Sources

SANS

• ISC Stormcast For Tuesday, May 11th, 2021 https://isc.sans.edu/podcastdetail.html?id=7494, (Tue, May 11th) 2 óra 34 perc
• Correctly Validating IP Addresses: Why encoding matters for input validation., (Mon, May 10th) 16 óra 8 perc
• ISC Stormcast For Monday, May 10th, 2021 https://isc.sans.edu/podcastdetail.html?id=7492, (Mon, May 10th) 1 nap 2 óra
• Who is Probing the Internet for Research Purposes?, (Sat, May 8th) 1 nap 13 óra
• ISC Stormcast For Friday, May 7th, 2021 https://isc.sans.edu/podcastdetail.html?id=7490, (Fri, May 7th) 4 nap 2 óra
• Exposed Azure Storage Containers, (Fri, May 7th) 4 nap 4 óra
• Alternative Ways To Perform Basic Tasks, (Thu, May 6th) 4 nap 22 óra
• ISC Stormcast For Thursday, May 6th, 2021 https://isc.sans.edu/podcastdetail.html?id=7488, (Thu, May 6th) 5 nap 2 óra
• ISC Stormcast For Wednesday, May 5th, 2021 https://isc.sans.edu/podcastdetail.html?id=7486, (Wed, May 5th) 6 nap 2 óra
• May 2021 Forensic Contest, (Wed, May 5th) 6 nap 2 óra

ECHO Network

• Most Common Python Vulnerabilities and How To Avoid Them 4 óra 1 perc
• CVE-2021-32489 4 óra 10 perc
• Security Bulletin: IBM OpenPages with Watson has addressed a cross-site scripting vulnerability (CVE-2020-4535) 4 óra 31 perc
• Medium CVE-2020-28008: EXIM EXIM 5 óra 7 perc
• Medium CVE-2020-28007: EXIM EXIM 5 óra 7 perc
• CVE-2021-28359 (airflow, python) 5 óra 15 perc
• USN-4942-1: Firefox vulnerability 5 óra 43 perc
• Security at risk as PC users continue to use end-of-life Windows 7 6 óra 17 perc
• Debian: hivex 6 óra 28 perc
• Medium CVE-2020-28015: EXIM EXIM 6 óra 37 perc

NVD: all CVE

• CVE-2020-23369 5 óra 24 perc
• CVE-2020-23370 5 óra 24 perc
• CVE-2020-23371 5 óra 24 perc
• CVE-2020-23373 5 óra 24 perc
• CVE-2020-23374 5 óra 24 perc
• CVE-2020-23376 5 óra 24 perc
• CVE-2020-23575 5 óra 24 perc
• CVE-2021-32399 6 óra 24 perc
• CVE-2021-32489 6 óra 24 perc
• CVE-2021-32053 7 óra 24 perc

AusCERT - Security Bulletins

• ESB-2021.1583 - [Win][UNIX/Linux] Squid: Denial of service - Remote/unauthenticated 6 óra 22 perc
• ESB-2021.1582 - [Ubuntu] WebKitGTK: Multiple vulnerabilities 6 óra 22 perc
• ESB-2021.1581 - [Appliance] Traffix SDC: Access confidential data - Remote/unauthenticated 6 óra 22 perc
• ESB-2021.1580 - [Win][UNIX/Linux][Ubuntu] PyYAML: Execute arbitrary code/commands - Remote/unauthenticated 6 óra 22 perc
• ESB-2021.1579 - [Win][UNIX/Linux][Debian] hivex: Multiple vulnerabilities 6 óra 22 perc
• ESB-2021.1578 - [Debian] libxml2: Multiple vulnerabilities 6 óra 22 perc
• ESB-2021.1577 - [Win][UNIX/Linux][Ubuntu] Exiv2: Multiple vulnerabilities 6 óra 22 perc
• ASB-2021.0101 - ALERT [UNIX/Linux] exim: Multiple vulnerabilities 4 nap 2 óra
• ESB-2021.1576 - [RedHat] Red Hat Ceph Storage: Multiple vulnerabilities 4 nap 2 óra
• ESB-2021.1575 - [Debian] unbound: Multiple vulnerabilities 4 nap 3 óra

