News

Looking Glass Cyber
    Malware Patrol SecList
    • ShrinkLocker: Turning BitLocker into ransomware
      The Kaspersky GERT has detected a VBS script that has been abusing Microsoft Windows features by modifying the system to lower the defenses and using the local MS BitLocker utility to encrypt entire drives and demand a ransom.
    securingtomorrow.mcafee.com
      Quick Heal Threat Post Naked Security
        Security Affairs

        Security Awareness Tips of the week

          Exploits

          Last 20 Website Defacements - Zone-h

            Advisories

            Symantec Packet Stoem Security

            • Ubuntu Security Notice USN-6785-1 Fri, 24 May 2024 15:28:05 GMT
              Ubuntu Security Notice 6785-1 - Matthias Gerstner discovered that GNOME Remote Desktop incorrectly performed certain user validation checks. A local attacker could possibly use this issue to obtain sensitive information, or take control of remote desktop connections.
            • Debian Security Advisory 5696-1 Fri, 24 May 2024 15:24:27 GMT
              Debian Linux Security Advisory 5696-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
            • Ubuntu Security Notice USN-6784-1 Fri, 24 May 2024 14:49:07 GMT
              Ubuntu Security Notice 6784-1 - It was discovered that cJSON incorrectly handled certain input. An attacker could possibly use this issue to cause cJSON to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10. Luo Jin discovered that cJSON incorrectly handled certain input. An attacker could possibly use this issue to cause cJSON to crash, resulting in a denial of service.
            • Debian Security Advisory 5695-1 Fri, 24 May 2024 14:47:23 GMT
              Debian Linux Security Advisory 5695-1 - Manfred Paul discovered that an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication in the WebKitGTK web engine.
            • Red Hat Security Advisory 2024-3354-03 Fri, 24 May 2024 14:42:20 GMT
              Red Hat Security Advisory 2024-3354-03 - Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include HTTP request smuggling, bypass, denial of service, deserialization, and traversal vulnerabilities.
            • Red Hat Security Advisory 2024-3352-03 Fri, 24 May 2024 14:42:09 GMT
              Red Hat Security Advisory 2024-3352-03 - An update for etcd is now available for Red Hat OpenStack Platform 16.2. Issues addressed include a denial of service vulnerability.
            • Red Hat Security Advisory 2024-3347-03 Fri, 24 May 2024 14:41:54 GMT
              Red Hat Security Advisory 2024-3347-03 - An update for python3 is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and traversal vulnerabilities.
            • Red Hat Security Advisory 2024-3346-03 Fri, 24 May 2024 14:41:42 GMT
              Red Hat Security Advisory 2024-3346-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and memory exhaustion vulnerabilities.
            • Red Hat Security Advisory 2024-3345-03 Fri, 24 May 2024 14:41:31 GMT
              Red Hat Security Advisory 2024-3345-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
            • Red Hat Security Advisory 2024-3344-03 Fri, 24 May 2024 14:41:15 GMT
              Red Hat Security Advisory 2024-3344-03 - An update for glibc is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow and null pointer vulnerabilities.
            • Red Hat Security Advisory 2024-3343-03 Fri, 24 May 2024 14:41:01 GMT
              Red Hat Security Advisory 2024-3343-03 - An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
            • Red Hat Security Advisory 2024-3341-03 Fri, 24 May 2024 14:40:46 GMT
              Red Hat Security Advisory 2024-3341-03 - An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 8.
            • Red Hat Security Advisory 2024-3340-03 Fri, 24 May 2024 14:40:36 GMT
              Red Hat Security Advisory 2024-3340-03 - An update for.NET 7.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
            • Red Hat Security Advisory 2024-3339-03 Fri, 24 May 2024 14:40:26 GMT
              Red Hat Security Advisory 2024-3339-03 - An update for glibc is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow, null pointer, and out of bounds write vulnerabilities.
            • Red Hat Security Advisory 2024-3338-03 Fri, 24 May 2024 14:40:16 GMT
              Red Hat Security Advisory 2024-3338-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include bypass and use-after-free vulnerabilities.
            • Red Hat Security Advisory 2024-3325-03 Fri, 24 May 2024 14:40:06 GMT
              Red Hat Security Advisory 2024-3325-03 - An update for pcp is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
            • Red Hat Security Advisory 2024-3324-03 Fri, 24 May 2024 14:39:53 GMT
              Red Hat Security Advisory 2024-3324-03 - An update for pcp is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
            • Red Hat Security Advisory 2024-3323-03 Fri, 24 May 2024 14:39:44 GMT
              Red Hat Security Advisory 2024-3323-03 - An update for pcp is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
            • Red Hat Security Advisory 2024-3322-03 Fri, 24 May 2024 14:39:33 GMT
              Red Hat Security Advisory 2024-3322-03 - An update for pcp is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
            • Red Hat Security Advisory 2024-3321-03 Fri, 24 May 2024 14:39:24 GMT
              Red Hat Security Advisory 2024-3321-03 - An update for pcp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
            • Red Hat Security Advisory 2024-2901-03 Fri, 24 May 2024 14:39:14 GMT
              Red Hat Security Advisory 2024-2901-03 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Issues addressed include denial of service and memory exhaustion vulnerabilities.
            • Red Hat Security Advisory 2024-2877-03 Fri, 24 May 2024 14:39:04 GMT
              Red Hat Security Advisory 2024-2877-03 - Red Hat OpenShift Container Platform release 4.13.42 is now available with updates to packages and images that fix several bugs and add enhancements.
            • Ubuntu Security Notice USN-6736-2 Thu, 23 May 2024 14:19:29 GMT
              Ubuntu Security Notice 6736-2 - USN-6736-1 fixed vulnerabilities in klibc. This update provides the corresponding updates for Ubuntu 24.04 LTS. It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code.
            • Ubuntu Security Notice USN-6777-4 Thu, 23 May 2024 14:18:32 GMT
              Ubuntu Security Notice 6777-4 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
            • Ubuntu Security Notice USN-6663-3 Thu, 23 May 2024 14:18:12 GMT
              Ubuntu Security Notice 6663-3 - USN-6663-1 provided a security update for OpenSSL. This update provides the corresponding update for Ubuntu 24.04 LTS. As a security improvement, OpenSSL will now return deterministic random bytes instead of an error when detecting wrong padding in PKCS#1 v1.5 RSA to prevent its use in possible Bleichenbacher timing attacks.