News

• Swinburne University Confirms Over 5,000 Individuals Affected In Data Breach
• Bitcoin Tumbles After Turkey Bans Crypto Payments Citing Risks
• US Government Strikes Back At Kremlin For SolarWinds Hack Campaign
• Facebook Faces Mass Legal Action Over Data Leak
• Flaw Allows Attackers To Brick Kubernetes Clusters
• Google Project Zero Cuts Bug Disclosure Timeline To A 30-Day Grace Period
• US Imposes Sanctions On Russia Over Cyber Attacks
• Stories Of Dealing With Ransomware Gangs
• Google Releases Chrome 90 With HTTPS By Default
• Is It Still Possible To Run Malware In A Browser Using JavaScript And Rowhammer? Yes, Yes It Is
• FBI Deletes Web Shells From Hundreds Of Compromised Microsoft Exchange Servers Before Alerting Admins
• Facebook Will Not Notify More Than 530M Users Exposed In 2019 Breach
• Reddit Takes Bug Bounty Program Public
• 100,000 Google Sites Used To Install SolarMarket RAT
• 1.3M Clubhouse Users' Data Dumped In Hacker Forum For Free
• Prosecutor Says Russia's GRU Hacked Sweden's Sports Body
• Millions Of Devices Are At Risk From The NAME:WRECK DNS Bugs
• Estate Agent's Hi-Tech House Tour Exposes Personal Data
• There's Another Facebook Phone Number Database Online
• Texas Man Wanted To Blow Up Amazon To Kill 70% Of The Internet
• Stuxnet Sibling Theory Surges After Iran Says Nuke Facility Shut Down By Electrical Fault
• Criminals Spread Malware Using Contact Forms With Google URLs
• Windows And Linux Devices Are Under Attack By A New Cryptomining Worm
• Facebook Says Data From 530M Users Was Obtained By Scraping
• Hackers Hit 9 Countries, Expose 623,036 Payment Card Records

• Remote Attestation Enabling Posture Assessment for Automated GRC Thu, 15 Apr 2021 18:43:29 +0000
  

  By: Kathleen M. Moriarty, CIS Chief Technology Officer   Attestation…simplified! This post explains how attestation can provide system-level remediation and resiliency. It can be conducted remotely and at scale, ensuring transparency of compliance with industry security controls and benchmarks. Posture Assessment: Shift Left and Build in Security! Attestation performed across the full hardware and software […]

  The post Remote Attestation Enabling Posture Assessment for Automated GRC appeared first on CIS.

Looking Glass Cyber

• Global Strategist H.P. Goldfield Joins LookingGlass Advisory Board
• LookingGlass Hires Norm Laudermilch as First Chief Cyber Officer
• Former DARPA Director Coleman Joins LookingGlass Advisory Board
• Cybersecurity Leader Gus Hunt Joins LookingGlass Advisory Board
• Cybersecurity Expert Melissa Hathaway Joins LookingGlass Advisory Board
• Former FBI Cyber Division Chief James Trainor Joins LookingGlass Advisory Board
• Military Intelligence Leader Lt. Gen. James Clapper Joins LookingGlass Advisory Board
• LookingGlass Welcomes Business Executive Dana Mariano as Chief Financial Officer
• Cybersecurity experts fear SolarWinds’ hack leads to larger attack on unprepared U.S.
• Cybersecurity Executive Bryan S. Ware Joins LookingGlass Advisory Board

Malware Patrol

• InfoSec Articles (03/29/21 – 04/12/21)
• InfoSec Articles (03/15/21 – 03/29/21)

SecList

• Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild
  CVE-2021-28310 is an out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe). We believe it is exploited in the wild, potentially by several threat actors.

securingtomorrow.mcafee.com

• Digital Spring Cleaning: Seven Steps for Faster, Safer Devices
• Why Coin Miners Go Bad & How to Protect Your Tech When They Do
• Let’s Make Security Easy
• McAfee Labs Report Reveals Latest COVID-19 Threats and Malware Surges
• BRATA Keeps Sneaking into Google Play, Now Targeting USA and Spain
• AI Is Alive! But Not Without Our Help
• McAfee ATR Threat Report: A Quick Primer on Cuba Ransomware
• McAfee Defender’s Blog: Cuba Ransomware Campaign
• More Money, Less Problems: XDR Investment Can Protect the Financial Services Industry
• Prioritizing Security in a Remote Learning Environment 
• Is the Clubhouse App a Safe Place for Kids to Hangout?

