ISC Stormcast For Monday, June 14th, 2021 https://isc.sans.edu/podcastdetail.html?id=7540, (Mon, Jun 14th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Security Bulletin: A vulnerability in Apache ActiveMQ affects IBM Operations Analytics Predictive Insights (CVE-2020-13947)
Share this post: Apache ActiveMQ is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. CVE(s): Affected product(s) and affected version(s): IBM Product Security Vulnerabilities.
MGASA-2021-0253 - Updated slurm packages fix a security vulnerability Publication date: 13 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0253.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-31215 SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.
MGASA-2021-0254 - Updated wpa_supplicant, hostapd packages fix security vulnerability Publication date: 13 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0254.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-30004 The wpa_supplicant and hostapd packages are updated to fix a....
MGASA-2021-0256 - Updated microcode packages fix security vulnerabilities Publication date: 13 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0256.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2020-24489, CVE-2020-24511, CVE-2020-24513 Updated microcodes for Intel processors,....
MGASA-2021-0258 - Updated kernel-linus packages fix security vulnerabilities Publication date: 13 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0258.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139, CVE-2020-26141,....
via theguardian.com GCHQ cybersecurity boss sounds alarm over extortion by hackers who are mostly based in former Soviet statesRansomware represents the biggest threat to online security for most people and businesses in the UK, the head of GCHQ’s cybersecurity arm is to warn.
Security Advisory. This security advisory describes one low risk vulnerability. Description. CWE-203 - Observable discrepancy The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to observable timing discrepancy on server when HTTP Basic....
Update to 2.9.12 * Fix CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3537, CVE-2021-3541 * Verify sources with GPG signature
This glibc update fixes a use-after-free in the `mq_notify` function (CVE-2021-33574).
This kernel-linus update is based on upstream 5.10.43 and fixes atleast the following security issues: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received
This kernel update is based on upstream 5.10.43 and fixes atleast the following security issues: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received
Updated microcodes for Intel processors, fixing various functional issues, and atleast the following security issues: Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege
The irssi packages are updated to irssi 1.2.3 to fix several issues among some security vulnerabilities: * memory handling issues * memory leaks * erroneous free * crashes / freezes
Blue Team Detection: DarkSide Ransomware Malware write-ups can be found in abundance online, they are often written from the point of view of a malware researcher who focuses on the deep internals of how malicious software works.
Malware write-ups can be found in abundance online, they are often written from the point of view of a malware researcher who focuses on the deep internals of how malicious software works, in some cases the information provided cannot be used to derive actionable interligience and defence mechanisms by cyber security blue teams.
Kevin Backhouse, a researcher at GitHub Security Lab revealed the details of an easy-to-exploit Linux flaw that can be exploited to escalate privileges to root on the targeted system. The vulnerability, classified as highly critical and termed as CVE-2021-3560, affects polkit, a system service installed by default on many Linux distributions.
The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them. Synthesis of the vulnerability An attacker can act as a Man-in-the-Middle on Mosquitto, in order to read or write data in the session.
The researchers noted that RDP “was implicated as one of the most common methods of breaching a network in cases we were called in to investigate, which is why shutting off the outside world’s access to RDP is one of the most effective defenses an IT admin can take.
IT Support are going to have a bad day, can you get into the admin account? You can access the room through this link: https://tryhackme.com/room/thatstheticket Hello everyone, this is Mrinal Prakash aka EMPHAY and today I am going to take you to the walkthrough of the room- “That’s The Ticket” which is a pretty beginner friendly room.
VulnHub BlueMoon ( https://www.vulnhub.com/entry/bluemoon-2021,679/ ) is an easy level boot2root CTF challenge, where you have to grab 3 flags on your way towards root. Let us begin with finding the IP of the box. Nmap was used to find the IP of the BlueMoon VM as follows. Finding the IP of BlueMoon VM.