Sources

Linux security Advisories

• Debian LTS: DLA-1820-1: thunderbird security update 7 óra 49 perc
• RedHat: RHSA-2019-1477:01 Important: chromium-browser security update 9 óra 49 perc
• RedHat: RHSA-2019-1476:01 Critical: flash-plugin security update 9 óra 53 perc
• Debian LTS: DLA-1819-1: pyxdg security update 1 nap 5 óra
• openSUSE: 2019:1558-1: important: chromium 1 nap 17 óra
• openSUSE: 2019:1557-1: important: chromium 1 nap 17 óra
• openSUSE: 2019:1559-1: important: chromium 1 nap 17 óra
• Debian: DSA-4464-1: thunderbird security update 1 nap 20 óra
• Fedora 29: podman Security Update 2 nap 16 óra
• Fedora 29: containernetworking-plugins Security Update 2 nap 16 óra

SANS

• An infection from Rig exploit kit, (Mon, Jun 17th) 9 óra 38 perc
• ISC Stormcast For Monday, June 17th 2019 https://isc.sans.edu/podcastdetail.html?id=6542, (Mon, Jun 17th) 11 óra 47 perc
• Sysmon Version 10: DNS Logging, (Sun, Jun 16th) 16 óra 22 perc
• ISC Stormcast For Friday, June 14th 2019 https://isc.sans.edu/podcastdetail.html?id=6540, (Fri, Jun 14th) 3 nap 12 óra
• A few Ghidra tips for IDA users, part 4 - function call graphs, (Fri, Jun 14th) 3 nap 13 óra
• ISC Stormcast For Thursday, June 13th 2019 https://isc.sans.edu/podcastdetail.html?id=6538, (Thu, Jun 13th) 4 nap 12 óra
• What is "THAT" Address Doing on my Network, (Thu, Jun 13th) 4 nap 12 óra
• ISC Stormcast For Wednesday, June 12th 2019 https://isc.sans.edu/podcastdetail.html?id=6536, (Wed, Jun 12th) 5 nap 11 óra
• MSFT June 2019 Patch Tuesday, (Tue, Jun 11th) 5 nap 20 óra
• ISC Stormcast For Tuesday, June 11th 2019 https://isc.sans.edu/podcastdetail.html?id=6534, (Tue, Jun 11th) 6 nap 12 óra

SecurityFocus

• Vuln: Google Chrome CVE-2019-5842 Remote Security Vulnerability 15 óra 27 perc
• Vuln: Cisco Identity Services Engine CVE-2018-0187 Information Disclosure Vulnerability 15 óra 27 perc
• Vuln: QEMU 'tcp_subr.c' Local Heap Buffer Overflow Vulnerability 15 óra 27 perc
• More rss feeds from SecurityFocus 4 nap 6 óra
• Vuln: Apache HTTP Server CVE-2019-0220 Remote Security Vulnerability 4 nap 15 óra
• Vuln: Microsoft Windows 'SetJobFileSecurityByName()' Function Local Privilege Escalation Vulnerability 4 nap 15 óra
• Vuln: RETIRED: Microsoft Windows Task Scheduler CVE-2019-1069 Local Privilege Escalation Vulnerability 4 nap 15 óra
• Vuln: Apache httpd CVE-2019-0196 Security Bypass Vulnerability 4 nap 15 óra
• Vuln: Apache HTTP Server CVE-2019-0197 Denial of Service Vulnerability 4 nap 15 óra
• Vuln: Cisco IOS XE Software CVE-2019-1904 Cross Site Request Forgery Vulnerability 5 nap 15 óra

NVD: all CVE

• CVE-2019-12855 1 nap 58 perc
• CVE-2013-7472 1 nap 13 óra
• CVE-2019-12839 1 nap 16 óra
• CVE-2019-12840 1 nap 16 óra
• CVE-2019-12835 1 nap 17 óra
• CVE-2019-12830 1 nap 18 óra
• CVE-2019-12831 1 nap 18 óra
• CVE-2019-12829 1 nap 19 óra
• CVE-2019-12816 1 nap 20 óra
• CVE-2019-12828 2 nap 16 óra