Quick Heal

• Malicious malware impacting reviews and ratings of application
• Cyber threats against Macs are increasing! Are you prepared?
• The risks of downloading apps from unauthorized app stores
• Zloader: Entailing Different Office Files
• Data of 21 Million VPN users breached
• Hacker sabotage: Are they now going for your car?
• SARBLOH: A NEW RANSOMWARE THAT DOES NOT DEMAND MONEY
• Five tips to stay away from UPI frauds
• Ransomware attacks erupt via Cyberpunk 2077
• Five tips to ensure you’re not a victim of an online romance scam this Valentine’s Day

Threat Post

• BazarLoader Malware Abuses Slack, BaseCamp Clouds
• iOS Kids Game Morphs into Underground Crypto Casino
• NSA: 5 Security Bugs Under Active Nation-State Cyberattack
• Mandiant Front Lines: How to Tackle Exchange Exploits
• Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period
• Biden Races to Shore Up Power Grid Against Hacks
• Gafgyt Botnet Lifts DDoS Tricks from Mirai
• Attackers Target ProxyLogon Exploit to Install Cryptojacker
• Security Bug Allows Attackers to Brick Kubernetes Clusters
• Ransomware Attack Creates Cheese Shortages in Netherlands

Naked Security

• S3 Ep28.5: Hacking back – is attack an acceptable form of defence? [Podcast]
• S3 Ep28: Pwn2Own hacks, dark web hitmen and COVID-19 privacy [Podcast]
• FBI hacks into hundreds of infected US servers (and disinfects them)
• IoT bug report claims “at least 100M devices” may be impacted
• Apple and Google block official UK COVID-19 app update
• Naked Security Live – How to spot “government” scammers
• Pwn2Own 2021: Zoom, Teams, Exchange, Chrome and Edge “fully owned”
• Italian charged with hiring “dark web hitman” to murder his ex-girlfriend
• S3 Ep27: Census scammers, beg bounties and data breach fines [Podcast]
• Too slow! Booking.com fined for not reporting data breach fast enough

Security Affairs

• Google Project Zero updates vulnerability disclosure policy moving to a “90+30” model
• 6 out of 11 EU agencies running Solarwinds Orion software were hacked
• Critical RCE can allow attackers to compromise Juniper Networks devices
• Russia-linked APT SVR actively targets these 5 flaws
• Mirai code re-use in Gafgyt
• Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto
• US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack
• Cyber thieves move $760 million stolen in the 2016 Bitfinex heist
• April 2021 Security Patch Day fixes a critical flaw in SAP Commerce
• For the second time in a week, a Google Chromium zero-day released online

Security Awareness Tips of the week

• Digital Inheritance
• Secure Your Home Wi-Fi Network
• Privacy
• Recording Conference Calls
• Messaging / Smishing Attacks

Exploits

• GetSimple CMS My SMTP Contact 1.1.1 CSRF / Remote Code Execution
• glFTPd 2.11a Denial Of Service
• Nagios XI Remote Code Execution
• Backdoor.Win32.Zombam.h Buffer Overflow
• htmly 2.8.0 Cross Site Scripting
• Horde Groupware Webmail 5.2.22 Cross Site Scripting
• Tileserver-gl 3.0.0 Cross Site Scripting
• SMASH Rowhammer Proof Of Concept
• Microsoft Azure DevOps Server 2020.0.1 Cross Site Scripting
• Webmail Edition 5.2.22 XSS / Remote Code Execution
• HEUR.Hoax.Win32.FrauDrop.gen Insecure Permissions
• CITSmart ITSM 9.1.2.27 SQL Injection
• CITSmart ITSM 9.1.2.22 LDAP Injection
• Trojan.Win32.Agent.zfgh Insecure Permissions
• MariaDB 10.2 Command Execution
• Genexis PLATINUM 4410 2.1 P4410-V2-1.28 Remote Command Execution
• Trojan.Win32.Jorik.qje Insecure Permissions
• Digital Crime Report Management System 1.0 SQL Injection
• jQuery 1.0.3 Cross Site Scripting
• jQuery 1.2 Cross Site Scripting
• Nagios XI getprofile.sh Remote Command Execution
• Microsoft Windows SCM Remote Access Check Limit Bypass Privilege Escalation
• Blitar Tourism 1.0 SQL Injection
• Chrome V8 JavaScript Engine Remote Code Execution
• ExpressVPN VPN Router 1.0 Integer Overflow

