Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Malware and Vulnerabilities

Adobe says it’s not aware of any attacks exploiting these vulnerabilities. Since they all have a priority rating of “3,” the company believes they are unlikely to ever be exploited.

 Govt., Critical Infrastructure

Poland Defense Minister Mariusz Blaszczak said the force’s mission includes defense, reconnaissance, and, if need be, offensive actions to protect Poland’s Armed Forces from cyberattacks.

 Malware and Vulnerabilities

First discovered in July 2020, Medusa has come a long way with new capabilities and updates. It has now become deadlier by forming a partnership with the infamous FluBot trojan. 

 Malware and Vulnerabilities

The BlackCat ransomware, aka ALPHV, operators declared in an interview that they are former members of the DarkSide ransomware operation, leaving experts in splits. However, to everyone's surprise, BlackCat’s encryptor shares no code similarities with the DarkSide/BlackMatter encryptors. Looking at rebranding efforts, experts must watch this space closely.

 Trends, Reports, Analysis

The Federal Bureau of Investigation (FBI) this week announced that between 2018 and 2021 its Internet Crime Complaint Center (IC3) received more than 1,900 complaints related to SIM swapping.

 Malware and Vulnerabilities

Hackers associated with SolarWind attacks have been using two new threats, the GoldMax backdoor and the TrailBlazer malware family, in StellarParticle campaigns for over two years. Researchers have provided detailed information regarding the latest TTPs observed in cyberattacks and suggested organizations to implement a multi-layered defense strategy to stay protected.

 Malware and Vulnerabilities

Premium exploits acquisition platform Zerodium rolled out an offer of $400,000 in bounty rewards to anyone who reports an RCE zero-day vulnerability in Outlook. It is reportedly a temporary offer. It is offering up to $200,000 for exploits leading to remote code execution in Mozilla Thunderbird. Security teams in   show more ...

various organizations must watch out for zero-days because such a bug in Microsoft Outlook can have an unimaginable impact.

 Feed

Ubuntu Security Notice 5279-1 - It was discovered that util-linux incorrectly handled unmounting FUSE filesystems. A local attacker could possibly use this issue to unmount FUSE filesystems belonging to other users.

 Feed

Red Hat Security Advisory 2022-0496-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.102 and .NET Runtime 6.0.2. Issues addressed include a denial of service vulnerability.

 Feed

Red Hat Security Advisory 2022-0495-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.211 and .NET Runtime 5.0.14. Issues addressed include a denial of service vulnerability.

 Feed

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant   show more ...

to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

 Feed

Red Hat Security Advisory 2022-0482-01 - Red Hat Ansible Tower provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that   show more ...

leverage existing knowledge without the overhead. Ansible Tower makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Issues addressed include a privilege escalation vulnerability.

 Feed

Red Hat Security Advisory 2022-0475-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

 Feed

Red Hat Security Advisory 2022-0477-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.

 Feed

Ubuntu Security Notice 5267-2 - USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem.

 Feed

This Metasploit module exploits a command injection vulnerability in Grandstream GXV31XX IP multimedia phones. The settimezone action does not validate input in the timezone parameter allowing injection of arbitrary commands. A buffer overflow in the phonecookie cookie parsing allows authentication to be bypassed by   show more ...

providing an alphanumeric cookie 93 characters in length. This module was tested successfully on Grandstream models: GXV3175v2 hardware revision V2.6A with firmware version 1.0.1.19; and GXV3140 hardware revision V0.4B with firmware version 1.0.1.27.

 Feed

Red Hat Security Advisory 2022-0476-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.

 Feed

Red Hat Security Advisory 2022-0464-02 - Advanced Intrusion Detection Environment is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2022-0467-02 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.6.7 serves as a replacement for   show more ...

Red Hat AMQ Streams 1.6.6, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

 Feed

Red Hat Security Advisory 2022-0469-02 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.0.1 serves as a replacement for   show more ...

Red Hat AMQ Streams 2.0.0, and includes security and bug fixes, and enhancements. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

 Feed

Red Hat Security Advisory 2022-0472-02 - Advanced Intrusion Detection Environment is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2022-0474-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to   show more ...

write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Issues addressed include a privilege escalation vulnerability.

 Feed

Red Hat Security Advisory 2022-0473-02 - Advanced Intrusion Detection Environment is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2022-0442-02 - Log4j is a tool to help the programmer output log statements to a variety of output targets. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

 Feed

Red Hat Security Advisory 2022-0443-06 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host   show more ...

virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a privilege escalation vulnerability.

 Feed

Red Hat Security Advisory 2022-0444-03 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You   show more ...

can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.4.10 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

 Feed

Red Hat Security Advisory 2022-0446-02 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.10 serves as a replacement for Red Hat   show more ...

Single Sign-On 7.4.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

 Feed

Microsoft on Tuesday rolled out its monthly security updates with fixes for 51 vulnerabilities across its software line-up consisting of Windows, Office, Teams, Azure Data Explorer, Visual Studio Code, and other components such as Kernel and Win32k. Among the 51 defects closed, 50 are rated Important and one is rated Moderate in severity, making it one of the rare Patch Tuesday updates without

 Feed

The Russia-linked threat actor known as APT29 targeted European diplomatic missions and Ministries of Foreign Affairs as part of a series of spear-phishing campaigns mounted in October and November 2021. According to ESET's T3 2021 Threat Report shared with The Hacker News, the intrusions paved the way for the deployment of Cobalt Strike Beacon on compromised systems, followed by leveraging the

 Feed

The U.S. Justice Department (DoJ) on Tuesday announced the arrest of a married couple in connection with conspiring to launder cryptocurrency worth $4.5 billion that was siphoned during the hack of the virtual currency exchange Bitfinex in 2016. Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, both of New York, are alleged to have "stolen funds through a labyrinth of cryptocurrency

 Feed

Alarming research reveals the stress and strains the average cybersecurity team experiences on a daily basis. As many as 70% of teams report feeling emotionally overwhelmed by security alerts. Those alerts come at such high volume, high velocity, and high intensity that they become an extreme source of stress. So extreme, in fact, that people's home lives are negatively affected. Alert overload

 Feed

An advanced persistent threat (APT) group with ties to Iran has refreshed its malware toolset to include a new backdoor dubbed Marlin as part of a long-running espionage campaign that started in April 2018. Slovak cybersecurity company ESET attributed the attacks — codenamed "Out to Sea" — to a threat actor called OilRig (aka APT34), while also conclusively connecting its activities to a second

2022-02
Aggregator history
Wednesday, February 09
TUE
WED
THU
FRI
SAT
SUN
MON
FebruaryMarchApril