Malware Devil

Wednesday, April 28, 2021

Microsoft Office SharePoint Targeted With High-Risk Phish, Ransomware Attacks

SharePoint servers are being picked at with high-risk, legitimate-looking, branded phish messages and preyed on by a ransomware gang using an old bug.
Read More

The post Microsoft Office SharePoint Targeted With High-Risk Phish, Ransomware Attacks appeared first on Malware Devil.

https://malwaredevil.com/2021/04/28/microsoft-office-sharepoint-targeted-with-high-risk-phish-ransomware-attacks/?utm_source=rss&utm_medium=rss&utm_campaign=microsoft-office-sharepoint-targeted-with-high-risk-phish-ransomware-attacks

ESB-2021.1430 – [RedHat] etcd: Denial of service – Existing account

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1430
etcd security update
28 April 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: etcd
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Denial of Service — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2020-15112 CVE-2020-15106

Reference: ESB-2021.0946
ESB-2020.4383

Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:1407

– ————————–BEGIN INCLUDED TEXT——————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: etcd security update
Advisory ID: RHSA-2021:1407-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1407
Issue date: 2021-04-27
CVE Names: CVE-2020-15106 CVE-2020-15112
=====================================================================

1. Summary:

An update for etcd is now available for Red Hat Enterprise Linux 7 Extras.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux 7 Extras – ppc64le, s390x, x86_64

3. Description:

The etcd packages provide a highly available key-value store for shared
configuration.

Security Fix(es):

* etcd: Large slice causes panic in decodeRecord method (CVE-2020-15106)

* etcd: DoS in wal/wal.go (CVE-2020-15112)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1868872 – CVE-2020-15112 etcd: DoS in wal/wal.go
1868883 – CVE-2020-15106 etcd: Large slice causes panic in decodeRecord method

6. Package List:

Red Hat Enterprise Linux 7 Extras:

Source:
etcd-3.2.32-1.el7_9.src.rpm

ppc64le:
etcd-3.2.32-1.el7_9.ppc64le.rpm
etcd-debuginfo-3.2.32-1.el7_9.ppc64le.rpm

s390x:
etcd-3.2.32-1.el7_9.s390x.rpm
etcd-debuginfo-3.2.32-1.el7_9.s390x.rpm

x86_64:
etcd-3.2.32-1.el7_9.x86_64.rpm
etcd-debuginfo-3.2.32-1.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-15106
https://access.redhat.com/security/cve/CVE-2020-15112
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYIg6OtzjgjWX9erEAQh+CA/9Hn3Aq7nWwm357TZ2MytEkhdaXq7YA5bZ
rKeeUJo/he1Otmlt5WTog/Nk6eVIF4HCpiPsn1ZmyFDS9893MajQnD9rnJrfRgqT
I3RxelGGWIcUkDPIORdJHJ5MBM2oPdMguZ8ilEskq3rSaFrP8U7rrtOkIBbLpxA/
57lOUjSdRNbe2BXL3MFhn40Iohadv6JiMjqsZ3QLVIb29734Ed42VflsBIvSsRug
R+sh+HRdLYcj0O51Ewpsj1mgv6/g3nPQzohJG/T5C3IVoZ7wi2kSsVvDceZjoMU8
pM7nLQS5vD6kzIYQaUvz9aV1MvXjPtR9qo67Pkn3qs/oSOB0xIbqinl9svj3ARbR
1KqD20NI4Arze6eITy7mh5OVnUOMqWmnqb74v0pVzb3ssuhuUu9GDNewR+7N/EoT
yru+zjJyUBkDgcFlnyqpZuwhVyVF6kdZJOb2o1tH57VTUGJFMGbvU/8HM+5u/BJx
UiX77mqkQIlv/3Df9x4dSCdWBBThFHCyrucuc7toyjEQh7+CNAwELPWJIiX/K5s0
0y8Ul9b2lEwNIxR9m5uQ1U9T0Sraj8qAW3r7vrbD5exYExuifbTb3LBbgArrceYi
wRU+SzBRo4u8dJywDYC7iagEAXLYAHkUu5Vudb2yZ5rWUP1NlJzebP5qyUUC6Ay/
RKv1RzAQhqg=
=QxBg
– —–END PGP SIGNATURE—–

– ————————–END INCLUDED TEXT——————–

You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
—–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYIirm+NLKJtyKPYoAQhu9BAAkVSDtrHSamtIFY2vx40U5R9rKv1LUUuD
9nYxyVQMzEioPqu2c2F/VEE4X8VnBqAgxVkyB3TzlC+IRNlr5D8sG8F81nWkg4+v
rA2dbC7dRW5W1HiWMfCqjvOUwCLUDHEwKmS2pQsZZrhCapIeB49wk3uFKEOSA7cX
16Uej4qZJDDz2XfXrZevAiKt0LAZ6lVg+Outv3oxnEztXJO3t8LhYtAiHlB/Xp4k
Srcb2z0uVXr+CQbfX1tHBHBP7q6YZjgfX3RDfD6yXS/7srFwOq/DBabuQMYUIQOh
vP4D6ks/XVVW1PtIIB6le0P65KcBOSDeiExsnRIaSKt/xDzuA/Ls3HCWJDAy8jJq
i8dWGMItGNW8wcfbzjDv985ityq0hSJLG4+ArUzk14DVxsQ15N2RPHahWQ2mVy7o
yYmT6/YRLxWkibiH1akHXUjD8o3uvSd3hkbE0QsbQUiINv5rUjIuO3nUREQz+xRq
zdLBP6zmgHeghXiT2FXJW/+cRCqrBsLx3n9ll3A+EUwLd2De5f5idzfCjOH9VHSY
rHF8wR444DXv4/B3fthOxZTt1hDjrWy/ZVm4iReZ75MY/+HOHQZhAk5W+c5vzyMo
2M328RtyCY69pUCImQSGdzQHc1P7OEzYxwlAEgCxu+fSXvjhvBmoRUbLkH1jKmlp
utWt3Z5BVtg=
=ltAv
—–END PGP SIGNATURE—–

The post ESB-2021.1430 – [RedHat] etcd: Denial of service – Existing account appeared first on Malware Devil.

https://malwaredevil.com/2021/04/28/esb-2021-1430-redhat-etcd-denial-of-service-existing-account/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1430-redhat-etcd-denial-of-service-existing-account

ESB-2021.1431 – [RedHat] Red Hat Fuse: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1431
Red Hat Fuse 7.8.1 patch release and security update
28 April 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: Red Hat Fuse
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Access Confidential Data — Remote/Unauthenticated
Reduced Security — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-28052

Reference: ASB-2021.0086
ESB-2021.1001

Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:1401

– ————————–BEGIN INCLUDED TEXT——————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: Red Hat Fuse 7.8.1 patch release and security update
Advisory ID: RHSA-2021:1401-01
Product: Red Hat JBoss Fuse
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1401
Issue date: 2021-04-27
CVE Names: CVE-2020-28052
=====================================================================

1. Summary:

A micro version update (from 7.8.0 to 7.8.1) is now available for Red Hat
Fuse on Karaf and Red Hat Fuse on Spring Boot 2. The purpose of this
text-only errata is to inform you about the security issues fixed in this
release.

2. Description:

This release of Red Hat Fuse 7.8.1 serves as a patch to Red Hat Fuse on
Karaf and Red Hat Fuse on Spring Boot 2 (7.8.0), and includes security
fixes, which are documented in the Release Notes document linked to in the
References.

