Sources

Linux security Advisories

• Ubuntu 4105-1: CUPS vulnerabilities 2 óra 43 perc
• Ubuntu 4104-1: Nova vulnerability 14 óra 59 perc
• SUSE: 2019:2180-1 important: python-Django 17 óra 6 perc
• SUSE: 2019:2181-1 important: nodejs6 17 óra 7 perc
• SUSE: 2019:2182-1 moderate: rubygem-rails-html-sanitizer 17 óra 8 perc
• openSUSE: 2019:1959-1: moderate: clementine 19 óra 56 perc
• openSUSE: 2019:1954-1: moderate: openexr 19 óra 57 perc
• openSUSE: 2019:1952-1: moderate: zstd 19 óra 59 perc
• openSUSE: 2019:1951-1: moderate: Recommended dkgpg, libTMCG 20 óra 8 perc
• Ubuntu 4103-2: Docker vulnerability 20 óra 36 perc

Ubuntu Secutity Notices

• USN-4105-1: CUPS vulnerabilities 6 óra 24 perc
• USN-4104-1: Nova vulnerability 11 óra 2 perc
• USN-4103-2: Docker vulnerability 17 óra 9 perc
• USN-4103-1: docker-credential-helpers vulnerability 19 óra 28 perc
• USN-4078-2: OpenLDAP vulnerabilities 21 óra 6 perc
• USN-4102-1: LibreOffice vulnerabilities 22 óra 29 perc
• USN-4100-1: KConfig and KDE libraries vulnerabilities 3 nap 13 óra
• USN-4101-1: Firefox vulnerability 3 nap 14 óra
• USN-4099-1: nginx vulnerabilities 4 nap 17 óra
• USN-4098-1: wpa_supplicant and hostapd vulnerability 5 nap 21 óra

SANS

• ISC Stormcast For Tuesday, August 20th 2019 https://isc.sans.edu/podcastdetail.html?id=6628, (Tue, Aug 20th) 7 óra 19 perc
• Compressed ISO Files (ISZ), (Mon, Aug 19th) 15 óra 35 perc
• ISC Stormcast For Monday, August 19th 2019 https://isc.sans.edu/podcastdetail.html?id=6626, (Mon, Aug 19th) 1 nap 7 óra
• Video: Analyzing DAA Files, (Sun, Aug 18th) 1 nap 14 óra
• The DAA File Format, (Fri, Aug 16th) 3 nap 13 óra
• ISC Stormcast For Friday, August 16th 2019 https://isc.sans.edu/podcastdetail.html?id=6624, (Fri, Aug 16th) 4 nap 7 óra
• Analysis of a Spearphishing Maldoc, (Thu, Aug 15th) 4 nap 14 óra
• ISC Stormcast For Thursday, August 15th 2019 https://isc.sans.edu/podcastdetail.html?id=6622, (Thu, Aug 15th) 5 nap 7 óra
• ISC Stormcast For Wednesday, August 14th 2019 https://isc.sans.edu/podcastdetail.html?id=6620, (Wed, Aug 14th) 6 nap 7 óra
• Recent example of MedusaHTTP malware, (Wed, Aug 14th) 6 nap 10 óra

NVD: all CVE

• CVE-2019-15237 9 óra 4 perc
• CVE-2019-15228 10 óra 4 perc
• CVE-2019-15229 10 óra 4 perc
• CVE-2019-15231 10 óra 4 perc
• CVE-2019-15232 10 óra 4 perc
• CVE-2019-15224 11 óra 4 perc
• CVE-2019-15225 11 óra 4 perc
• CVE-2019-15223 12 óra 4 perc
• CVE-2019-15211 12 óra 4 perc
• CVE-2019-15212 12 óra 4 perc

Sophos virus alerts

• W32/Phorpiex-AI 12 óra 19 perc
• VBS/DwnLdr-YOI 12 óra 19 perc
• VBS/DwnLdr-YOH 12 óra 19 perc
• VBS/DwnLdr-YOG 12 óra 19 perc
• Troj/VB-KLL 12 óra 19 perc
• Troj/TrickBo-SL 12 óra 19 perc
• Troj/Remcos-LA 12 óra 19 perc
• Troj/Phish-FUQ 12 óra 19 perc
• Troj/Phish-FUP 12 óra 19 perc
• Troj/Netwire-NT 12 óra 19 perc

