HA6
kMgt4J9Yl56TyV4J/DDqDcllmCnOjl+DZH/Nch5ENcDpMkjVrebVBe88ZEt0roU0
DbnXM8wytWhvGKskVq79yK1GDUvasKSKR1C+WCbozPgqodHONDgiHUgZTU/G/23C
HORZgBllSec/pB7uAav4m+QP8dg5ZkPLHQWS+4If+jvYxSNw8fE1LeH/lULwHFgu
03El1jk5hiWor/NL9UJe2W4pfgWn1i/HxB1GmuLrMeKbN5KQSLrEP9h7ExXj3KXd
z6wMhKzabA+5dnIPiZorv8yYDn5EIAHp0Wrg/uK8Pg1vAWLnZPNl4QsOR7ZJ6aAr
G+1UMYJrutVmoXL5rwEXPX6wCtbCjl0kCnOsfFf+HhBfzEIcOy3/qYJmxb2zKRW7
jrs4ZpDVbkzE5kDAThvCBTCydXXsa4AQhFcjAPpOPcb/PaeySlo=
=4S5C
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/exK+NLKJtyKPYoAQjJmA/+IPv2D/k+J9CNaKacI0QIkbN8YAqqk+kQ
RcvHJGiCzAnlV4rcMMza3FN2WPa9fiYhauAqzpStL0bgWctUipeT1UzE0tTuB7FP
VDKKrinL4a1xLNbnLKwmuiXIH2zw6wCCct3VIKUxlE7C1YWI/ofl7fRzJmduj38u
B6LSvfLEBnY/+SrF1N3lQCZjL2wVtjYrE/erqGZP2UHJFdFZp7f7zzCaIVFHorPM
iHlSH+d0RBeAWRbL4/wZUXNdV104wEeOp575vV+IYB2SI87E4rNDL65ZLfudgYK3
hQ9qMzAkPVR2wJbG+IGCGtBL8nyIw1mufBknpdDOOe/kOHw8QNMZV5GAHzvqascI
w4aPWieb8JnicQkRQfMGoDQbL6TMkZxfE70Kt32qVXLbEfA1a0/EWflfczvvoEoj
At4t3oHyagsZg/qvewhmXK8ZM6ZcfcYKXCssTP8pTC7GJNzgwp18bMPXa44d0DWg
UdhQyEU5bt1nYWIRGi1r2kkPrPIu1tz6DI2HcgnCyPT1KszAFHaFJ0aQ+/YBHTKU
ywn1zS2+VQS9BuuHQoHkKTLd88GGqpacuAyV1zanWqTaNyk51J1/ovc4V9puW+9n
jIXHYR1IYE3Qwnnt2QByb9sJkZFsujjSstbmlUDSxVOOUhnIFmfgB3bpVE7gctLo
od12bB/GYR0=
=AuXA
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0081 – [Debian] firefox-esr: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/esb-2021-0081-debian-firefox-esr-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0081-debian-firefox-esr-multiple-vulnerabilities

ESB-2021.0079 – [Win] Delta Electronics CNCSoft-B: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0079
           Advisory (icsa-21-007-04) Delta Electronics CNCSoft-B
                              8 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Delta Electronics CNCSoft-B
Publisher:         ICS-CERT
Operating System:  Windows
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
                   Access Confidential Data        -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-27293 CVE-2020-27291 CVE-2020-27289
                   CVE-2020-27287  

Original Bulletin: 
   https://us-cert.cisa.gov/ics/advisories/icsa-21-007-04

- --------------------------BEGIN INCLUDED TEXT--------------------

ICS Advisory (ICSA-21-007-04)

Delta Electronics CNCSoft-B

Original release date: January 07, 2021

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided
"as is" for informational purposes only. The Department of Homeland Security
(DHS) does not provide any warranties of any kind regarding any information
contained within. DHS does not endorse any commercial product or service,
referenced in this product or otherwise. Further dissemination of this product
is governed by the Traffic Light Protocol (TLP) marking in the header. For more
information about TLP, see https://us-cert.cisa.gov/tlp/ .



1. EXECUTIVE SUMMARY

  o CVSS v3 7.8
  o ATTENTION: Low skill level to exploit
  o Vendor: Delta Electronics
  o Equipment: CNCSoft-B
  o Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Untrusted Pointer
    Dereference, Type Confusion

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could lead to arbitrary code
execution.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following versions of CNCSoft-B, a software management platform, are
affected:

  o CNCSoft-B Versions 1.0.0.2 and prior

3.2 VULNERABILITY OVERVIEW

3.2.1 OUT-OF-BOUNDS WRITE CWE-787

The affected product is vulnerable to an out-of-bounds write while processing
project files, which may allow an attacker to execute arbitrary code.