Security Fix(es):

* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility
possible – Karaf (CVE-2020-28052)

* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility
possible – Spring Boot 2 (CVE-2020-28052)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

3. Solution:

Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.

Installation instructions are available from the Fuse 7.8.0 product
documentation page:

https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/install
ing_on_apache_karaf/apply-hotfix-patch

https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deployi
ng_into_spring_boot/patch-red-hat-fuse-applications

4. Bugs fixed (https://bugzilla.redhat.com/):

1912881 – CVE-2020-28052 bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible

5. References:

https://access.redhat.com/security/cve/CVE-2020-28052
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse&downloadType=distributions&version=7.8.0

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYIfQDtzjgjWX9erEAQgs8g/8D1JzNDrU9s8NIDGecM17U83tb62pdeHi
2WzKUFsG5cebZV1UpvIF0oeoIwAzwSROw9/TRzi5tzeibPEPVdW94DO9qApRNSsS
TdNxAAuPxkQkx6DoUOPxqw/vDC9oI0jGILL/wGKRX39kKEhtknghSq/5nZrjkP9v
3Y+6c+eKwgEJWQRn93NPaKa3kc18laFSmGp+gKppzafAh6h3LYZwFtCJs9sn0Lbx
pEEujMp1hibg9uAE7EWzw0dbyjNgg3befA56V5DtusvkE+MrbyDtbm4rGxyEUTUg
CrXxcl93ErngWgscIVcjDOPU2KKuvaamjisk0UvcYLDNXlL7aMjqobyPBgi4BO8F
iPLuWcJLjkfEbLatNuz48tWjhUkk3httU3521AIt4SUgW2daR0lyEqx6aHY5K2hX
apW0wsfnpaTSDOn+PFCnBI6lvhxR9YUgiAphcmhNUJWDrOu1t8wesP4iBsfwj3mf
rZFZlWAF02PV09I448NhDQwxnoSopj5S9MH+KQeipGeH1mpxP+HJSqTAABHm+sxO
bowQGVUdq/b1q8Dl2AU6/f9uyKygWNzWnYRJsQNb5POjauZVdVylF4mv0wcZiD1y
slOPltC+Qg7aJTInhJfwvQURDZON3A3qVk57dM+wOFNxnqEEVbCbvKT2Pi5S4ZW7
kMEDdFVBaGc=
=1BzY
– —–END PGP SIGNATURE—–

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYIisnuNLKJtyKPYoAQgxHRAAggHUqWuIXxvVQ9bmBMwHYoYkUKLK1FWX
mjvWOe5/JE9yfcXx5weXxvH3EC20w7WeW+NDXZPCgmBxJ1jsHDKH5jJbDykjPtKf
KIRq1xUpvR3+q0FXM/5CLkjz2jfcwPc4my2hKhhSgd9j4Qk1IWoamMobrV2G3C2f
UDdNtDtPSuL8aMGsIxNTQlqvrD7zc5gEA95TlyvYcqUBXbwR+2E+F6LSaD3lfb+7
IXoAG75DJMOBo7iiKMfMwaXA9iokeIVRdzxXOwPfDKzmf1U51ffyH970ygyy2Gz7
naGlACjQU8LjpOtwnOHMDaTlL7Cp7UGzjKZhkAs3zm0RV6/hpWSlDQ09vNnhzQqu
yzPupArYlksrWv8lpR5eV0mtalYjT6t6t2zSeg7X+52fcVYJRsmfXn+2pA4SN9Wc
HidfVu7BlFwO+AuCSlf/9d0N2lE8IQr5OluitQ857gS159nd62tSazuHO/HUuaIO
GcHNUf2fGInHqBhA57ZJClhMc9bva0zMBBPLkEwTZ5OhsdQ1XgXHyxPZedITgMCG
QZBOXmbRoviyY+llROjhYE4nWnLLhjOMP3OCWuSE4bObCMIte8tDVzNmALY2krgw
9zFrJOEa1+qxTZIfNLnbCNm3MEsVQ3+6/D/LvH19ehEh1S53zykuFQQoTzR1tKum
El5dBgDgG1U=
=GbwW
—–END PGP SIGNATURE—–

The post ESB-2021.1431 – [RedHat] Red Hat Fuse: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/04/28/esb-2021-1431-redhat-red-hat-fuse-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1431-redhat-red-hat-fuse-multiple-vulnerabilities

ESB-2021.1432 – [RedHat] openldap: Denial of service – Remote/unauthenticated

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1432
openldap security update
28 April 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: openldap
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Denial of Service — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-25692

Reference: ESB-2020.4057
ESB-2020.4032

Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:1389

– ————————–BEGIN INCLUDED TEXT——————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: openldap security update
Advisory ID: RHSA-2021:1389-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1389
Issue date: 2021-04-27
CVE Names: CVE-2020-25692
=====================================================================

1. Summary:

An update for openldap is now available for Red Hat Enterprise Linux 7.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) – x86_64
Red Hat Enterprise Linux Client Optional (v. 7) – x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) – x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) – x86_64
Red Hat Enterprise Linux Server (v. 7) – ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) – ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) – x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) – x86_64

3. Description:

OpenLDAP is an open-source suite of Lightweight Directory Access Protocol
(LDAP) applications and development tools. LDAP is a set of protocols used
to access and maintain distributed directory information services over an
IP network.

Security Fix(es):

* openldap: NULL pointer dereference for unauthenticated packet in slapd
(CVE-2020-25692)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1894567 – CVE-2020-25692 openldap: NULL pointer dereference for unauthenticated packet in slapd

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
openldap-2.4.44-23.el7_9.src.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
openldap-debuginfo-2.4.44-23.el7_9.i686.rpm
openldap-debuginfo-2.4.44-23.el7_9.x86_64.rpm
openldap-devel-2.4.44-23.el7_9.i686.rpm
openldap-devel-2.4.44-23.el7_9.x86_64.rpm
openldap-servers-2.4.44-23.el7_9.x86_64.rpm
openldap-servers-sql-2.4.44-23.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
openldap-2.4.44-23.el7_9.src.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Red Hat Enterprise Linux Server (v. 7):

Source:
openldap-2.4.44-23.el7_9.src.rpm

ppc64:
openldap-2.4.44-23.el7_9.ppc.rpm
openldap-2.4.44-23.el7_9.ppc64.rpm
openldap-clients-2.4.44-23.el7_9.ppc64.rpm
openldap-debuginfo-2.4.44-23.el7_9.ppc.rpm
openldap-debuginfo-2.4.44-23.el7_9.ppc64.rpm
openldap-devel-2.4.44-23.el7_9.ppc.rpm
openldap-devel-2.4.44-23.el7_9.ppc64.rpm
openldap-servers-2.4.44-23.el7_9.ppc64.rpm

ppc64le:
openldap-2.4.44-23.el7_9.ppc64le.rpm
openldap-clients-2.4.44-23.el7_9.ppc64le.rpm
openldap-debuginfo-2.4.44-23.el7_9.ppc64le.rpm
openldap-devel-2.4.44-23.el7_9.ppc64le.rpm
openldap-servers-2.4.44-23.el7_9.ppc64le.rpm