Sophos virus alerts

• Troj/Trickbo-RR 1 nap 15 óra
• Troj/Godrop-I 1 nap 15 óra
• Troj/Stealer-SI 1 nap 15 óra
• Troj/Phish-FJD 2 nap 15 óra
• Troj/Phish-FJC 2 nap 15 óra
• Troj/Autoit-CNW 2 nap 15 óra
• Troj/RTFPhish-J 2 nap 15 óra
• Troj/Phish-FJE 2 nap 15 óra
• Troj/PDFUri-HLF 2 nap 15 óra
• Troj/Autoit-CNV 2 nap 15 óra

HUP - titkosítás, biztonság

• Worm használja ki aktívan a Exim friss RCE sebezhetőséget 2 nap 1 óra
• A Purism szerint a killswitch a biztos megoldás a privát szféra védelmére 2 hét 7 óra
• Távoli kódfuttatás sebezhetőség az Nginx webszerverben 2 hét 2 nap
• Root hozzáférést tesz lehetővé a host rendszer fájlrendszeréhez egy Docker bug 2 hét 4 nap
• "MacOS X GateKeeper Bypass" 3 hét 1 nap
• Felhasználod-e ugyanazt a jelszót több weboldalon is? 3 hét 2 nap
• Biztonsági incidens a Stack Overflow-nál 1 hónap 17 óra
• A P0 csapat közzétette '0day "In the Wild"' eseteket követő táblázatát 1 hónap 2 nap
• Támadás alatt a Microsoft Sharepoint szerverek 1 hónap 1 hét
• Docker Hub biztonsági incidens 1 hónap 2 hét

Microsoft Security Response Center Blog Alerts

• Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149) 2 nap 9 óra
• June 2019 security update release 5 nap 20 óra
• BlueHat Shanghai 2019: Amplifying the power of defensive partnerships around the world 2 hét 2 nap
• A Reminder to Update Your Systems to Prevent a Worm 2 hét 3 nap
• Microsoft Launches a New Recognition Program for MAPP Partners 2 hét 4 nap
• Prevent a worm by updating Remote Desktop Services (CVE-2019-0708) 1 hónap 3 nap
• May 2019 Security Update Release 1 hónap 3 nap
• April 2019 Security Update Release 2 hónap 1 hét
• Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards 2 hónap 2 hét
• Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec! 3 hónap 3 nap

Ubuntu Secutity Notices

• USN-3991-3: Firefox regression 2 nap 16 óra
• USN-4015-2: DBus vulnerability 4 nap 22 óra
• USN-4016-2: Neovim vulnerability 5 nap 19 óra
• USN-4016-1: Vim vulnerabilities 5 nap 19 óra
• USN-4015-1: DBus vulnerability 5 nap 20 óra
• USN-4014-2: GLib vulnerability 6 nap 1 óra
• USN-4014-1: GLib vulnerability 6 nap 18 óra
• USN-4013-1: libsndfile vulnerabilities 6 nap 23 óra
• USN-4012-1: elfutils vulnerabilities 6 nap 23 óra
• USN-4008-3: Linux kernel (Xenial HWE) vulnerabilities 1 hét 3 nap

seclist.org

• DSA-2019-092: Dell EMC Avamar Security Update for ADMe Web UI Vulnerability 2 nap 18 óra
• [Project] Open frame to the main. 2 nap 18 óra
• X41 D-Sec GmbH Security Advisory X41-2019-004: Type confusion in Thunderbird 2 nap 18 óra
• X41 D-Sec GmbH Security Advisory X41-2019-003: Stack-based buffer overflow in Thunderbird 2 nap 18 óra
• X41 D-Sec GmbH Security Advisory X41-2019-002: Heap-based buffer overflow in Thunderbird 2 nap 18 óra
• X41 D-Sec GmbH Security Advisory X41-2019-001: Heap-based buffer overflow in Thunderbird 2 nap 18 óra
• [SE-2019-01] Java Card vulnerabilities (post shutdown release) 3 nap 3 óra
• SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series 4 nap 7 óra
• Disclosing a security vulnerability 5 nap 20 óra
• The Return of the WIZard: RCE in Exim (CVE-2019-10149) 5 nap 20 óra

