Security Pop Quiz! q249.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber securingtomorrow.mcafee.com
    Quick Heal Threat Post Naked Security ESET CIS
    • CIS Benchmark Community Spotlight: Martin White Tue, 11 Aug 2020 13:18:45 +0000

      The Center for Internet Security (CIS) is proud to bring together so many of the world’s best IT security professionals in our community of volunteers. If you’re already involved in the CIS Benchmarks Community, thank you! If you haven’t yet become a volunteer, please do so today. By contributing their expertise and goodwill, each volunteer […]

      The post CIS Benchmark Community Spotlight: Martin White appeared first on CIS.

    Malware Patrol SecList MySonicWall

    Critical Infrastructure

    Case Studies

    Tools

    Exploits

    Last 20 Website Defacements - Zone-h

    Press Play to hear the answer!

    Advisories

    • Ubuntu Security Notice USN-4457-1 Wed, 12 Aug 2020 15:54:52 GMT
      Ubuntu Security Notice 4457-1 - Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen.
    • Ubuntu Security Notice USN-4456-1 Wed, 12 Aug 2020 15:54:46 GMT
      Ubuntu Security Notice 4456-1 - It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. It was discovered that Dovecot incorrectly handled memory when using NTLM. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. It was discovered that the Dovecot RPA mechanism incorrectly handled zero-length messages. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.
    • Red Hat Security Advisory 2020-3433-01 Wed, 12 Aug 2020 15:54:40 GMT
      Red Hat Security Advisory 2020-3433-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
    • Red Hat Security Advisory 2020-3432-01 Wed, 12 Aug 2020 15:54:33 GMT
      Red Hat Security Advisory 2020-3432-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
    • Gentoo Linux Security Advisory 202008-07 Wed, 12 Aug 2020 15:54:26 GMT
      Gentoo Linux Security Advisory 202008-7 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 84.0.4147.125 are affected.
    • Red Hat Security Advisory 2020-3414-01 Wed, 12 Aug 2020 15:54:20 GMT
      Red Hat Security Advisory 2020-3414-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
    • Red Hat Security Advisory 2020-3425-01 Tue, 11 Aug 2020 21:16:56 GMT
      Red Hat Security Advisory 2020-3425-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
    • Red Hat Security Advisory 2020-3422-01 Tue, 11 Aug 2020 21:16:48 GMT
      Red Hat Security Advisory 2020-3422-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.107 and .NET Core Runtime 3.1.7. Security Fixes: .NET Core: ASP.NET Core Resource Consumption Denial of Service. Issues addressed include a denial of service vulnerability.
    • Red Hat Security Advisory 2020-3421-01 Tue, 11 Aug 2020 21:16:42 GMT
      Red Hat Security Advisory 2020-3421-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.107 and .NET Core Runtime 3.1.7. Issues addressed include a denial of service vulnerability.
    • Red Hat Security Advisory 2020-3406-01 Tue, 11 Aug 2020 15:39:07 GMT
      Red Hat Security Advisory 2020-3406-01 - Library and utility to launch and manage containers using YAML based configuration data. openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools, which can be used to help deploy OpenStack.
    • Red Hat Security Advisory 2020-3410-01 Tue, 11 Aug 2020 15:38:34 GMT
      Red Hat Security Advisory 2020-3410-01 - Library and utility to launch and manage containers using YAML based configuration data. openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools, which can be used to help deploy OpenStack.
    • Red Hat Security Advisory 2020-3389-01 Tue, 11 Aug 2020 15:38:27 GMT
      Red Hat Security Advisory 2020-3389-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer overflow vulnerability.
    • Ubuntu Security Notice USN-4454-2 Mon, 10 Aug 2020 22:47:30 GMT
      Ubuntu Security Notice 4454-2 - USN-4454-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4455-1 Mon, 10 Aug 2020 22:47:16 GMT
      Ubuntu Security Notice 4455-1 - It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information.
    • Red Hat Security Advisory 2020-3387-01 Mon, 10 Aug 2020 22:47:09 GMT
      Red Hat Security Advisory 2020-3387-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP70. Issues addressed include bypass and information leakage vulnerabilities.
    • Red Hat Security Advisory 2020-3388-01 Mon, 10 Aug 2020 22:47:01 GMT
      Red Hat Security Advisory 2020-3388-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP70. Issues addressed include bypass and information leakage vulnerabilities.
    • Ubuntu Security Notice USN-4454-1 Mon, 10 Aug 2020 22:46:54 GMT
      Ubuntu Security Notice 4454-1 - Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.
    • Red Hat Security Advisory 2020-3386-01 Mon, 10 Aug 2020 19:02:07 GMT
      Red Hat Security Advisory 2020-3386-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP15. Issues addressed include bypass and information leakage vulnerabilities.
    • Red Hat Security Advisory 2020-3385-01 Mon, 10 Aug 2020 14:27:27 GMT
      Red Hat Security Advisory 2020-3385-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include a buffer overflow vulnerability.
    • Red Hat Security Advisory 2020-3383-01 Mon, 10 Aug 2020 14:27:20 GMT
      Red Hat Security Advisory 2020-3383-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package. Issues addressed include a denial of service vulnerability.
    • Red Hat Security Advisory 2020-3382-01 Mon, 10 Aug 2020 14:27:13 GMT
      Red Hat Security Advisory 2020-3382-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages. Issues addressed include a denial of service vulnerability.
    • Red Hat Security Advisory 2020-3379-01 Mon, 10 Aug 2020 14:27:06 GMT
      Red Hat Security Advisory 2020-3379-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
    • Red Hat Security Advisory 2020-3378-01 Mon, 10 Aug 2020 14:26:57 GMT
      Red Hat Security Advisory 2020-3378-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
    • Red Hat Security Advisory 2020-3377-01 Mon, 10 Aug 2020 14:26:27 GMT
      Red Hat Security Advisory 2020-3377-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 84.0.4147.105. Issues addressed include buffer overflow, bypass, information leakage, out of bounds write, and use-after-free vulnerabilities.
    • Gentoo Linux Security Advisory 202008-05 Mon, 10 Aug 2020 14:26:10 GMT
      Gentoo Linux Security Advisory 202008-5 - A buffer overflow in gThumb might allow remote attacker(s) to execute arbitrary code. Versions less than 3.10.0 are affected.