s390x:
openldap-2.4.44-23.el7_9.s390.rpm
openldap-2.4.44-23.el7_9.s390x.rpm
openldap-clients-2.4.44-23.el7_9.s390x.rpm
openldap-debuginfo-2.4.44-23.el7_9.s390.rpm
openldap-debuginfo-2.4.44-23.el7_9.s390x.rpm
openldap-devel-2.4.44-23.el7_9.s390.rpm
openldap-devel-2.4.44-23.el7_9.s390x.rpm
openldap-servers-2.4.44-23.el7_9.s390x.rpm

x86_64:
openldap-2.4.44-23.el7_9.i686.rpm
openldap-2.4.44-23.el7_9.x86_64.rpm
openldap-clients-2.4.44-23.el7_9.x86_64.rpm
openldap-debuginfo-2.4.44-23.el7_9.i686.rpm
openldap-debuginfo-2.4.44-23.el7_9.x86_64.rpm
openldap-devel-2.4.44-23.el7_9.i686.rpm
openldap-devel-2.4.44-23.el7_9.x86_64.rpm
openldap-servers-2.4.44-23.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
openldap-debuginfo-2.4.44-23.el7_9.ppc64.rpm
openldap-servers-sql-2.4.44-23.el7_9.ppc64.rpm

ppc64le:
openldap-debuginfo-2.4.44-23.el7_9.ppc64le.rpm
openldap-servers-sql-2.4.44-23.el7_9.ppc64le.rpm

s390x:
openldap-debuginfo-2.4.44-23.el7_9.s390x.rpm
openldap-servers-sql-2.4.44-23.el7_9.s390x.rpm

x86_64:
openldap-debuginfo-2.4.44-23.el7_9.x86_64.rpm
openldap-servers-sql-2.4.44-23.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
openldap-2.4.44-23.el7_9.src.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
openldap-debuginfo-2.4.44-23.el7_9.x86_64.rpm
openldap-servers-sql-2.4.44-23.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-25692
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYIf4AdzjgjWX9erEAQio+Q/+L4PMy/6LuPxuy89cx+jompfILbD6SUON
W5PWGpb8EPKdcusExSc5iw4YK0tytF4CM2JkMiW22fH6DFkUEAuiTPzT68y2ITF4
caw6RJfRlGb8RrVO/xy+oKhrk0LBWckp7SwB85D4pNquza9Efz/XPRzAiD2ll/O6
tPX96kccZuN+sKpnr65NqIsP0bpOh+B0oOTw/i2sKbvU9ga5ceIcgnQwe8ZVbZxe
UBgMOwPAvCX1Hnu/JwxgdV36PZvcCUYIMt3Y7fg7IyLdWIYNqARmTkrewY0k7brM
K+ArQJQ6O6h15HtaxR1oXLel3wfWqpVRto3h58FQxEVDXzmTsGU33yD1/+JZPA+x
Rs7eQqL8HapLcchjZ8lFDYVjTBr+mu+G47Ra8Ib3bE+azOq7XGV0znIll5OaYYK5
rIUBwAsjqEk1/VZgwqSu5ps6VOJPUPtjOqCLmbkpDKwSXWDdj6e07NGEcCM7GUzO
2BGUrqgDFx10SPjUPBYroETQyAWa+bH4VY7LIiR+XwWFkwnLBiiUHFCiNkbD0LOu
WxTPgekUjQiJcl/Ti0t9KuduvACKRVPmHeC4nvxvAPnF2APIF5hStHM47BzOMZVj
nKwfmfWF2A7hcSOOQQ3hZJIm2OBP+xxsheteBCnq0ZnSdeGpq2gvEAbrhEuzSJyD
PjvWVWn97zU=
=SKSI
– —–END PGP SIGNATURE—–

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYIithuNLKJtyKPYoAQjqTw//VNGEbEunCcgYQphhJenieYVfCqZnL/DQ
+sCNTTImCsVvpLvai90KpZO8Z8fJyVKsP7Iv0Py8vSHjZGNKH6rJ3F2WY/HhBwZF
C+2G8RSb3C2IlkNarrPEi4A5Q/w9sV9vc4P2fKwht2gO+r/kAT+u5ITULEhaXhdZ
XNKdhdW+pOrqIs7sfeZZHCZ9qKNr76GHY3IW9uuMtFk1CkVRhFwWEGyr1eR4e5Fk
3K991Y8NS5bnPq0NSEODhUe8M3QEUBb11k4RJNPiGvDSFBWFlpM+4P4Pyz8si9SV
+WMBYCYzsDmlzjezMq8JAG9fXXBgir6HOvlbxXzyKpxu2oLPa3W64/tzopesnh/o
k/5IDP6MAirJWAOLj7MZ+M28/fHvlYMMOMk0V8z+X59rZVuQmTdsFF5mEdPwndEY
ROd2415Ham+ZSunDZulqsl5RfNEZYnHc+mjEh68fT6tIlhbLlkdqGBy1NCFiabnc
IgpEkd4F/u14Flza5PauxDy/X/ZfjbsqZtsAw/60LOTRj0PlY0p+ACv/NA/JpLti
77bgHhBwBh7JsIeFRxdKp1KDbA9IW3gjNkB1EOmDWZWUTgJJxilv7HigOy2dabfm
bqk6OApjQp1vzorPedtF7UUscnbOFdvbUIy7LBvk6hLQlQlhL5zir0riVaJkf74L
ihTn3M6vP3g=
=HSQD
—–END PGP SIGNATURE—–

The post ESB-2021.1432 – [RedHat] openldap: Denial of service – Remote/unauthenticated appeared first on Malware Devil.

https://malwaredevil.com/2021/04/28/esb-2021-1432-redhat-openldap-denial-of-service-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1432-redhat-openldap-denial-of-service-remote-unauthenticated

ESB-2021.1433 – [Win][UNIX/Linux][RedHat] nss: Denial of service – Remote/unauthenticated

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1433
nss security and bug fix update
28 April 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: nss
Publisher: Red Hat
Operating System: Red Hat
UNIX variants (UNIX, Linux, OSX)
Windows
Impact/Access: Denial of Service — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-25648

Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:1384

Comment: This advisory references vulnerabilities in products which run on
platforms other than Red Hat. It is recommended that administrators
running nss check for an updated version of the software for their
operating system.

– ————————–BEGIN INCLUDED TEXT——————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: nss security and bug fix update
Advisory ID: RHSA-2021:1384-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1384
Issue date: 2021-04-27
CVE Names: CVE-2020-25648
=====================================================================

1. Summary:

An update for nss is now available for Red Hat Enterprise Linux 7.

2. Relevant releases/architectures:

3. Description:

Network Security Services (NSS) is a set of libraries designed to support
the cross-platform development of security-enabled client and server
applications.