CVE-2020-27287 has been assigned to this vulnerability. A CVSS v3 base score of
7.8 has been assigned; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/C:H/
I:H/A:H ).

3.2.2 OUT-OF-BOUNDS READ CWE-125

The affected product is vulnerable to an out-of-bounds read while processing
project files, which may allow an attacker to execute arbitrary code.

CVE-2020-27291 has been assigned to this vulnerability. A CVSS v3 base score of
7.8 has been assigned; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/C:H/
I:H/A:H ).

3.2.3 UNTRUSTED POINTER DEREFERENCE CWE-822

The affected product has a null pointer dereference issue while processing
project files, which may allow an attacker to execute arbitrary code.

CVE-2020-27289 has been assigned to this vulnerability. A CVSS v3 base score of
7.8 has been assigned; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/C:H/
I:H/A:H ).

3.2.4 ACCESS OF RESOURCE USING INCOMPATIBLE TYPE ('TYPE CONFUSION') CWE-843

The affected product has a type confusion issue while processing project files,
which may allow an attacker to execute arbitrary code.

CVE-2020-27293 has been assigned to this vulnerability. A CVSS v3 base score of
7.8 has been assigned; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/C:H/
I:H/A:H ).

3.3 BACKGROUND

  o CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
  o COUNTRIES/AREAS DEPLOYED: Worldwide
  o COMPANY HEADQUARTERS LOCATION: Taiwan

3.4 RESEARCHER

Kimiya, working with Trend Micro's Zero Day Initiative, reported these
vulnerabilities to CISA.

4. MITIGATIONS

Delta Electronics has released an updated version for CNCSoft-B and recommends
users install v1.0.0.3 on all affected systems.

CISA recommends users take defensive measures to minimize the risk of
exploitation of this vulnerability. Specifically, users should:

  o Minimize network exposure for all control system devices and/or systems,
    and ensure that they are not accessible from the Internet .
  o Locate control system networks and remote devices behind firewalls, and
    isolate them from the business network.
  o When remote access is required, use secure methods, such as Virtual Private
    Networks (VPNs), recognizing that VPNs may have vulnerabilities and should
    be updated to the most current version available. Also recognize that VPN
    is only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk
assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices
on the ICS webpage on us-cert.cisa.gov . Several recommended practices are
available for reading and download, including Improving Industrial Control
Systems Cybersecurity with Defense-in-Depth Strategies .

Additional mitigation guidance and recommended practices are publicly available
on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper,
ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation
Strategies .

Organizations observing any suspected malicious activity should follow their
established internal procedures and report their findings to CISA for tracking
and correlation against other incidents.

CISA also recommends users take the following measures to protect themselves
from social engineering attacks:

  o Do not click web links or open unsolicited attachments in email messages.
  o Refer to Recognizing and Avoiding Email Scams for more information on
    avoiding email scams.
  o Refer to Avoiding Social Engineering and Phishing Attacks for more
    information on social engineering attacks.

No known public exploits specifically target these vulnerabilities. These
vulnerabilities are not exploitable remotely.

For any questions related to this report, please contact the CISA at:

Email: CISAservicedesk@cisa.dhs.gov
Toll Free: 1-888-282-0870

CISA continuously strives to improve its products and services. You can help by
choosing one of the links below to provide feedback about this product.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/exD+NLKJtyKPYoAQgVOA//XgZklA540Sq8pjMJ40SkzYCYD8VzsVBO
sXNVyYwHC6usgbkJW+JwMY8A3+4a+oHRj3MJLN+LyW9lEYm2ePlp2oKGzJnPOcNo
ZSodsUVXNS/NRT+l7VE2XEmQUuqMTnwEpRYraifyYS3sFT8xtnywx+UlYrw2zCwk
qHG93WR/+it2VFGWgqgiaPGo5XdnBgEHIiSXA6y4CkmpfdqE8W5mBU2+Sfv+nxuj
eMAMaS2OhIAY+UWActgmhlqrB/KXP1ltp5Sy6tDualpgeWOoBBvZtcLyd0SEVUeM
ZaW8R3wOicX3zaqOSC5UkNiTDtnNGfscCIREJhJM+8ok1YcZfAKSnY78uS5+c3jt
TmzZ6xZa6Qcp03aQwQlTPcvY5fTevYpAODMJQGSim1ob85l39qVEcuc0d6Mlljt3
q6JVV02MdL30npMLgqPXnLVEoq2z3JL2jwfm5SIl3Xp/xpnqrM3qohZamyBJTNap
M+qakOVtELL7WL4gXFbN+RRzp37hucQa4237pDxhL6qdInACr69mGFdVMjyTG1Og
aTzQiBYt2pLRW9ZjTOGdQDJpshN84tYmM/sGRCUxsCoRTf6DE6fhyd+PjFayLFVU
qwGsb7FGc+r9GD2tUrHLpwaaSSWK+sgZ5MV44xbz+VOB22ZBA7ZY6mlVrdsGOdlD
vonteT3do8c=
=e1Us
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0079 – [Win] Delta Electronics CNCSoft-B: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/esb-2021-0079-win-delta-electronics-cncsoft-b-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0079-win-delta-electronics-cncsoft-b-multiple-vulnerabilities

ESB-2021.0080 – [RedHat] Red Hat support for Spring Boot 2.2.11: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0080
          Red Hat support for Spring Boot 2.2.11 security update
                              8 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Red Hat support for Spring Boot 2.2.11
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Denial of Service        -- Remote/Unauthenticated
                   Access Confidential Data -- Remote/Unauthenticated
                   Reduced Security         -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-25638 CVE-2020-11996 

Reference:         ESB-2021.0008
                   ESB-2020.4451
                   ESB-2020.4405
                   ESB-2020.4286

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:5388

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat support for Spring Boot 2.2.11 security update
Advisory ID:       RHSA-2020:5388-01
Product:           Red Hat OpenShift Application Runtimes
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:5388
Issue date:        2021-01-07
CVE Names:         CVE-2020-11996 CVE-2020-25638 
=====================================================================

1. Summary:

An update is now available for Red Hat support for Spring Boot.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each
vulnerability. For more information, see the CVE links in the References
section.

2. Description:

Red Hat support for Spring Boot provides an application platform that
reduces the complexity of developing and operating applications (monoliths
and microservices) for OpenShift as a containerized platform.

This release of Red Hat support for Spring Boot 2.2.11 serves as a
replacement for Red Hat support for Spring Boot 2.2.10, and includes
security and bug fixes and enhancements. For more information, see the
release notes listed in the References section.

Security Fix(es):

  * hibernate-core: SQL injection vulnerability when both
hibernate.use_sql_comments and JPQL String literals are used
(CVE-2020-25638)

  * tomcat: specially crafted sequence of HTTP/2 requests can lead to DoS
(CVE-2020-11996)

For more details about the security issues and their impact, the CVSS
score, acknowledgements, and other related information, see the CVE pages
listed in the References section.

3. Solution:

Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.

The References section of this erratum contains a download link for the
update. You must be logged in to download the update.

4. Bugs fixed (https://bugzilla.redhat.com/):

1851420 - CVE-2020-11996 tomcat: specially crafted sequence of HTTP/2 requests can lead to DoS
1881353 - CVE-2020-25638 hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

5. References:

https://access.redhat.com/security/cve/CVE-2020-11996
https://access.redhat.com/security/cve/CVE-2020-25638
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.spring.boot&version=2.2.11
https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/2.2/