US CERT: Security Bulletins

• Vulnerability Summary for the Week of August 12, 2019 23 óra 58 perc
• Vulnerability Summary for the Week of August 5, 2019 1 hét 23 óra
• Vulnerability Summary for the Week of July 29, 2019 2 hét 23 óra
• Vulnerability Summary for the Week of July 22, 2019 3 hét 23 óra
• Vulnerability Summary for the Week of July 15, 2019 4 hét 23 óra
• Vulnerability Summary for the Week of July 8, 2019 1 hónap 5 nap
• Vulnerability Summary for the Week of July 1, 2019 1 hónap 1 hét
• Vulnerability Summary for the Week of June 24, 2019 1 hónap 2 hét
• SB19-175: Vulnerability Summary for the Week of June 17, 2019 1 hónap 3 hét
• Vulnerability Summary for the Week of June 17, 2019 1 hónap 3 hét

Kaspersky

• IT threat evolution Q2 2019 1 nap 19 perc
• IT threat evolution Q2 2019. Statistics 1 nap 19 perc
• Recent Cloud Atlas activity 1 hét 1 nap
• DDoS attacks in Q2 2019 2 hét 1 nap
• APT trends report Q2 2019 2 hét 5 nap
• Financial threats in H1 2019 2 hét 5 nap
• How to steal a million (of your data) 4 hét 19 perc
• On the IoT road: perks, benefits and security of moving smartly 4 hét 1 nap
• Turla renews its arsenal with Topinambour 1 hónap 6 nap
• New FinSpy iOS and Android implants revealed ITW 1 hónap 1 hét

HUP - titkosítás, biztonság

• Webmin <= 1.920 - Unauthenticated RCE 1 nap 3 óra
• "Down the Rabbit-Hole... " 4 nap 21 óra
• KDE Plasma sebezhetőségre figyelmeztet a KDE közösség, a fejlesztők dolgoznak a javításon 1 hét 6 nap
• Re: "You Might Want to Uninstall VLC. Immediately." 3 hét 5 nap
• Insurgo PrivacyBeast X230 laptop - Qubes OS fejlesztők ajánlásával 1 hónap 2 nap
• Az O365 használata mostantól törvénytelen számos német iskolában 1 hónap 1 hét
• 5 milliárd dolláros büntetéssel zárta le a Facebook ellen folytatott vizsgálatát az FTC 1 hónap 1 hét
• DNS-over-HTTPS (DoH) engedélyezése Firefox böngészőben 1 hónap 2 hét
• Adware cég teszteli kihasználásra a javítatlan macOS Gatekeeper sebezhetőséget 1 hónap 3 hét
• Melyiket használod, ha témában kérdeznek és magyar szövegben kell elhelyezni az alábbi kifejezést? 1 hónap 3 hét

Huawei Security Bulletin

• Security Advisory - Four Remote Code Execution Vulnerabilities in Some Microsoft Windows Systems 1 nap 12 óra
• Two Denial of Service Vulnerabilities on Some Huawei Smartphones 6 nap 12 óra
• Security Notice - Statement on Brute Forcing Encrypted Backup Data for Huawei Smartphones 1 hét 4 nap
• Security Advisory - Information Leak Vulnerability on Some Huawei Smart Phones 1 hét 6 nap
• Security Advisory - Double Free Vulnerability in Some Huawei Smart Phones 1 hét 6 nap
• Security Advisory - TLS Certificate Verification Vulnerability in Huawei 7900 IP Phones 3 hét 6 nap
• Security Advisory - Improper Authentication Vulnerability on PC Manager 1 hónap 3 nap
• Security Advisory - Information Disclosure Vulnerability on Secure Input 1 hónap 4 nap
• Security Notice - Statement on the Irrelevance of Swascan-Discovered Vulnerabilities to Huawei Products and Solutions 1 hónap 6 nap
• Security Notice - Statement on Fastjson Remote Code Execution Vulnerability 1 hónap 1 hét