Security Fix(es):

* nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* FTBFS: Paypal Cert expired (BZ#1883973)

* FTBFS: IKE CLASS_1563 fails gtest (BZ#1884793)

* Cannot compile code with nss headers and -Werror=strict-prototypes
(BZ#1885321)

* CA HSM ncipher token disabled after RHEL-7.9 update (BZ#1932193)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, applications using NSS (for example, Firefox)
must be restarted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1883973 – FTBFS: Paypal Cert expired [rhel-7.9.z]
1884793 – FTBFS: IKE CLASS_1563 fails gtest [rhel-7.9.z]
1885321 – Cannot compile code with nss headers and -Werror=strict-prototypes
1887319 – CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
nss-3.53.1-7.el7_9.src.rpm

x86_64:
nss-3.53.1-7.el7_9.i686.rpm
nss-3.53.1-7.el7_9.x86_64.rpm
nss-debuginfo-3.53.1-7.el7_9.i686.rpm
nss-debuginfo-3.53.1-7.el7_9.x86_64.rpm
nss-sysinit-3.53.1-7.el7_9.x86_64.rpm
nss-tools-3.53.1-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
nss-debuginfo-3.53.1-7.el7_9.i686.rpm
nss-debuginfo-3.53.1-7.el7_9.x86_64.rpm
nss-devel-3.53.1-7.el7_9.i686.rpm
nss-devel-3.53.1-7.el7_9.x86_64.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.i686.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
nss-3.53.1-7.el7_9.src.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

Red Hat Enterprise Linux Server (v. 7):

Source:
nss-3.53.1-7.el7_9.src.rpm

ppc64:
nss-3.53.1-7.el7_9.ppc.rpm
nss-3.53.1-7.el7_9.ppc64.rpm
nss-debuginfo-3.53.1-7.el7_9.ppc.rpm
nss-debuginfo-3.53.1-7.el7_9.ppc64.rpm
nss-devel-3.53.1-7.el7_9.ppc.rpm
nss-devel-3.53.1-7.el7_9.ppc64.rpm
nss-sysinit-3.53.1-7.el7_9.ppc64.rpm
nss-tools-3.53.1-7.el7_9.ppc64.rpm

ppc64le:
nss-3.53.1-7.el7_9.ppc64le.rpm
nss-debuginfo-3.53.1-7.el7_9.ppc64le.rpm
nss-devel-3.53.1-7.el7_9.ppc64le.rpm
nss-sysinit-3.53.1-7.el7_9.ppc64le.rpm
nss-tools-3.53.1-7.el7_9.ppc64le.rpm

s390x:
nss-3.53.1-7.el7_9.s390.rpm
nss-3.53.1-7.el7_9.s390x.rpm
nss-debuginfo-3.53.1-7.el7_9.s390.rpm
nss-debuginfo-3.53.1-7.el7_9.s390x.rpm
nss-devel-3.53.1-7.el7_9.s390.rpm
nss-devel-3.53.1-7.el7_9.s390x.rpm
nss-sysinit-3.53.1-7.el7_9.s390x.rpm
nss-tools-3.53.1-7.el7_9.s390x.rpm

x86_64:
nss-3.53.1-7.el7_9.i686.rpm
nss-3.53.1-7.el7_9.x86_64.rpm
nss-debuginfo-3.53.1-7.el7_9.i686.rpm
nss-debuginfo-3.53.1-7.el7_9.x86_64.rpm
nss-devel-3.53.1-7.el7_9.i686.rpm
nss-devel-3.53.1-7.el7_9.x86_64.rpm
nss-sysinit-3.53.1-7.el7_9.x86_64.rpm
nss-tools-3.53.1-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
nss-debuginfo-3.53.1-7.el7_9.ppc.rpm
nss-debuginfo-3.53.1-7.el7_9.ppc64.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.ppc.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.ppc64.rpm

ppc64le:
nss-debuginfo-3.53.1-7.el7_9.ppc64le.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.ppc64le.rpm

s390x:
nss-debuginfo-3.53.1-7.el7_9.s390.rpm
nss-debuginfo-3.53.1-7.el7_9.s390x.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.s390.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.s390x.rpm

x86_64:
nss-debuginfo-3.53.1-7.el7_9.i686.rpm
nss-debuginfo-3.53.1-7.el7_9.x86_64.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.i686.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
nss-3.53.1-7.el7_9.src.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
nss-debuginfo-3.53.1-7.el7_9.i686.rpm
nss-debuginfo-3.53.1-7.el7_9.x86_64.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.i686.rpm
nss-pkcs11-devel-3.53.1-7.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-25648
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYIf359zjgjWX9erEAQigOw//TKzf8ctaWjAPFaHygoCMnTJCG/XebHId
iAPskx6/0IoejR+bMnQ9JA/pkcorSAEMY6C2is8t4nWSTqR1X5HVbIjMMs9s1GTQ
EwZyrk7l+bdnXdBVWnv/UyhNG8D/FI8Aim7LQGCZDt5tt+HxWtmhZ/l9/yUKvmFy
RPO14MFvLP8EzBZPHji/mt8TXuK/rFcvYwNMLavBW3H1rMj6BkTTz7QCnleCT1et
CXm8swtiV6DccM33hH5R6M+7vuoQG4UJuIIgroW7wiLctmf8e48WSuppXPqpth7E
1hiE6WSbdixfMufXA3nvEbHNyH1Q6mv8KS2+QUVSO78ll2WPlPovE4rvLNa8867I
paJ/G3fh3EgOtY2kWfCcvuI5EmAuLpxCPSc1yH13W8Q0xljfQzIkrKnSxH/IWXXl
cKmG2YmBapWVdFXTAe8zuefDQT0qxKw3JfM4z3P2TIKF3FIRAk14tSd6U8+Z6zHS
/HlIvW2GgEQaSV+yyfC8La6TRrvYw8e+LmXqyU5W8TGv+IW76b7Wxl18rYd+ubQt
oIxyxE3rDcCBoGxexqSkcpox9AZYZrScIFCcoPPZCbGNhYNjpgpwa9+6rUnSfCGC
t1u+krciwT8yoniesZsNZP+S5/yhuXQNP171nOXsOwY2WyCj2GsfMYJyMYe90DxZ
wAIZFLjBDJ0=
=9dqh
– —–END PGP SIGNATURE—–

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYIitpONLKJtyKPYoAQhY5g//ZtI7rusMwFktXYJ0fpHVpLDdbIaDcZu1
dJao7rCZ0ge1ng2BTBauigVExnJ2/jmC1fG10kRoAnJF3RS204ttce7QRxRl5bMz
h682ni2IEQgaQGenPUmlkmQd52sKzegBiABtMeHE/9jQ0GjPulVZ0+MqplDKeadh
4IV1OXgwcHS6r35TI+0JajRJC0Z/oH8c8bk6e78CPGfz6eHIDChym3kJYLCtS3ua
HaMT2inxLVlnAyw2q/VkpjabOvPbe6TD9T6TcqnFZblo5+6FRVHekSWPrQpy2mjE
xQ1RbdR2GxRJPvTwIPxuFPQrUZ0j6iG7UWW+iB5Oo9BbBtmKObXiXQvAao97k0u/
BFzQdBtYeZTox4qlzcGpdcCJvj/u41QVJJZZgrPjeOQlPVNInqVLmyqtHsN6cApb
jDn6GkWfL9DI0rsXSXhpREezs7jhay0JhVzVYjOtz0/WH1qn9lriaASMZqkr5cYb
gQnw4Zf1vlG5Qd7pPY33+MsoghwhbTvNw2a41ZaFKv8U2DusqhV9RkJ/FBAZBrWH
hh7CUL+XCJfMPQHcDaUf0CvEXzTpjZ5u7tATLqcH8KYo9w++TcjjEe9dpsKN5prA
Y8qigwPI4NHs3AhjBytijGdwH1xrMcXm1CLl7bKGSzu1APcMgeNm7dPpnL7JgiXG
6OKgl4mHPmE=
=pBVZ
—–END PGP SIGNATURE—–