Ubuntu Secutity Notices

• USN-4942-1: Firefox vulnerability 7 óra 28 perc
• USN-4941-1: Exiv2 vulnerabilities 10 óra 31 perc
• USN-4940-1: PyYAML vulnerability 14 óra 19 perc
• USN-4939-1: WebKitGTK vulnerabilities 16 óra 58 perc
• USN-4936-1: Thunderbird vulnerabilities 4 nap 15 óra
• USN-4938-1: Unbound vulnerabilities 4 nap 15 óra
• USN-4934-2: Exim vulnerabilities 4 nap 17 óra
• USN-4937-1: GNOME Autoar vulnerability 4 nap 17 óra
• USN-4935-1: NVIDIA graphics drivers vulnerabilities 6 nap 11 óra
• USN-4934-1: Exim vulnerabilities 6 nap 14 óra

US CERT: Security Bulletins

• Vulnerability Summary for the Week of May 3, 2021 17 óra 48 perc
• Vulnerability Summary for the Week of April 26, 2021 1 hét 16 óra
• Vulnerability Summary for the Week of April 19, 2021 2 hét 17 óra
• Vulnerability Summary for the Week of April 12, 2021 3 hét 17 óra
• Vulnerability Summary for the Week of April 5, 2021 4 hét 17 óra
• Vulnerability Summary for the Week of March 29, 2021 1 hónap 5 nap
• Vulnerability Summary for the Week of March 22, 2021 1 hónap 1 hét
• Vulnerability Summary for the Week of March 15, 2021 1 hónap 2 hét
• Vulnerability Summary for the Week of March 8, 2021 1 hónap 3 hét
• Vulnerability Summary for the Week of March 1, 2021 2 hónap 3 nap

Kaspersky

• DDoS attacks in Q1 2021 18 óra 38 perc
• Operation TunnelSnake: formerly unknown rootkit used to secretly control networks of regional organizations 4 nap 18 óra
• Spam and phishing in Q1 2021 1 hét 18 óra
• APT trends report Q1 2021 1 hét 6 nap
• Ransomware by the numbers: Reassessing the threat’s global impact 2 hét 3 nap
• Targeted Malware Reverse Engineering Workshop follow-up. Part 2 2 hét 5 nap
• Targeted Malware Reverse Engineering Workshop follow-up. Part 1 3 hét 17 óra
• Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild 3 hét 6 nap
• Malicious code in APKPure app 1 hónap 1 nap
• The leap of a Cycldek-related threat actor 1 hónap 5 nap

Linux security Advisories

• openSUSE: 2021:0692-1 moderate: libxml2> 1 nap 23 óra
• openSUSE: 2021:0691-1 moderate: vlc> 2 nap 5 óra
• Fedora 33: babel 2021-a499f89369> 2 nap 7 óra
• Fedora 33: libopenmpt 2021-89b7823e8c> 2 nap 7 óra
• Fedora 32: babel 2021-7e2a143808> 2 nap 7 óra
• Fedora 32: libopenmpt 2021-57540ff4ad> 2 nap 7 óra
• Mageia 2021-0208: messagelib security update> 4 nap 1 óra
• Mageia 2021-0207: ceph security update> 4 nap 1 óra
• Mageia 2021-0206: pagure security update> 4 nap 1 óra
• Debian LTS: DLA-2648-2: mediawiki regression update> 4 nap 7 óra