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX/b1etzjgjWX9erEAQjZcQ/9G5Y11zAGobjakM8dwlbHwBuYCRHSpKRW
JjwwtG9cWL/GYN8+x/AZwDwehODarYPaDW+3bmwgGhRFy9JZdWFQ7lOdT/9Co4wb
mj/xpdOe7xZ9weqeaJZW/iw3TzH0V0puz6fklpZjMpZrglyxWYedBlsMp8x786Yf
juHL9iG18XQP1w4CB5a+86tp06/xHBfPlnaxA8V9ULFHPKoIZzPCXDMXNVgO49yc
bvn3xvYPmC3g0jb281mT9R2Kw0KC83azJyw8LlojfyKCcAq7JOeWRmNA0l3Nipdb
iSRrkrBU52zAk4BmXAGwITJP4xOIdwlDyQvrqCVpqL76CLWVDXPRpA9Xj6+Nj1s0
uXvU+lww71SuUDMB9U7YniY6qr34oEOfBXB9stPNkpN/MpeO6woMPHNUZI8g5QT0
IIuOKUQRTUGz920J+yCF9RdXaWSJmTA8lxzbP7FHTYbNOnLTBOjrjBOd9Zp6bk/6
sXr2LxQPowPhi4Pa/Mzs6fkI2XYoIfJVNb62rPpT9HfpsvLJDa6PbOhj1vaodohR
kICRSqV243C+v7DYzIcKRgYp+As5LfisOt3IOd1KPN71OFcdeJSaK4DcTEeWQYI2
JT6gWKsrcl82Hv6XxNQ0QGy+4iMAaTbUhygtNvF+E64fAAIii4e2ISnJDWSRpXx4
h87fw1ApUvM=
=dmJO
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX/exHeNLKJtyKPYoAQhdCg//bNAKVrLZ97A4mO7kUl9yNK6M8rDm5HPz
ONI6tAJu8RLitrNYlUjjS5VeY559l2ghDVedQOM7eD+F2HSeEBIpMC7XRfbtD3lt
gEKT5qH4TPg2ms1VBT2VVm2gCDEQYd6863rqJxt2JIido2yDoBo4btLrSq9LUR18
butWAh90tyyJNd0z/oGLFrsQMkK9CexhnaRBcKnV9TXX3zajraN5PVKYHqVrtUz3
SmyUFVVA1y6ZzajNkcqD+c95yAIpecUZ/g8aKIAtRymQcZ5bKUiVJGz0mfujc5Ew
b1WyyOKiLMV1/R8tTNxZ9VOruPF5iceWhnXIrgdQqFTAfuHnv8dUotuXnRN4tMlp
sKOVYJ7jO2MnJr+cfgAwjyik0NgY0dKyiNQQ0FMEZx600B4OICrhJaVNf7PYeFQi
My1MBMK3Q3AERR2hkqvVGu5XoEGkA9CF8fLx0gDHD7wkOqd6rNxyI3wJ/UjIhhG4
jeKRt8BHe7IDMFUl63GmZOKSeDnSHXO8fLLoYgiT7g1/xm5a07RixoEvUhUOnh18
uMX+v7TkZwM2GuUn3kW8JArZRXn9sjyl55743WrRS+kmHQdgF7D6KoywA9eeCVBe
jjYDLWROcfmCtSEnVu4/eas6g/40o/t4qfg6UUAs+5q/gl5UKaJNzS3CqOKQLzkY
4kISZXdKmgA=
=XluR
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0080 – [RedHat] Red Hat support for Spring Boot 2.2.11: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/esb-2021-0080-redhat-red-hat-support-for-spring-boot-2-2-11-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0080-redhat-red-hat-support-for-spring-boot-2-2-11-multiple-vulnerabilities

Automated Vulnerability Remediation – The Good, the Bad and the Ugly – PSW #679

The way we identify, prioritize, and mitigate software vulnerabilities was built in the reverse order. Why did it happen? Could a new remediation strategy finally form an alliance between IT and security teams?

This segment is sponsored by Vicarius.

Visit https://securityweekly.com/vicarius to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw679

The post Automated Vulnerability Remediation – The Good, the Bad and the Ugly – PSW #679 appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/automated-vulnerability-remediation-the-good-the-bad-and-the-ugly-psw-679/?utm_source=rss&utm_medium=rss&utm_campaign=automated-vulnerability-remediation-the-good-the-bad-and-the-ugly-psw-679

Top 5 Cybersecurity Trends for 2021

From personal health and business resiliency to an increasing number of cyber breaches, 2020 was certainly the year of risks.

The post Top 5 Cybersecurity Trends for 2021 appeared first on Security Boulevard.

Read More

The post Top 5 Cybersecurity Trends for 2021 appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/top-5-cybersecurity-trends-for-2021-2/?utm_source=rss&utm_medium=rss&utm_campaign=top-5-cybersecurity-trends-for-2021-2

Top 5 Cybersecurity Trends for 2021

From personal health and business resiliency to an increasing number of cyber breaches, 2020 was certainly the year of risks.

The post Top 5 Cybersecurity Trends for 2021 appeared first on Security Boulevard.

Read More

The post Top 5 Cybersecurity Trends for 2021 appeared first on Malware Devil.

https://malwaredevil.com/2021/01/08/top-5-cybersecurity-trends-for-2021/?utm_source=rss&utm_medium=rss&utm_campaign=top-5-cybersecurity-trends-for-2021