The post ESB-2021.1433 – [Win][UNIX/Linux][RedHat] nss: Denial of service – Remote/unauthenticated appeared first on Malware Devil.

https://malwaredevil.com/2021/04/28/esb-2021-1433-winunix-linuxredhat-nss-denial-of-service-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1433-winunix-linuxredhat-nss-denial-of-service-remote-unauthenticated

ESB-2021.1434 – [RedHat] kernel-alt: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1434
kernel-alt security and bug fix update
28 April 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: kernel-alt
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Execute Arbitrary Code/Commands — Existing Account
Increased Privileges — Existing Account
Denial of Service — Existing Account
Access Confidential Data — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-27365 CVE-2021-27364 CVE-2021-3347
CVE-2020-11669

Reference: ESB-2021.1406
ESB-2021.1340
ESB-2020.1585

Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:1379

– ————————–BEGIN INCLUDED TEXT——————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: kernel-alt security and bug fix update
Advisory ID: RHSA-2021:1379-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1379
Issue date: 2021-04-27
CVE Names: CVE-2020-11669 CVE-2021-3347 CVE-2021-27364
CVE-2021-27365
=====================================================================

1. Summary:

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) – aarch64, noarch, ppc64le, s390x
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) – aarch64, noarch, ppc64le

3. Description:

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es):

* kernel: Use after free via PI futex state (CVE-2021-3347)

* kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)

* kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)

* kernel: powerpc: guest can cause DoS on POWER9 KVM hosts (CVE-2020-11669)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Kernel oops when resizing ext4 filesystem [rhel-alt-7.6.z] (BZ#1790900)

* [ipv6][ipsec]:unregister_netdevice: waiting for lo to become free. Usage
count = 4 (BZ#1920805)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1824803 – CVE-2020-11669 kernel: powerpc: guest can cause DoS on POWER9 KVM hosts
1922249 – CVE-2021-3347 kernel: Use after free via PI futex state
1930078 – CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem
1930080 – CVE-2021-27364 kernel: out-of-bounds read in libiscsi module

6. Package List:

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):

Source:
kernel-alt-4.14.0-115.36.1.el7a.src.rpm

aarch64:
kernel-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-debug-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-debug-debuginfo-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-debug-devel-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-debuginfo-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-debuginfo-common-aarch64-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-devel-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-headers-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-tools-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-tools-debuginfo-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-tools-libs-4.14.0-115.36.1.el7a.aarch64.rpm
perf-4.14.0-115.36.1.el7a.aarch64.rpm
perf-debuginfo-4.14.0-115.36.1.el7a.aarch64.rpm
python-perf-4.14.0-115.36.1.el7a.aarch64.rpm
python-perf-debuginfo-4.14.0-115.36.1.el7a.aarch64.rpm

noarch:
kernel-abi-whitelists-4.14.0-115.36.1.el7a.noarch.rpm
kernel-doc-4.14.0-115.36.1.el7a.noarch.rpm

ppc64le:
kernel-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-bootwrapper-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-debug-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-debug-debuginfo-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-debuginfo-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-devel-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-headers-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-tools-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-tools-debuginfo-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-tools-libs-4.14.0-115.36.1.el7a.ppc64le.rpm
perf-4.14.0-115.36.1.el7a.ppc64le.rpm
perf-debuginfo-4.14.0-115.36.1.el7a.ppc64le.rpm
python-perf-4.14.0-115.36.1.el7a.ppc64le.rpm
python-perf-debuginfo-4.14.0-115.36.1.el7a.ppc64le.rpm

s390x:
kernel-4.14.0-115.36.1.el7a.s390x.rpm
kernel-debug-4.14.0-115.36.1.el7a.s390x.rpm
kernel-debug-debuginfo-4.14.0-115.36.1.el7a.s390x.rpm
kernel-debug-devel-4.14.0-115.36.1.el7a.s390x.rpm
kernel-debuginfo-4.14.0-115.36.1.el7a.s390x.rpm
kernel-debuginfo-common-s390x-4.14.0-115.36.1.el7a.s390x.rpm
kernel-devel-4.14.0-115.36.1.el7a.s390x.rpm
kernel-headers-4.14.0-115.36.1.el7a.s390x.rpm
kernel-kdump-4.14.0-115.36.1.el7a.s390x.rpm
kernel-kdump-debuginfo-4.14.0-115.36.1.el7a.s390x.rpm
kernel-kdump-devel-4.14.0-115.36.1.el7a.s390x.rpm
perf-4.14.0-115.36.1.el7a.s390x.rpm
perf-debuginfo-4.14.0-115.36.1.el7a.s390x.rpm
python-perf-4.14.0-115.36.1.el7a.s390x.rpm
python-perf-debuginfo-4.14.0-115.36.1.el7a.s390x.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):

aarch64:
kernel-debug-debuginfo-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-debuginfo-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-debuginfo-common-aarch64-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-tools-debuginfo-4.14.0-115.36.1.el7a.aarch64.rpm
kernel-tools-libs-devel-4.14.0-115.36.1.el7a.aarch64.rpm
perf-debuginfo-4.14.0-115.36.1.el7a.aarch64.rpm
python-perf-debuginfo-4.14.0-115.36.1.el7a.aarch64.rpm

noarch:
kernel-doc-4.14.0-115.36.1.el7a.noarch.rpm

ppc64le:
kernel-debug-debuginfo-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-debug-devel-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-debuginfo-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-tools-debuginfo-4.14.0-115.36.1.el7a.ppc64le.rpm
kernel-tools-libs-devel-4.14.0-115.36.1.el7a.ppc64le.rpm
perf-debuginfo-4.14.0-115.36.1.el7a.ppc64le.rpm
python-perf-debuginfo-4.14.0-115.36.1.el7a.ppc64le.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-11669
https://access.redhat.com/security/cve/CVE-2021-3347
https://access.redhat.com/security/cve/CVE-2021-27364
https://access.redhat.com/security/cve/CVE-2021-27365
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYIe7qtzjgjWX9erEAQjF1RAAn1+eHBnhX8QxMVcJQqQQlezFDEvu3HEG
8iBXQqopg7tOFtr0INmlxomE+Fh1wtaBFrEEdXtp9/LEayJg8ZyFn19jrQcic2ne
1/fNfgdYw7uhihDV6C2aET3p9tyQhkHglRpyB4Nw5D8sUwFRzu1PGalTULif6qIX
XnEbk1Y+CYpDkyrrpVC8VNB2qflPrKWodnbsiLaCX67aGRBKJ2ltyH6Ni5idSTyi
PZc3NwE0yVzOMdiDQflJveneWieqHLJef0IlUNXSYQLf/CmwypSdwKRIGO51zt0a
ryQZe6fxFi1X4F20ZmqjLriVnYwM2L5G83/7Fnuhk/AQtHk2G0Z/8fgU5sJkI3a3
BN74H1TM/5EjVKlKivRor8jRNznXoydBHxfIYLRjXhzALNOxNCg9S46oRFC6poOA
TyGP7a85DdaSiLEz5RK1sTq2o2rUu1i1m5luQjLJEX5usbT4UQNyAKaTdflVt1qX
lsvEUBI/fzcC/SgENNywxMSrfCH2p6PKVadn5JAcR4ZG1ruwXfxlOb4/EncrZjym
VrvNLsswOZX3zaDYuv1B9LFk7M3R/GOWtAm4ThZmo+ehGtddur+0Z9q42yJBBsuu
4TgLCrcfwxTCXoiXaWtUuDu20+RJIu61TiAI+3HU6k87EFT3vsO26NBgHQEBDutC
feRWk4LPFeg=
=niZr
– —–END PGP SIGNATURE—–