• [webapps] GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to RCE
• [dos] glFTPd 2.11a - Remote Denial of Service
• [webapps] htmly 2.8.0 - 'description' Stored Cross-Site Scripting (XSS)
• [webapps] Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting (XSS)
• [webapps] Horde Groupware Webmail 5.2.22 - Stored XSS
• [webapps] jQuery 1.0.3 - Cross-Site Scripting (XSS)
• [webapps] jQuery 1.2 - Cross-Site Scripting (XSS)
• [local] MariaDB 10.2 /MySQL - 'wsrep_provider' OS Command Execution
• [webapps] Genexis PLATINUM 4410 2.1 P4410-V2-1.28 - RCE
• [webapps] CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection (Authenticated)
• [webapps] CITSmart ITSM 9.1.2.22 - LDAP Injection
• [webapps] Digital Crime Report Management System 1.0 - SQL Injection (Authentication Bypass)
• [webapps] ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow
• [webapps] Blitar Tourism 1.0 - Authentication Bypass SQLi
• [webapps] Simple Student Information System 1.0 - SQL Injection (Authentication Bypass)
• [remote] vsftpd 2.3.4 - Backdoor Command Execution
• [webapps] PrestaShop 1.7.6.7 - 'location' Blind Sql Injection
• [remote] Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution
• [webapps] Composr 10.0.36 - Remote Code Execution
• [webapps] DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF)
• [webapps] CMSimple 5.2 - 'External' Stored XSS
• [webapps] Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read
• [webapps] Composr CMS 10.0.36 - Cross Site Scripting
• [webapps] Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS
• [webapps] Mini Mouse 9.3.0 - Local File inclusion / Path Traversal
• [remote] Google Chrome 81.0.4044 V8 - Remote Code Execution
• [remote] Google Chrome 86.0.4240 V8 - Remote Code Execution
• [webapps] Mini Mouse 9.2.0 - Path Traversal
• [webapps] Mini Mouse 9.2.0 - Remote Code Execution
• [webapps] OpenEMR 4.1.0 - 'u' SQL Injection
• [webapps] Basic Shopping Cart 1.0 - Authentication Bypass
• [webapps] Simple Food Website 1.0 - Authentication Bypass
• [local] Rockstar Service - Insecure File Permissions
• [webapps] F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated)
• [webapps] ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation
• [webapps] phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated)
• [webapps] ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2)
• [webapps] ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (1)
• [webapps] Latrix 0.6.0 - 'txtaccesscode' SQL Injection
• [webapps] CourseMS 2.1 - 'name' Stored XSS
• [dos] DD-WRT 45723 - UPNP Buffer Overflow (PoC)
• [webapps] Zabbix 3.4.7 - Stored XSS
• [webapps] Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting
• [webapps] GetSimple CMS 3.3.16 - Reflected XSS to RCE
• [webapps] SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow
• [webapps] Novel Boutique House-plus 3.5.1 - Arbitrary File Download

Last 20 Website Defacements - Zone-h

• http://justice.gov.zw
• http://pta-palu.go.id/hek.htm
• https://kip.bandaacehkota.go.id/olala.html
• http://cexdhanbad.gov.in/rn.html
• http://cexbokaro.gov.in/rn.html
• https://catarmancamiguin.gov.ph/pwn.txt
• http://www.guchhogram.gov.bd
• https://kejari-tanjungpinang.go.id/idolisdead.htm
• http://jkrperlis.gov.my/sec.txt
• http://www.telecomdept.gov.bd
• http://umzimvubu.gov.za/pwn.txt
• http://pinheiro.ma.gov.br
• https://www.camaramataverde.mg.gov.br
• https://www.camarajordania.mg.gov.br
• https://www.camaradivisaalegre.mg.gov.br
• https://www.camaraalmenara.mg.gov.br
• https://www.camarariodoprado.mg.gov.br
• https://www.camaradecomercinho.mg.gov.br
• https://www.palmopolis.mg.gov.br
• http://bppkp.jabarprov.go.id/robots.txt