US CERT: Current Activity

• Mozilla Releases Security Update for Thunderbird 3 nap 10 óra
• Google Releases Security Updates for Chrome 3 nap 15 óra
• Exim Releases Security Patches 3 nap 17 óra
• FTC Releases Alert on Updating Software 3 nap 17 óra
• Cisco Releases Security Update for Cisco IOS XE 4 nap 16 óra
• Intel Releases Security Updates, Mitigations for Multiple Products 5 nap 18 óra
• Microsoft Releases June 2019 Security Updates 5 nap 19 óra
• Adobe Releases Security Updates 5 nap 23 óra
• CIS Releases 2018 Year in Review 6 nap 11 óra
• IC3 Issues Alert on HTTPS Phishing 6 nap 16 óra

NVD: fully analised CVE

• CVE-2019-7321 (mupdf) 3 nap 18 óra
• CVE-2019-12798 (mujs) 3 nap 19 óra
• CVE-2019-5286 (hedex_lite) 3 nap 20 óra
• CVE-2019-5245 (hisuite) 3 nap 20 óra
• CVE-2019-5439 (vlc_media_player) 3 nap 20 óra
• CVE-2019-0178 (open_cloud_integrity_tehnology, openattestation) 3 nap 20 óra
• CVE-2019-0179 (open_cloud_integrity_tehnology, openattestation) 3 nap 20 óra
• CVE-2019-0180 (open_cloud_integrity_tehnology, openattestation) 3 nap 20 óra
• CVE-2019-0181 (open_cloud_integrity_tehnology, openattestation) 3 nap 20 óra
• CVE-2019-0182 (open_cloud_integrity_tehnology, openattestation) 3 nap 20 óra

Cisco Security Advisories

• Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 4 nap 18 óra
• Offline Cryptographic Attacks Targeting the Wi-Fi Protected Access 2 Protocol 1 hét 3 nap
• Cisco Identity Services Engine Privileged Account Sensitive Information Disclosure Vulnerability 1 hét 3 nap
• Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability 1 hét 4 nap
• Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability 1 hét 4 nap
• Cisco Industrial Network Director Remote Code Execution Vulnerability 1 hét 4 nap
• Cisco Industrial Network Director Stored Cross-Site Scripting Vulnerability 1 hét 4 nap
• Cisco IOS XR Software Secure Shell Authentication Vulnerability 1 hét 4 nap
• Cisco Unified Computing System BIOS Signature Bypass Vulnerability 1 hét 4 nap
• Cisco TelePresence Video Communication Server and Cisco Expressway Series Server-Side Request Forgery Vulnerability 1 hét 4 nap

Kaspersky

• What kids get up to online 5 nap 3 óra
• Platinum is back 1 hét 5 nap
• Zebrocy’s Multilanguage Malware Salad 1 hét 6 nap
• IT threat evolution Q1 2019. Statistics 3 hét 4 nap
• IT threat evolution Q1 2019 3 hét 4 nap
• DDoS attacks in Q1 2019 3 hét 6 nap
• Spam and phishing in Q1 2019 1 hónap 3 nap
• ScarCruft continues to evolve, introduces Bluetooth harvester 1 hónap 5 nap
• The 2019 DBIR Is Out 1 hónap 1 hét
• FIN7.5: the infamous cybercrime rig “FIN7” continues its activities 1 hónap 1 hét

Huawei Security Bulletin

• Security Advisory - DLL Hijacking Vulnerability on Huawei HiSuite 5 nap 15 óra
• Security Advisory - XSS Vulnerability in Huawei HedEx products 1 hét 5 nap
• Security Notice - Statement on Microsoft Remote Code Execution Vulnerability(CVE-2019-0708) 2 hét 5 nap
• Security Advisory - Remote Code Execution Vulnerability in Some Microsoft Windows Systems 2 hét 5 nap
• Security Advisory - Some Huawei 4G LTE devices are exposed to a message replay vulnerability 2 hét 5 nap
• DoS Vulnerability in RTSP Module of Huawei Smart Phones 3 hét 4 nap
• DoS Vulnerability in Huawei S Series Switch Products 3 hét 5 nap
• Security Advisory - MITM Vulnerability on Huawei Share 1 hónap 1 nap
• Security Notice - Statement on the Side Channel Vulnerabilities "MDS" of Chips 1 hónap 3 nap
• Security Notice - Statement on Microsoft Remote Code Execution Vulnerability(CVE-2019-0708) 1 hónap 3 nap