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYIiuu+NLKJtyKPYoAQjxTg//f+FSdytP0lcK1vOBG5ey1ySKgMRgeG/i
VtZeguqSV54Yd62I6WdS2gYzz3X0POmjVNP0ZQMguopEAOYKEKQliHVUHLdktHo3
tmcwJp4AzWuM2S5msOSZwhPncLVHCPvY2jGS8bwQWYCIY9Bvo6CK1HJwxPINqzM0
1HBXxKfhuvEoIRLQ+J2KQ1LW1a9kgPhNKail9PM/93FY9d+7/Y5dLUNLrQghs0wC
Ir4qhrZkhNX3VHfWE2EMfCVGYy436/VJPp44RSZhxKnM4hOg/bf0V+zW0c27ZhoM
4mQZzeojGoS/YkzYHuvqEZDQSnhkamZB1VaAnSuRteL4n9LIeEKqIDe1yrW5obCi
4pqrQKcSILYPal7hHG31407wFaZswWQXT+/8GfiGmBj3PITi0SI672IO5m3+TngA
bhmIolonmqhRZNMsw4jwonwzWZcTQj1/o6a4kMZQUmMhRM51NDo3yQMHbtODJkmv
jB5ZNuLdHj+VQwaJ+/IuTo8wsaIh4v2un1NgOWx6SRJX1qixO9PbB0bR449F20aU
Q7VI453rmuuH33vBaFaRyXJUP2o0viuCy7PHBZFVJOYL1QUcUJUwOGzAEq5jP6Ax
3akGLrMkPh4gigiUoOh1hlKEZy454oAC1tbwR0wh/67j25e6uM85lvG6qBfPSYrT
1pBas/69d8s=
=E/4m
—–END PGP SIGNATURE—–

The post ESB-2021.1434 – [RedHat] kernel-alt: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/04/28/esb-2021-1434-redhat-kernel-alt-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1434-redhat-kernel-alt-multiple-vulnerabilities

ESB-2021.1435 – [RedHat] kpatch-patch: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1435
kpatch-patch security update
28 April 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: kpatch-patch
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Execute Arbitrary Code/Commands — Existing Account
Overwrite Arbitrary Files — Existing Account
Denial of Service — Existing Account
Access Confidential Data — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-27365 CVE-2021-27364 CVE-2020-28374

Reference: ESB-2021.1406
ESB-2021.1307

Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:1377

– ————————–BEGIN INCLUDED TEXT——————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: kpatch-patch security update
Advisory ID: RHSA-2021:1377-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1377
Issue date: 2021-04-27
CVE Names: CVE-2020-28374 CVE-2021-27364 CVE-2021-27365
=====================================================================

1. Summary:

An update is now available for Red Hat Enterprise Linux 7.6 Extended Update
Support.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server EUS (v. 7.6) – ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: SCSI target (LIO) write to any block on ILO backstore
(CVE-2020-28374)

* kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)

* kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1899804 – CVE-2020-28374 kernel: SCSI target (LIO) write to any block on ILO backstore
1930078 – CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem
1930080 – CVE-2021-27364 kernel: out-of-bounds read in libiscsi module

6. Package List:

Red Hat Enterprise Linux Server EUS (v. 7.6):

Source:
kpatch-patch-3_10_0-957_54_1-1-3.el7.src.rpm
kpatch-patch-3_10_0-957_56_1-1-3.el7.src.rpm
kpatch-patch-3_10_0-957_58_2-1-3.el7.src.rpm
kpatch-patch-3_10_0-957_61_1-1-3.el7.src.rpm
kpatch-patch-3_10_0-957_61_2-1-3.el7.src.rpm
kpatch-patch-3_10_0-957_62_1-1-3.el7.src.rpm
kpatch-patch-3_10_0-957_65_1-1-3.el7.src.rpm
kpatch-patch-3_10_0-957_66_1-1-3.el7.src.rpm
kpatch-patch-3_10_0-957_70_1-1-2.el7.src.rpm

ppc64le:
kpatch-patch-3_10_0-957_54_1-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_54_1-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_56_1-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_56_1-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_58_2-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_58_2-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_61_1-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_61_1-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_61_2-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_61_2-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_62_1-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_62_1-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_65_1-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_65_1-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_66_1-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_66_1-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_70_1-1-2.el7.ppc64le.rpm
kpatch-patch-3_10_0-957_70_1-debuginfo-1-2.el7.ppc64le.rpm

x86_64:
kpatch-patch-3_10_0-957_54_1-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_54_1-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_56_1-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_56_1-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_58_2-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_58_2-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_61_1-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_61_1-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_61_2-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_61_2-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_62_1-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_62_1-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_65_1-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_65_1-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_66_1-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_66_1-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-957_70_1-1-2.el7.x86_64.rpm
kpatch-patch-3_10_0-957_70_1-debuginfo-1-2.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-28374
https://access.redhat.com/security/cve/CVE-2021-27364
https://access.redhat.com/security/cve/CVE-2021-27365
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYIfMitzjgjWX9erEAQiowg/+JNPpL5IrYjfRb5Rzmb3deEPlASxTbXGT
VoOI+MC7WqXMPXGNJ/rCR/hbAPjT+GDDna0jELyS9zV0NthxyJpAgAZa6gJkGkGN
9U36kLn8taRsyE9ICi1XXGlKvPdUDZjZWTSzpcY00tL9XH3R6wdFSUUSbcxi/GuM
Y/xsjuJy2+wrPU7vnlWcTbb/tHod4J1UbyggTnFnvNqCGmJdvr8Jb7hFnycv7ajB
r+1Dm1umCFG+jMlnDlmIX5OfQ/4Hd6c+o7BGID8czWhwewO74m4txq6RIoWSuXc+
K9eeFZwXemN+KazE5nndlC8SJMrVZHAU0No3kacMiwtqpGclbwxT+/U+vX9VkP50
NMbtwq37OvfggQhFFinlF4jx+8EYRmYHDGtCtVhPdW2L3TcGeCmf9NX5bU0XGhoQ
JbMhBtTJm7M0fNIDZuqBvYrFQvVzOOtGGPgxoRYUsLMxwAcQFXAQ++bTjCObL9jM
96xCDwAjpaUkuhv0Bae9g+h6ioibDSfPhWqUVWGUPW1sMwhxUwADc5MUvj0SSopN
vHSDC7NdiizF7gn+54T82cUFm6GNb2kapGlLGycdaQC6bQrwK8pMtI4+xiO+Pl0B
DMBhIvYEJ6FekojLAnXitTNaXiBVb0XHki7V6H3mfWOy4OniL5AQeUXtev3w9l4i
NNsuzgxtDn0=
=sh9e
– —–END PGP SIGNATURE—–