seclist.org

• No cON Name 2019 Congress CFP 3 nap 17 óra
• APPLE-SA-2019-08-13-5 SwiftNIO HTTP/2 1.5.0 3 nap 17 óra
• APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4 3 nap 17 óra
• APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3 3 nap 17 óra
• APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4 3 nap 17 óra
• APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra 3 nap 17 óra
• Open-Xchange Security Advisory 2019-08-15 3 nap 17 óra
• Open-Xchange Security Advisory 2019-08-15 3 nap 17 óra
• Some interesting facts about gitlab runners 6 nap 16 óra
• TortoiseSVN v1.12.1 - Remote Code Execution Vulnerability 6 nap 20 óra

Cisco Security Advisories

• Cisco Firepower Threat Defense Software Nonstandard Protocol Detection Bypass Vulnerability 3 nap 17 óra
• Cisco Firepower Threat Defense Software NULL Character Obfuscation Detection Bypass Vulnerability 3 nap 17 óra
• Cisco Firepower Threat Defense Software Stream Reassembly Bypass Vulnerability 3 nap 17 óra
• Cisco Firepower Threat Defense Software HTTP Filtering Bypass Vulnerability 3 nap 17 óra
• Key Negotiation of Bluetooth Vulnerability 6 nap 14 óra
• Cisco Adaptive Security Appliance Software Web-Based Management Interface Privilege Escalation Vulnerability 1 hét 5 nap
• Cisco Email Security Appliance Header Injection Vulnerability 1 hét 5 nap
• Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability 1 hét 5 nap
• Cisco IoT Field Network Director TLS Renegotiation Denial of Service Vulnerability 1 hét 5 nap
• Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability 1 hét 5 nap

NVD: fully analised CVE

• CVE-2019-15120 (kunena) 3 nap 19 óra
• CVE-2017-18548 (note_press) 3 nap 20 óra
• CVE-2018-17790 (master_data_online) 4 nap 17 óra
• CVE-2019-1228 (windows_7, windows_server_2008) 5 nap 13 óra
• CVE-2019-1222 (windows_10, windows_server_2016, windows_server_2019) 5 nap 13 óra
• CVE-2019-1226 (windows_10, windows_server_2016, windows_server_2019) 5 nap 13 óra
• CVE-2019-1227 (windows_10, windows_server_2016, windows_server_2019) 5 nap 13 óra
• CVE-2019-1186 (windows_10, windows_server_2016, windows_server_2019) 5 nap 13 óra
• CVE-2019-1195 (edge) 5 nap 13 óra
• CVE-2019-1196 (edge) 5 nap 13 óra

US CERT: Current Activity

• Microsoft Releases Security Update for Windows Elevation of Privilege Vulnerability 4 nap 14 óra
• IRS Security Summit Series for Tax Professionals: Create a Data Theft Recovery Plan 5 nap 18 óra
• Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities 5 nap 18 óra
• Multiple HTTP/2 Implementation Vulnerabilities 5 nap 19 óra
• Microsoft Releases August 2019 Security Updates 6 nap 16 óra
• Intel Releases Security Updates 6 nap 16 óra
• Adobe Releases Security Updates for Multiple Products 6 nap 16 óra
• NCSA Webinar on Cybersecurity for Small Businesses 1 hét 3 nap
• ACSC Releases Advisory on Password Spraying Attacks 1 hét 4 nap
• Google Releases Security Updates for Chrome 1 hét 4 nap