NVD: fully analised CVE

• CVE-2021-31755 (ac11_firmware) 3 nap 5 óra
• CVE-2021-31756 (ac11_firmware) 3 nap 5 óra
• CVE-2021-31757 (ac11_firmware) 3 nap 5 óra
• CVE-2021-31758 (ac11_firmware) 3 nap 5 óra
• CVE-2021-31458 (phantompdf, reader) 3 nap 7 óra
• CVE-2021-31459 (reader, phantompdf) 3 nap 7 óra
• CVE-2021-31460 (phantompdf, reader) 3 nap 7 óra
• CVE-2021-31456 (phantompdf, reader) 3 nap 7 óra
• CVE-2021-31457 (phantompdf, reader) 3 nap 7 óra
• CVE-2021-1426 (anyconnect_secure_mobility_client) 4 nap 15 óra

seclist.org

• Backdoor.Win32.NinjaSpy.c / Remote Command Execution 3 nap 12 óra
• Packed.Win32.Black.d / Unauthenticated Open Proxy 3 nap 12 óra
• Backdoor.Win32.Floder.gqe / Insecure Permissions 3 nap 12 óra
• Trojan.Win32.Siscos.bqe / Insecure Permissions 3 nap 12 óra
• Trojan.Win32.Agent.xdtv / Insecure Permissions 3 nap 12 óra
• Four vulnerabilities found in MikroTik's RouterOS 3 nap 12 óra
• Re: Four vulnerabilities found in MikroTik's RouterOS 3 nap 12 óra
• Re: Two vulnerabilities found in MikroTik's RouterOS 3 nap 12 óra
• Re: Three vulnerabilities found in MikroTik's RouterOS 3 nap 12 óra
• Re: Three vulnerabilities found in MikroTik's RouterOS 3 nap 12 óra

US CERT: Current Activity

• Exim Releases Security Update 3 nap 12 óra
• Joint NCSC-CISA-FBI-NSA Cybersecurity Advisory on Russian SVR Activity 3 nap 17 óra
•  Cisco Releases Security Updates for Multiple Products  4 nap 8 óra
• Mozilla Releases Security Updates for Firefox 4 nap 14 óra
• VMware Releases Security Update 4 nap 14 óra
• CISA Releases Analysis Reports on New FiveHands Ransomware 4 nap 15 óra
• Apple Releases Security Updates 6 nap 13 óra
• Ivanti Releases Pulse Secure Security Update 1 hét 12 óra
• Codecov Releases New Detections for Supply Chain Compromise 1 hét 3 nap
• Samba Releases Security Updates 1 hét 3 nap

Huawei Security Bulletin

• Security Advisory - Insufficient Input Validation Vulnerability in FusionCompute Product 5 nap 6 óra
• Security Advisory - Out-of-Bounds Write Vulnerability in Some Huawei Products 5 nap 6 óra
• Security Advisory - Denial of Service Vulnerability in Some Huawei Products 1 hét 6 nap
• Security Advisory - Denial of Service Vulnerability in Some Huawei Products 1 hét 6 nap
• Security Advisory - Pointer Double Free Vulnerability in Some Huawei Products 1 hónap 4 nap
• Security Advisory - JavaScript Injection Vulnerability in Huawei Smartphone 1 hónap 1 hét
• Security Advisory - Arbitrary Memory Write Vulnerability in Huawei Smart Phone 1 hónap 1 hét
• Security Advisory - Out of Bounds Write Vulnerability in Huawei Smartphone 1 hónap 1 hét
• Security Advisory - Denial of Service Vulnerability in Huawei Product 1 hónap 2 hét
• Security Advisory - XSS Injection Vulnerability in a Huawei Product 1 hónap 2 hét

Cisco Security Advisories

• Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability 5 nap 9 óra
• Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Local Privilege Escalation Vulnerability 5 nap 9 óra
• Cisco SD-WAN vManage Software Authentication Bypass Vulnerability 5 nap 9 óra
• Cisco SD-WAN Software Arbitrary File Corruption Vulnerability 5 nap 9 óra
• Cisco SD-WAN Software vDaemon Denial of Service Vulnerability 5 nap 9 óra
• Cisco SD-WAN vManage Information Disclosure Vulnerability 5 nap 9 óra
• Cisco SD-WAN vManage Software Information Disclosure Vulnerability 5 nap 9 óra
• Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Read Vulnerability 5 nap 9 óra
• Cisco SD-WAN vManage HTTP Authentication User Enumeration Vulnerability 5 nap 9 óra
• Cisco SD-WAN vManage API Stored Cross-Site Scripting Vulnerability 5 nap 9 óra