Advisories

Symantec Packet Stoem Security

• Ubuntu Security Notice USN-4917-1 Fri, 16 Apr 2021 15:10:51 GMT
  Ubuntu Security Notice 4917-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
• Ubuntu Security Notice USN-4916-1 Fri, 16 Apr 2021 15:08:48 GMT
  Ubuntu Security Notice 4916-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
• Ubuntu Security Notice USN-4915-1 Fri, 16 Apr 2021 15:07:38 GMT
  Ubuntu Security Notice 4915-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
• Red Hat Security Advisory 2021-1213-01 Thu, 15 Apr 2021 13:51:22 GMT
  Red Hat Security Advisory 2021-1213-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.
• Red Hat Security Advisory 2021-1214-01 Thu, 15 Apr 2021 13:51:08 GMT
  Red Hat Security Advisory 2021-1214-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.
• Red Hat Security Advisory 2021-1206-01 Thu, 15 Apr 2021 13:50:57 GMT
  Red Hat Security Advisory 2021-1206-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
• Ubuntu Security Notice USN-4913-1 Thu, 15 Apr 2021 13:50:49 GMT
  Ubuntu Security Notice 4913-1 - It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code.
• Red Hat Security Advisory 2021-1202-01 Thu, 15 Apr 2021 13:50:39 GMT
  Red Hat Security Advisory 2021-1202-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 12 serves as a replacement for Red Hat JBoss Web Server 3.1.11, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and null pointer vulnerabilities.
• Red Hat Security Advisory 2021-1203-01 Thu, 15 Apr 2021 13:50:30 GMT
  Red Hat Security Advisory 2021-1203-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 12 serves as a replacement for Red Hat JBoss Web Server 3.1.11, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and null pointer vulnerabilities.
• Ubuntu Security Notice USN-4914-1 Thu, 15 Apr 2021 13:50:21 GMT
  Ubuntu Security Notice 4914-1 - It was discovered that NetworkManager incorrectly handled certain profiles. A local attacker could possibly use this issue to cause NetworkManager to crash, resulting in a denial of service.
• Red Hat Security Advisory 2021-1201-01 Thu, 15 Apr 2021 13:50:14 GMT
  Red Hat Security Advisory 2021-1201-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.
• Red Hat Security Advisory 2021-1200-01 Thu, 15 Apr 2021 13:50:04 GMT
  Red Hat Security Advisory 2021-1200-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 6 and includes bug fixes and enhancements. Issues addressed include bypass and null pointer vulnerabilities.
• Red Hat Security Advisory 2021-1199-01 Thu, 15 Apr 2021 13:49:54 GMT
  Red Hat Security Advisory 2021-1199-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 6 and includes bug fixes and enhancements. Issues addressed include bypass and null pointer vulnerabilities.
• Red Hat Security Advisory 2021-1195-01 Wed, 14 Apr 2021 16:50:04 GMT
  Red Hat Security Advisory 2021-1195-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.
• Red Hat Security Advisory 2021-1197-01 Wed, 14 Apr 2021 16:49:41 GMT
  Red Hat Security Advisory 2021-1197-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.
• Red Hat Security Advisory 2021-1192-01 Wed, 14 Apr 2021 16:45:13 GMT
  Red Hat Security Advisory 2021-1192-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.
• Red Hat Security Advisory 2021-1196-01 Wed, 14 Apr 2021 16:40:32 GMT
  Red Hat Security Advisory 2021-1196-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Issues addressed include bypass and null pointer vulnerabilities.
• Red Hat Security Advisory 2021-1193-01 Wed, 14 Apr 2021 16:37:33 GMT
  Red Hat Security Advisory 2021-1193-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.
• Red Hat Security Advisory 2021-1169-01 Wed, 14 Apr 2021 16:36:24 GMT
  Red Hat Security Advisory 2021-1169-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.
• Red Hat Security Advisory 2021-1016-01 Wed, 14 Apr 2021 16:34:08 GMT
  Red Hat Security Advisory 2021-1016-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.37. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2021-1184-01 Wed, 14 Apr 2021 16:33:46 GMT
  Red Hat Security Advisory 2021-1184-01 - The ovirt-hosted-engine-setup package provides a self-hosted engine tool for the Red Hat Virtualization Manager. A self-hosted engine is a virtualized environment in which the Manager runs on a virtual machine on the hosts managed by the Manager. Bug Fix: In this release, it is now possible to enter a path to the OVA archive for local appliance installation using the cockpit-ovirt UI. Previously, following a successful migration on the Self-hosted Engine, he HA agent on the source host immediately moved to the state EngineDown, and shorly thereafter tried to start the engine locally, if the destination host didn't update the shared storage quickly enough, marking the Manager virtual machine as being up. As a result, starting the virtual machine failed due to a shared lock held by the destination host. This also resulted in generating false alarms and notifications. In this release, the HA agent first moves to the state EngineMaybeAway, providing the destination host more time to update the shared storage with the updated state. As a result, no notifications or false alarms are generated. Note: in scenarios where the virtual machine needs to be started on the source host, this fix slightly increases the time it takes the Manager virtual machine on the source host to start.
• Red Hat Security Advisory 2021-1189-01 Wed, 14 Apr 2021 16:31:48 GMT
  Red Hat Security Advisory 2021-1189-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include bypass and null pointer vulnerabilities.
• Red Hat Security Advisory 2021-1186-01 Wed, 14 Apr 2021 16:31:35 GMT
  Red Hat Security Advisory 2021-1186-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Bug Fix: Previously, saving user preferences in the Red Hat Virtualization Manager required the MANIPULATE_USERS permission level. As a result, user preferences were not saved on the server. In this release, the required permission level for saving user preferences was changed to EDIT_PROFILE, which is the permission level assigned by default to all users. As a result, saving user preferences works as expected. Issues addressed include a cross site scripting vulnerability.
• Red Hat Security Advisory 2021-1190-01 Wed, 14 Apr 2021 16:29:36 GMT
  Red Hat Security Advisory 2021-1190-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.
• Ubuntu Security Notice USN-4905-1 Wed, 14 Apr 2021 16:25:29 GMT
  Ubuntu Security Notice 4905-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code.