Drupal contrib security advisories

• Forms Steps - Critical - Access bypass - SA-CONTRIB-2019-064 5 nap 16 óra
• External Links Filter - Moderately critical - Open Redirect Vulnerability - SA-CONTRIB-2019-063 5 nap 16 óra
• Super Login - Moderately critical - Cross site scripting - SA-CONTRIB-2019-062 5 nap 17 óra
• scroll to top - Moderately critical - Cross site scripting - SA-CONTRIB-2019-061 5 nap 17 óra
• Existing Values Autocomplete Widget - Critical - Access bypass - SA-CONTRIB-2019-060 3 hét 5 nap
• Facebook Messenger Customer Chat Plugin - Critical - Access bypass - SA-CONTRIB-2019-059 3 hét 5 nap
• Metatag - Moderately critical - Information disclosure - SA-CONTRIB-2019-058 3 hét 5 nap
• Meta tags quick - Moderately critical - Cross Site Scripting - SA-CONTRIB-2019-057 1 hónap 3 nap
• ImageCache Actions - Critical - Multiple Vulnerabilities - SA-CONTRIB-2019-056 1 hónap 3 nap
• Custom Permissions - Critical - Access bypass - SA-CONTRIB-2019-055 1 hónap 1 hét

CERT-SEI

• VU#918987: Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks 5 nap 21 óra
• VU#605641: HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion 6 nap 16 óra
• VU#489481: Cylance Antivirus Products Susceptible to Concatenation Bypass 2 hét 4 nap
• VU#790507: Oracle Solaris vulnerable to arbitrary code execution via /proc/self 1 hónap 4 nap
• VU#129209: LLVMs Arm stack protection feature can be rendered ineffective 1 hónap 5 nap
• VU#465632: Microsoft Exchange server 2013 and newer are vulnerable to NTLM relay attacks 1 hónap 4 hét
• VU#905115: Multiple TCP Selective Acknowledgement (SACK) and Maximum Segment Size (MSS) networking vulnerabilities may cause denial-of-service conditions in Linux and FreeBSD kernels 2 hónap 15 óra
• VU#871675: WPA3 design issues and implementation vulnerabilities in hostapd and wpa_supplicant 2 hónap 2 hét
• VU#576688: Microsoft windows RDP Network Level Authenticaion can bypass the Windows lock screen 2 hónap 2 hét
• VU#877837: Multiple vulnerabilities in Quest (Dell) Kace K1000 Appliance 2 hónap 2 hét

Microsoft Security Response Center Blog Alerts

• 2019 年 8 月のセキュリティ更新プログラム (月例) 6 nap 11 óra
• Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) 6 nap 17 óra
• August 2019 Security Updates 6 nap 17 óra
• Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP) 1 hét 4 nap
• Announcing 2019 MSRC Most Valuable Security Researchers 1 hét 5 nap
• Corporate IoT – a path to intrusion 2 hét 17 óra
• Azure Security Lab: a new space for Azure research and collaboration 2 hét 18 óra
• Recognizing Security Researchers in 2019 2 hét 6 nap
• Meet the MSRC at Black Hat 2019 3 hét 10 óra
• It’s Official – The Way We Recognize Our Security Researchers 3 hét 14 óra

Symantec - threat

• Trojan.Fenkrib!gen2 3 hét 4 nap
• CL.Downloader!gen122 3 hét 6 nap
• ISB.Downloader!gen287 3 hét 6 nap
• Trojan.Fenkrib!gen1 3 hét 6 nap
• SONAR.Powershell!g47 4 hét 10 óra
• ISB.Downloader!gen284 4 hét 1 nap
• Ransom.Bitpaymer 4 hét 1 nap
• W64.Gobot2!gen1 1 hónap 2 nap
• ISB.Downloader!gen290 1 hónap 3 nap
• ISB.Downloader!gen285 1 hónap 4 nap

SecurityFocus

• Vuln: Qualcomm Components CVE-2019-2307 Integer Underflow Vulnerability 3 hét 4 nap
• Vuln: LibreOffice Remote Code Execution and Unauthorized Access Vulnerabilities 3 hét 4 nap
• Vuln: Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure Vulnerability 3 hét 4 nap
• Vuln: FreeBSD CVE-2019-5604 Out of Bounds Read Denial of Service Vulnerability 3 hét 5 nap
• Vuln: KDE KAuth CVE-2017-8422 Local Privilege Escalation Vulnerability 3 hét 5 nap
• Vuln: GNU GDB CVE-2019-1010180 Remote Buffer Overflow Vulnerability 3 hét 6 nap
• Vuln: Exim CVE-2019-13917 Privilege Escalation Vulnerability 3 hét 6 nap
• Vuln: Ansible CVE-2019-10206 Remote Information Disclosure Vulnerability 3 hét 6 nap
• Vuln: GNU Binutils 'libiberty' CVE-2019-14250 Integer Overflow Vulnerability 3 hét 6 nap
• Vuln: Micro Focus ArcSight Logger CVE-2019-3485 HTML Injection Vulnerability 3 hét 6 nap