Microsoft Sercurity Response Center

• “BadAlloc” – Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks 1 hét 4 nap
• Congratulating Our Top MSRC 2021 Q1 Security Researchers! 3 hét 4 nap
• April 2021 Update Tuesday packages now available 3 hét 6 nap
• Introducing Bounty Awards for Teams Desktop Client Security Research 1 hónap 2 hét
• Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities 1 hónap 3 hét
• One-Click Microsoft Exchange On-Premises Mitigation Tool – March 2021 1 hónap 3 hét
• Microsoft Exchange Server Vulnerabilities Mitigations – March 2021 2 hónap 6 nap
• A new experience for reporting copyright or trademark infringement on Microsoft Services 2 hónap 1 hét
• Multiple Security Updates Released for Exchange Server 2 hónap 1 hét
• Microsoft Internal Solorigate Investigation – Final Update 2 hónap 3 hét

Drupal contrib security advisories

• SAML Authentication - Moderately critical - Access bypass - SA-CONTRIB-2021-006 1 hét 5 nap
• Fast Autocomplete - Moderately critical - Access bypass - SA-CONTRIB-2021-005 1 hónap 3 hét
• Webform - Moderately critical - Access bypass - SA-CONTRIB-2021-004 2 hónap 1 hét
• Subgroup - Less critical - Access bypass - SA-CONTRIB-2021-003 3 hónap 1 hét
• Open Social - Moderately critical - Access bypass - SA-CONTRIB-2021-002 3 hónap 1 hét
• Open Social - Moderately critical - Access bypass - SA-CONTRIB-2021-001 3 hónap 1 hét

US CERT: Technical Security Alerts

• AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders 2 hét 13 óra
• AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities 2 hét 6 nap
• AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool 1 hónap 3 hét
• AA21-076A: TrickBot Malware 1 hónap 3 hét
• AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities 2 hónap 1 hét
• AA21-055A: Exploitation of Accellion File Transfer Appliance 2 hónap 2 hét
• AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware 2 hónap 3 hét
• AA21-042A: Compromise of U.S. Water Treatment Facility 2 hónap 4 hét

Drupal core security advisories

• Drupal core - Critical - Cross-site scripting - SA-CORE-2021-002 2 hét 5 nap
• Drupal core - Critical - Third-party libraries - SA-CORE-2021-001 3 hónap 2 hét

CERT/CC

• VU#567764: MySQL for Windows is vulnerable to privilege escalation due to OPENSSLDIR location 2 hét 6 nap
• VU#213092: Pulse Connect Secure vulnerable to authentication bypass that could allow for remote code execution 2 hét 6 nap
• VU#815128: Embedded TCP/IP stacks have memory corruption vulnerabilities 1 hónap 2 hét
• VU#490028: Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector 1 hónap 3 hét
• VU#240785: Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs 2 hónap 3 hét
• VU#466044: Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths 3 hónap 13 óra
• VU#589825: Devices supporting Bluetooth BR/EDR and LE using CTKD are vulnerable to key overwrite 3 hónap 4 nap
• VU#794544: Heap-Based Buffer Overflow in Sudo 3 hónap 5 nap
• VU#125331: Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs 3 hónap 1 hét
• VU#434904: Dnsmasq is vulnerable to memory corruption and cache poisoning 3 hónap 3 hét