Symantec - threat

• SONAR.SuspDrop!g19 6 nap 13 óra
• SONAR.Mimikatz!gen14 1 hét 6 nap
• SONAR.RansomRyuk!gen1 1 hét 6 nap
• SONAR.Beapy!gen1 1 hét 6 nap
• ISB.Downloader!gen243 1 hét 6 nap
• OSX.Keysteal 2 hét 1 nap
• ISB.Dropper!gen11 2 hét 5 nap
• Exp.CVE-2019-0752 2 hét 6 nap
• Backdoor.Tavroigu!g1 2 hét 6 nap
• SONAR.UACBypass!gen27 2 hét 6 nap

US CERT: Security Bulletins

• SB19-161: Vulnerability Summary for the Week of June 3, 2019 6 nap 23 óra
• SB19-154: Vulnerability Summary for the Week of May 27, 2019 2 hét 2 óra
• SB19-147: Vulnerability Summary for the Week of May 20, 2019 3 hét 2 óra
• SB19-140: Vulnerability Summary for the Week of May 13, 2019 4 hét 20 perc
• SB19-133: Vulnerability Summary for the Week of May 6, 2019 1 hónap 5 nap
• SB19-126: Vulnerability Summary for the Week of April 29, 2019 1 hónap 1 hét
• SB19-119: Vulnerability Summary for the Week of April 22, 2019 1 hónap 2 hét
• SB19-112: Vulnerability Summary for the Week of April 15, 2019 1 hónap 3 hét
• SB19-105: Vulnerability Summary for the Week of April 8, 2019 2 hónap 3 nap
• SB19-098: Vulnerability Summary for the Week of April 1, 2019 2 hónap 1 hét

CERT-SEI

• VU#576688: Microsoft windows RDP Network Level Authenticaion can bypass the Windows lock screen 1 hét 5 nap
• VU#877837: Multiple vulnerabilities in Quest (Dell) Kace K1000 Appliance 2 hét 2 nap
• VU#119704: Microsoft Windows Task Scheduler SetJobFileSecurityByName privilege escalation vulnerability 3 hét 4 nap
• VU#400865: Cisco Trust Anchor module (TAm) improperly checks code and Cisco IOS XE web UI does not sanitize user input 1 hónap 3 nap
• VU#169249: PrinterLogic Print Management Software fails to validate SSL certificates or the integrity of software updates. 1 hónap 2 hét
• VU#730261: Marvell Avastar wireless SoCs have multiple vulnerabilities 1 hónap 4 hét
• VU#166939: Broadcom WiFi chipset drivers contain multiple vulnerabilities 2 hónap 23 óra
• VU#871675: Multiple vulnerabilities identified in WPA3 protocol design and implementations of hostapd and wpa_supplicant components 2 hónap 5 nap
• VU#192371: Multiple VPN applications insecurely store session cookies 2 hónap 6 nap
• VU#174715: MyCar Controls uses hard-coded credentials 2 hónap 1 hét

Drupal contrib security advisories

• Universally Unique IDentifier - Moderately critical - Access bypass - SA-CONTRIB-2019-052 2 hét 4 nap
• TableField - Moderately critical - Access bypass and Cross Site Scripting - SA-CONTRIB-2019-051 2 hét 4 nap
• Menu Item Extras - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2019-050 3 hét 4 nap
• Workflow - Moderately critical - Cross Site Scripting - SA-CONTRIB-2019-049 3 hét 4 nap
• Multiple Registration - Critical - Access bypass - SA-CONTRIB-2019-048 1 hónap 2 nap
• Opigno Learning path - Moderately critical - Access bypass - SA-CONTRIB-2019-047 1 hónap 2 nap
• Opigno forum - Less critical - Access bypass - SA-CONTRIB-2019-046 1 hónap 2 nap
• TableField - Critical - Remote Code Execution - SA-CONTRIB-2019-045 2 hónap 19 óra
• Stage File Proxy - Less critical - Denial of Service - SA-CONTRIB-2019-044 2 hónap 21 óra
• Services - Less critical - Access bypass - SA-CONTRIB-2019-043 2 hónap 2 hét

