News

Looking Glass Cyber
    Malware Patrol SecList
    • Developing an incident response playbook
      Incident response playbooks help optimize the SOC processes, and are a major step forward to SOC maturity, but can be challenging for a company to develop. In this article, I want to share some insights on how to create the (almost) perfect playbook.
    securingtomorrow.mcafee.com
      Quick Heal Threat Post Naked Security Security Affairs

      Security Awareness Tips of the week

        Exploits

        Last 20 Website Defacements - Zone-h

        Advisories

        Symantec Packet Stoem Security

        • Ubuntu Security Notice USN-5966-1 Thu, 23 Mar 2023 14:30:37 GMT
          Ubuntu Security Notice 5966-1 - Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information. Maher Azzouzi discovered a privilege escalation vulnerability in the rundump binary within amanda. rundump is a suid binary owned by root that did not perform adequate sanitization of environment variables or commandline options and could possibly be used by a malicious local attacker to escalate privileges.
        • Ubuntu Security Notice USN-5942-2 Thu, 23 Mar 2023 14:30:07 GMT
          Ubuntu Security Notice 5942-2 - USN-5942-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding update for CVE-2023-25690 for Ubuntu 16.04 ESM. Lars Krapf discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain configurations. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.
        • Ubuntu Security Notice USN-5967-1 Thu, 23 Mar 2023 14:28:29 GMT
          Ubuntu Security Notice 5967-1 - It was discovered that the set method in object-path could be corrupted as a result of prototype pollution by sending a message to the parent process. An attacker could use this issue to cause object-path to crash.
        • Ubuntu Security Notice USN-5968-1 Wed, 22 Mar 2023 15:50:42 GMT
          Ubuntu Security Notice 5968-1 - It was discovered that GitPython did not properly sanitize user inputs for remote URLs in the clone command. By injecting a maliciously crafted remote URL, an attacker could possibly use this issue to execute arbitrary commands on the host.
        • Ubuntu Security Notice USN-5904-2 Tue, 21 Mar 2023 17:41:43 GMT
          Ubuntu Security Notice 5904-2 - USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for CVE-2021-33844 was incomplete. This update fixes the problem. Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS.
        • Ubuntu Security Notice USN-5965-1 Tue, 21 Mar 2023 17:41:24 GMT
          Ubuntu Security Notice 5965-1 - It was discovered that TigerVNC mishandled TLS certificate exceptions. An attacker could use this vulnerability to impersonate any server after a client had added an exception and obtain sensitive information.
        • Ubuntu Security Notice USN-5806-3 Tue, 21 Mar 2023 17:41:16 GMT
          Ubuntu Security Notice 5806-3 - USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 20.04 LTS. Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application.
        • Debian Security Advisory 5376-1 Tue, 21 Mar 2023 17:41:11 GMT
          Debian Linux Security Advisory 5376-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.
        • Red Hat Security Advisory 2023-1337-01 Tue, 21 Mar 2023 17:41:05 GMT
          Red Hat Security Advisory 2023-1337-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.
        • Red Hat Security Advisory 2023-1332-01 Tue, 21 Mar 2023 17:40:57 GMT
          Red Hat Security Advisory 2023-1332-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
        • Red Hat Security Advisory 2023-1333-01 Tue, 21 Mar 2023 17:36:35 GMT
          Red Hat Security Advisory 2023-1333-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.
        • Red Hat Security Advisory 2023-1335-01 Tue, 21 Mar 2023 17:36:22 GMT
          Red Hat Security Advisory 2023-1335-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
        • CentOS Stream 9 Missing Kernel Security Fixes Tue, 21 Mar 2023 17:34:34 GMT
          The kernel tree of CentOS Stream 9 suffers from multiple use-after-free conditions that were already patched in upstream stable trees.
        • Red Hat Security Advisory 2023-1336-01 Tue, 21 Mar 2023 17:32:15 GMT
          Red Hat Security Advisory 2023-1336-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.
        • Ubuntu Security Notice USN-5964-1 Tue, 21 Mar 2023 17:30:09 GMT
          Ubuntu Security Notice 5964-1 - Harry Sintonen discovered that curl incorrectly handled certain TELNET connection options. Due to lack of proper input scrubbing, curl could pass on user name and telnet options to the server as provided, contrary to expectations. Harry Sintonen discovered that curl incorrectly handled special tilde characters when used with SFTP paths. A remote attacker could possibly use this issue to circumvent filtering.
        • Ubuntu Security Notice USN-5963-1 Tue, 21 Mar 2023 17:29:33 GMT
          Ubuntu Security Notice 5963-1 - It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10.
        • Ubuntu Security Notice USN-5960-1 Mon, 20 Mar 2023 13:23:14 GMT
          Ubuntu Security Notice 5960-1 - Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could possibly use this issue to bypass blocklisting methods by supplying a URL that starts with blank characters.
        • Red Hat Security Advisory 2023-1303-01 Mon, 20 Mar 2023 13:22:19 GMT
          Red Hat Security Advisory 2023-1303-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 7.3.10 replaces Data Grid 7.3.9 and includes security fixes. Issues addressed include code execution and deserialization vulnerabilities.
        • Red Hat Security Advisory 2023-1286-01 Mon, 20 Mar 2023 13:12:45 GMT
          Red Hat Security Advisory 2023-1286-01 - Migration Toolkit for Runtimes 1.0.2 Images. Issues addressed include denial of service, privilege escalation, and server-side request forgery vulnerabilities.
        • Red Hat Security Advisory 2023-1154-01 Mon, 20 Mar 2023 13:09:53 GMT
          Red Hat Security Advisory 2023-1154-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.54.
        • Red Hat Security Advisory 2023-1285-01 Mon, 20 Mar 2023 13:09:33 GMT
          Red Hat Security Advisory 2023-1285-01 - Migration Toolkit for Runtimes 1.0.2 ZIP artifacts. Issues addressed include privilege escalation, server-side request forgery, and traversal vulnerabilities.
        • Debian Security Advisory 5356-2 Fri, 17 Mar 2023 14:07:51 GMT
          Debian Linux Security Advisory 5356-2 - One of the security fixes released as DSA 5356 introduced a regression in the processing of specific WAV files. Updated sox packages are available to correct this issue.
        • Ubuntu Security Notice USN-5959-1 Fri, 17 Mar 2023 14:05:43 GMT
          Ubuntu Security Notice 5959-1 - It was discovered that Kerberos incorrectly handled memory when processing KDC data, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or have other unspecified impacts.
        • Ubuntu Security Notice USN-5962-1 Fri, 17 Mar 2023 14:02:32 GMT
          Ubuntu Security Notice 5962-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
        • Debian Security Advisory 5375-1 Fri, 17 Mar 2023 13:56:35 GMT
          Debian Linux Security Advisory 5375-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or spoofing.