Juniper Security Advisories

• JSA11140 - 2021-04 Security Bulletin: Junos OS: PTX Series, QFX Series: Due to a race condition input loopback firewall filters applied to interfaces may not operate even when listed in the running configuration. (CVE-2021-0247) 3 hét 5 nap
• JSA11147 - 2021-04 Security Bulletin: Junos OS: Remote code execution vulnerability in overlayd service (CVE-2021-0254) 3 hét 5 nap
• JSA11125 - 2021-04 Security Bulletin: Junos OS: Memory leak when querying Aggregated Ethernet (AE) interface statistics (CVE-2021-0230) 3 hét 5 nap
• JSA11148 - 2021-04 Security Bulletin: Junos OS: MX Series, EX9200 Series: Trio-based MPCs memory leak in VPLS with integrated routing and bridging (IRB) interface (CVE-2021-0257) 3 hét 5 nap
• JSA11161 - 2021-04 Security Bulletin: Junos OS: PTX Series, QFX10K Series: A PTX/QFX FPC may restart unexpectedly with the "inline-Jflow" feature enabled on a large-scale deployment (CVE-2021-0270) 3 hét 5 nap
• JSA11135 - 2021-04 Security Bulletin: Junos OS: EX4300: FPC crash upon receipt of specific frames on an interface without L2PT or dot1x configured (CVE-2021-0242) 3 hét 5 nap
• JSA11149 - 2021-04 Security Bulletin: Junos OS: Kernel panic upon receipt of specific TCPv6 packet on management interface (CVE-2021-0258) 3 hét 5 nap
• JSA11123 - 2021-04 Security Bulletin: Junos OS: MX Series: DDoS LACP violation upon receipt of specific layer 2 frames in EVPN-VXLAN deployment (CVE-2021-0228) 3 hét 5 nap
• JSA11122 - 2021-04 Security Bulletin: Junos OS: SRX Series: Denial of Service in J-Web upon receipt of a crafted HTTP packet (CVE-2021-0227) 3 hét 5 nap
• JSA11121 - 2021-04 Security Bulletin: Junos OS Evolved: The IPv6 BGP session will flap due to receipt of a specific IPv6 packet 3 hét 5 nap

Talos Group- Cisco blog

• Threat Roundup for March 19 to March 26 1 hónap 2 hét
• Threat Roundup for March 12 to March 19 1 hónap 3 hét
• Threat Roundup for March 5 to March 12 1 hónap 4 hét
• Threat Roundup for February 26 to March 5 2 hónap 6 nap
• Threat Roundup for February 19 to February 26 2 hónap 1 hét
• Threat Roundup for February 12 to February 19 2 hónap 2 hét
• Threat Roundup for February 5 to February 12 2 hónap 3 hét
• Threat Roundup for January 22 to January 29 3 hónap 1 hét
• Threat Roundup for January 15 to January 22 3 hónap 2 hét

HUP - titkosítás, biztonság

• HIGH súlyossági besorolású biztonsági frissítést jelentett be az OpenSSL projekt 1 hónap 2 hét
• Backblaze B2 - Facebook adatszivárgási biztonsági incidens 1 hónap 2 hét
• "Exchange üzemeltetők figyelem: gyors segítség a ProxyLogon probléma kezeléséhez" 1 hónap 3 hét
• DearCry - új ransomware, ami az Exchange sebezhetőséget használja ki 1 hónap 4 hét
• Azure, Intune és Exchange forráskódokat is vittek a SolarWinds hackerek 2 hónap 2 hét
• "Hackerek törtek be Magyarország piacvezető domain-cégéhez" 2 hónap 3 hét
• CVE-2021-3156 - sudo local root sebezhetőség 3 hónap 1 hét

Arista Security Advisories

• Security Advisory 62 2 hónap 3 hét
• Security Advisory 0061 3 hónap 3 hét

Adatbiztonság (Computerworld)

Cisco Security Alerts

Cisco Security Responses

ISC Knowledge Base

Juniper signatures

Microsoft Security Bulletin

Microsoft Security Response Center Blog Alerts

Origo - biztonság -szoftverek

SecurityFocus

Sophos virus alerts

Symantec - threat