Drupal core security advisories

• Drupal core - Moderately critical - Third-party libraries - SA-CORE-2019-007 1 hónap 1 hét
• Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-006 2 hónap 16 óra
• Drupal core - Moderately critical - Multiple Vulnerabilities - SA-CORE-2019-005 2 hónap 16 óra
• Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-004 2 hónap 4 hét

US CERT: Technical Security Alerts

• AA19-122A: New Exploits for Unsecure SAP Systems 1 hónap 2 hét

Arista Security Advisories

• Security Advisory 0040 2 hónap 1 nap

Juniper Security Advisories

• JSA10937 - 2019-04 Security Bulletin: Junos OS: Multiple FreeBSD vulnerabilities fixed in Junos OS. 2 hónap 1 hét
• JSA10930 - 2019-04 Security Bulletin: QFX5000 Series, EX4300, EX4600: A stack buffer overflow vulnerability in Packet Forwarding Engine manager (FXPC) process (CVE-2019-0008) 2 hónap 1 hét
• JSA10929 - 2019-04 Security Bulletin: Junos OS: Specially crafted packets sent to port 111 on any interface triggers responses from the management interface (CVE-2019-0040) 2 hónap 1 hét
• JSA10928 - 2019-04 Security Bulletin: Junos OS: Login credentials are vulnerable to brute force attacks through the REST API (CVE-2019-0039) 2 hónap 1 hét
• JSA10927 - 2019-04 Security Bulletin: SRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices can lead to DoS (CVE-2019-0038) 2 hónap 1 hét
• JSA10926 - 2019-04 Security Bulletin: Junos OS: jdhcpd crash upon receipt of crafted DHCPv6 solicit message (CVE-2019-0037) 2 hónap 1 hét
• JSA10925 - 2019-04 Security Bulletin: Junos OS: Firewall filter terms named "internal-1" and "internal-2" being ignored (CVE-2019-0036) 2 hónap 1 hét
• JSA10924 - 2019-04 Security Bulletin: Junos OS: 'set system ports console insecure' allows root password recovery on OAM volumes (CVE-2019-0035) 2 hónap 1 hét
• JSA10923 - 2019-04 Security Bulletin: Junos OS: gRPC hardcoded credentials may allow unauthorized access to systems with Junos Network Agent installed (CVE-2019-0034) 2 hónap 1 hét
• JSA10922 - 2019-04 Security Bulletin: SRX Series: A remote attacker may cause a high CPU Denial of Service to the device when proxy ARP is configured. (CVE-2019-0033) 2 hónap 1 hét

Juniper signatures

• Signature Update #3160 2 hónap 1 hét
• Cloud-Delivered Branch - Simplicity Now Surpasses SD-WAN 2 hónap 1 hét
• Signature Update #3159 2 hónap 1 hét
• Smart Ambulance Demo at MWC Showcases Critical 5G / SD-WAN Use Case 2 hónap 1 hét
• Signature Update #3158 2 hónap 2 hét
• Juniper Networks Completes Agreement to Acquire Mist Systems to Serve Enterprises End-to-End 2 hónap 2 hét
• Signature Update #3157 2 hónap 2 hét
• Signature Update #3156 2 hónap 3 hét
• Move Fast and Be Open With SONiC 2 hónap 3 hét
• Signature Update #3155 2 hónap 3 hét

Adatbiztonság (Computerworld)

AusCERT - Security Bulletins

Cisco Security Alerts

Cisco Security Responses

ISC Knowledge Base

Microsoft Comprehensive Alerts

Microsoft Security Bulletin

Origo - biztonság -szoftverek

Talos Group- Cisco blog