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYIivOuNLKJtyKPYoAQg/hw//Y8/1TJSv/OKJrh64wl1JX11XrrVot/LO
sulxijpRTvGVtmIflhNV3MU73KFEDra2nqwDoHMoOccY4gdHTh1tgqCU2bBjumS9
DF1TSUBXf69EEusgpf07H8SEwbHtavKyeWp1xyNw2FTcVjub6BsWQymATAvKvufB
3BNQIa6CUF9QXhwA/UBucILhWOQo2vW94jXaBXjdSkoq3tXTgvEXAVOlnGMNFiwv
9eBDFo7ETzSEcLCYfL3Pl0GZgft5RfXRmBxlHNsmpWEG2YJobSQOP790lTPo17I2
fPKzLFO+g5fePI5NkErbZSSR9Qf8DD7aaL8Nfh3ZyhTcUfQjZSOA2IvTchTT85dX
nBmk+hWa7/fH66tgSrGXJLJpebDWYifjNuMLAUQeKMh9rCrn1cZsmWdFTW6+zAQp
GtJsHfcv2FYIjrZpPYWGlaW+T9rWlH3L/keujkp1ybgb+nhnoFKjNkIybSE3RNLa
4R2vIncu7HA5K5L23mceLcpYi/+PT9ijK2yRuhReVh/FJ4uCmfFGnBwV5PPbZF88
I5HpaRJN08DUu7lnjlSBXxl9b5wD6Z2NaL/op25cPhPDhTNaXSsIX1dytjVBUlFl
kRdLT5t9MS8jOaOA36tl0eeFaCkAam7uI64gEhxGwX4TbZPlSoPrWO3pHXaMKBsp
7BDxKeGYbJI=
=CszZ
—–END PGP SIGNATURE—–

The post ESB-2021.1435 – [RedHat] kpatch-patch: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/04/28/esb-2021-1435-redhat-kpatch-patch-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1435-redhat-kpatch-patch-multiple-vulnerabilities

ISC Stormcast For Wednesday, April 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7476, (Wed, Apr 28th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More

The post ISC Stormcast For Wednesday, April 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7476, (Wed, Apr 28th) appeared first on Malware Devil.

https://malwaredevil.com/2021/04/28/isc-stormcast-for-wednesday-april-28th-2021-https-isc-sans-edu-podcastdetail-htmlid7476-wed-apr-28th/?utm_source=rss&utm_medium=rss&utm_campaign=isc-stormcast-for-wednesday-april-28th-2021-https-isc-sans-edu-podcastdetail-htmlid7476-wed-apr-28th

Tuesday, April 27, 2021

Metodologías ágiles y ‘trabajo en reversa’: el caso de Amazon

Agile resulta muy eficaz para el desarrollo de productos y especialmente el software. Debido a su popularidad, la velocidad de estas metodologías se usa como pretexto para evitar planificaciones más cuidadosas. ¿Cómo usar adecuadamente la agilidad?

En lugar de tomarse …

The post Metodologías ágiles y ‘trabajo en reversa’: el caso de Amazon appeared first on ManageEngine Blog.

The post Metodologías ágiles y ‘trabajo en reversa’: el caso de Amazon appeared first on Security Boulevard.

The post Metodologías ágiles y ‘trabajo en reversa’: el caso de Amazon appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/metodologias-agiles-y-trabajo-en-reversa-el-caso-de-amazon/?utm_source=rss&utm_medium=rss&utm_campaign=metodologias-agiles-y-trabajo-en-reversa-el-caso-de-amazon

Spoofing Attacks Against Vehicular FMCW Radar

The post Spoofing Attacks Against Vehicular FMCW Radar appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/spoofing-attacks-against-vehicular-fmcw-radar/?utm_source=rss&utm_medium=rss&utm_campaign=spoofing-attacks-against-vehicular-fmcw-radar

KEVLAR-TZ: A Secure Cache for ARM TrustZone

The post KEVLAR-TZ: A Secure Cache for ARM TrustZone appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/kevlar-tz-a-secure-cache-for-arm-trustzone/?utm_source=rss&utm_medium=rss&utm_campaign=kevlar-tz-a-secure-cache-for-arm-trustzone

Smells and Refactorings for Microservices Security: A Multivocal Literature Review

The post Smells and Refactorings for Microservices Security: A Multivocal Literature Review appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/smells-and-refactorings-for-microservices-security-a-multivocal-literature-review/?utm_source=rss&utm_medium=rss&utm_campaign=smells-and-refactorings-for-microservices-security-a-multivocal-literature-review

Property Inference Attacks on Convolutional Neural Networks: Influence and Implications of Target Model’s Complexity

The post Property Inference Attacks on Convolutional Neural Networks: Influence and Implications of Target Model’s Complexity appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/property-inference-attacks-on-convolutional-neural-networks-influence-and-implications-of-target-models-complexity/?utm_source=rss&utm_medium=rss&utm_campaign=property-inference-attacks-on-convolutional-neural-networks-influence-and-implications-of-target-models-complexity

Do Cyberattacks Affect Stock Prices? It Depends on the Breach

A security researcher explores how data breaches, ransomware attacks, and other types of cybercrime influence stock prices.

In the aftermath of a data breach, ransomware attack, or vulnerability disclosure, organizations may think about how the news will cause their stock price to dip. New research indicates that although security incidents do affect stock price, the size of this impact largely depends on the circumstances — and rarely lasts.

Alejandro Hernandez, senior consultant at IOActive, became curious about the correlation in a previous role when a company with which he was working discovered a “huge” software vulnerability. His colleagues began to speculate how much the stock would dip — some guessed 10%, others said 20%. The business’s stock price fell only 3% that day, prompting him to start some new research.

Hernandez began to closely examine the organizations that experienced vulnerabilities, security incidents, espionage attacks, or faced criticism for privacy concerns and misinformation. His data includes the company name, sector, type of issue or incident, details of the incident, date of disclosure, change in stock price, and the amount of time it took the stock price to recover.

For many of these incidents, the price drop was minor and recovery time was less than two weeks. But some have a larger impact: The 2017 Equifax breach, for example, kick-started a price drop that hit 31% a week after its disclosure. Many people thought the company would never recover, Hernandez says, but its stock was back up within less than two years.

Of similar significance was the more recent SolarWinds campaign, which Hernandez classified as an espionage operation because there was a nation-state involved. He says these attacks are among the most harmful to corporate stock price, sometimes leading to a drop of 17% to 20%.

“All of the problems that relate to national security around the entire country are the worst ones,” he explains. But the stock price drop following disclosure of the SolarWinds attack was short-lived: Now, four months after disclosure, the company’s stock is on its way back up.

While one might guess these two headline-making breaches might cause stock prices to fall, that logic can’t be applied to all major incidents, Hernandez says, as some have greater impact than others. The disclosure of vulnerabilities, for example, leads to a 4% price drop on average, and affected organizations recover within one month. For 40% of businesses that disclosed a vulnerability, their stock price wasn’t affected at all.

[Hernandez will share his data and observations at the upcoming Black Hat Asia virtual event in his talk, “A Walk Through Historical Correlations Between Vulnerabilities & Stock Prices“]

“On the other hand, incidents impact more than vulnerabilities, [with a] more than 5% drop,” he continues. “The recovery depends on the amount and sensitivity of the data leaked,” though he notes 63% of businesses hit with an attack recover in less than a month, even if sensitive data such as credit card information or personally identifiable information was compromised.

“Security incidents” is a blanket term for data breaches, ransomware attacks, and other events that might hit an organization. Of these, Hernandez says ransomware does the most damage to stock price. In the short term, victims may not see a sizable difference; however, when it’s clear that an attack will influence the entire quarter due to production and shipping delays, they will.