Talos Group- Cisco blog

• Let’s Destroy Democracy 4 hét 19 óra
• Threat Roundup for July 12 to July 19 1 hónap 1 nap
• SWEED: Exposing years of Agent Tesla campaigns 1 hónap 5 nap
• Threat Roundup for July 5 to July 12 1 hónap 1 hét
• Should governments pay extortion payments after a ransomware attack? 1 hónap 1 hét
• Sea Turtle Keeps on Swimming 1 hónap 1 hét
• Threat Roundup for June 28 to July 5 1 hónap 2 hét
• Vulnerability Spotlight: Remote code execution vulnerabilities in Simple DirectMedia Layer 1 hónap 2 hét
• RATs and stealers rush through “Heaven’s Gate” with new loader 1 hónap 2 hét
• Threat Roundup for June 21 to June 28 1 hónap 3 hét

Drupal core security advisories

• Drupal core - Critical - Access bypass - SA-CORE-2019-008 1 hónap 3 nap
• Drupal core - Moderately critical - Third-party libraries - SA-CORE-2019-007 3 hónap 1 hét

Juniper Security Advisories

• JSA10948 - 2019-07 Security Bulletin: Junos OS: J-Web Denial of Service due to multiple vulnerabilities in Embedthis Appweb Server 1 hónap 1 hét
• JSA10947 - 2019-07 Security Bulletin: Junos OS: Insufficient validation of environment variables in telnet client may lead to stack-based buffer overflow (CVE-2019-0053) 1 hónap 1 hét
• JSA10946 - 2019-07 Security Bulletin: SRX Series: srxpfe process crash while JSF/UTM module parses specific HTTP packets (CVE-2019-0052) 1 hónap 1 hét
• JSA10943 - 2019-07 Security Bulletin: Junos OS: RPD process crashes when BGP peer restarts (CVE-2019-0049) 1 hónap 1 hét
• JSA10942 - 2019-07 Security Bulletin: EX4300 Series: When a firewall filter is applied to a loopback interface, other firewall filters for multicast traffic may fail (CVE-2019-0048) 1 hónap 1 hét
• JSA10938 - 2019-07 Security Bulletin: Junos OS: EX4300 Series: Denial of Service upon receipt of large number of specific valid packets on management interface. (CVE-2019-0046) 1 hónap 1 hét
• JSA10950 - 2019-07 Security Bulletin: Juniper Secure Analytics (JSA): Multiple vulnerabilities resolved in JSA 7.3.2 Patch 1 1 hónap 1 hét
• JSA10949 - 2019-07 Security Bulletin: Junos OS: OpenSSL Security Advisory [26 Feb 2019] 1 hónap 1 hét
• JSA10940 - 2019-07 Security Bulletin: Junos OS: Multiple Vulnerabilities in OpenSSH 1 hónap 1 hét
• JSA10939 - 2019-07 Security Bulletin: Steel Belted Radius Carrier Edition: Multiple Vulnerabilities in NSPR, NSS and Bouncy Castle 1 hónap 1 hét

Arista Security Advisories

• Security Advisory 0041 1 hónap 3 hét

US CERT: Technical Security Alerts

• AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability 2 hónap 3 nap
• AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability 2 hónap 3 nap
• AA19-122A: New Exploits for Unsecure SAP Systems 3 hónap 2 hét
• AA19-122A: New Exploits for Unsecure SAP Systems 3 hónap 2 hét

Adatbiztonság (Computerworld)

AusCERT - Security Bulletins

Cisco Security Alerts

Cisco Security Responses

ISC Knowledge Base

Juniper signatures

Microsoft Comprehensive Alerts

Microsoft Security Bulletin

Origo - biztonság -szoftverek