His research shows it’s not only victim companies that are affected, but their parent companies as well. The Yahoo breach caused stock prices to fall for parent company Verizon; the disclosure of a vulnerability in WhatsApp in 2018 affected the stock for parent company Facebook. Similarly, organizations’ stock price can be affected when a security issue affects their suppliers.

Security events only began to affect stock prices within the past few years, he points out.

“I have noticed that the older data breaches before 2015 did not have a sharp price drop, and they recovered in less than a week,” says Hernandez of earlier attacks affecting Sony, Target, JP Morgan, Home Depot, and Anthem. While all made headlines, the victim companies’ stock prices didn’t drop as he would have expected.

He attributes this change to the greater importance of cybersecurity among businesses and consumers, who now pay attention when a company they’ve shopped at has been breached. As security awareness continues to grow, Hernandez anticipates cyberattacks, vulnerabilities, and other security issues will have a greater influence on stock price for victim organizations.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial … View Full Bio

Recommended Reading:

Comment |

Email This |

Print |

RSS

More Insights

Webcasts

Managing a Hybrid Cloud Infrastructure

More Webcasts

White Papers

What Elite Threat Hunters See That Others Miss: Case Study

CPRA: The Simple Guide

More White Papers

Reports

We Need Your Input: Trends in Workforce Optimization

Improving Security by Moving Beyond VPN

More Reports

The post Do Cyberattacks Affect Stock Prices? It Depends on the Breach appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/do-cyberattacks-affect-stock-prices-it-depends-on-the-breach/?utm_source=rss&utm_medium=rss&utm_campaign=do-cyberattacks-affect-stock-prices-it-depends-on-the-breach

O que são e como funcionam os Controles CIS?

Segurança cibernética é um dos assuntos mais quentes do momento quando falamos sobre tecnologia. Sempre atualizado, novas ameaças surgem a cada dia, assim como novos dispositivos e maneiras de se trabalhar. Agora com os ambientes híbridos, é ainda mais importante …

The post O que são e como funcionam os Controles CIS? appeared first on ManageEngine Blog.

The post O que são e como funcionam os Controles CIS? appeared first on Security Boulevard.

The post O que são e como funcionam os Controles CIS? appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/o-que-sao-e-como-funcionam-os-controles-cis/?utm_source=rss&utm_medium=rss&utm_campaign=o-que-sao-e-como-funcionam-os-controles-cis

Nintendo Sues Video-Game Pirates

Nintendo is questing after its third successful lawsuit against circumvention-device sellers, this time against Team Xecuter.
Read More

The post Nintendo Sues Video-Game Pirates appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/nintendo-sues-video-game-pirates/?utm_source=rss&utm_medium=rss&utm_campaign=nintendo-sues-video-game-pirates

Contact Tracing Fail: Why is Google So Bad at Basic Security and Privacy?

Years ago I wrote about Google’s calculator absurdly requiring network access permissions. A calculator needs network? What? Looking back, and based on recent headlines, it should at least have been front page news. Someone just prompted me to answer why Google’s Authenticator app needs to track location and data, and the calculator immediately came to … Continue reading Contact Tracing Fail: Why is Google So Bad at Basic Security and Privacy? →

The post Contact Tracing Fail: Why is Google So Bad at Basic Security and Privacy? appeared first on Security Boulevard.

The post Contact Tracing Fail: Why is Google So Bad at Basic Security and Privacy? appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/contact-tracing-fail-why-is-google-so-bad-at-basic-security-and-privacy/?utm_source=rss&utm_medium=rss&utm_campaign=contact-tracing-fail-why-is-google-so-bad-at-basic-security-and-privacy

XDR, SIEM, and the Future SOC

In this article, we’ll explain what XDR is, how it relates to traditional security information and event management (SIEM) systems, and how XDR concepts can transform the security organization.

The post XDR, SIEM, and the Future SOC appeared first on CCSI.

The post XDR, SIEM, and the Future SOC appeared first on Security Boulevard.

The post XDR, SIEM, and the Future SOC appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/xdr-siem-and-the-future-soc/?utm_source=rss&utm_medium=rss&utm_campaign=xdr-siem-and-the-future-soc

Nvidia 0-Days,Emotet Nukes Itself, Babuk D.C Attack, & iOS 14.5 – SWN #117

This week in the Security Weekly News: Dirty emojis, Nvidia zero-days, Shlayer, Cozy Bear, Emotet, Babuk, iOS 14.5, and Jason Wood returns for Expert Commentary!

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn117

The post Nvidia 0-Days,Emotet Nukes Itself, Babuk D.C Attack, & iOS 14.5 – SWN #117 appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/nvidia-0-daysemotet-nukes-itself-babuk-d-c-attack-ios-14-5-swn-117/?utm_source=rss&utm_medium=rss&utm_campaign=nvidia-0-daysemotet-nukes-itself-babuk-d-c-attack-ios-14-5-swn-117

Katie Moussouris Interviews Dan Kaminsky

via Katie Moussouris & MSDNC Channel 9 at the BlueHat Security Briefings: Fall 2008 Sessions and Interviews

Permalink

The post Katie Moussouris Interviews Dan Kaminsky appeared first on Security Boulevard.

The post Katie Moussouris Interviews Dan Kaminsky appeared first on Malware Devil.

https://malwaredevil.com/2021/04/27/katie-moussouris-interviews-dan-kaminsky/?utm_source=rss&utm_medium=rss&utm_campaign=katie-moussouris-interviews-dan-kaminsky

Malware Devil

Malware Devil

Wednesday, April 28, 2021

Microsoft Office SharePoint Targeted With High-Risk Phish, Ransomware Attacks

ESB-2021.1430 – [RedHat] etcd: Denial of service – Existing account

ESB-2021.1431 – [RedHat] Red Hat Fuse: Multiple vulnerabilities

ESB-2021.1432 – [RedHat] openldap: Denial of service – Remote/unauthenticated

ESB-2021.1433 – [Win][UNIX/Linux][RedHat] nss: Denial of service – Remote/unauthenticated

ESB-2021.1434 – [RedHat] kernel-alt: Multiple vulnerabilities

ESB-2021.1435 – [RedHat] kpatch-patch: Multiple vulnerabilities

ISC Stormcast For Wednesday, April 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7476, (Wed, Apr 28th)

Tuesday, April 27, 2021

Metodologías ágiles y ‘trabajo en reversa’: el caso de Amazon

Spoofing Attacks Against Vehicular FMCW Radar

KEVLAR-TZ: A Secure Cache for ARM TrustZone

Smells and Refactorings for Microservices Security: A Multivocal Literature Review

Property Inference Attacks on Convolutional Neural Networks: Influence and Implications of Target Model’s Complexity

Do Cyberattacks Affect Stock Prices? It Depends on the Breach

O que são e como funcionam os Controles CIS?

Nintendo Sues Video-Game Pirates

Contact Tracing Fail: Why is Google So Bad at Basic Security and Privacy?

XDR, SIEM, and the Future SOC

Nvidia 0-Days,Emotet Nukes Itself, Babuk D.C Attack, & iOS 14.5 – SWN #117

Katie Moussouris Interviews Dan Kaminsky

Barbary Pirates and Russian Cybercrime

Blog Archive

About Me