Gentoo Linux Security Advisory 202405-12

Gentoo Linux Security Advisory 202405-12 - Multiple vulnerabilities have been discovered in Pillow, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 10.2.0 are affected.

Gentoo Linux Security Advisory 202405-13

Gentoo Linux Security Advisory 202405-13 - A vulnerability has been discovered in borgmatic, which can lead to shell injection. Versions greater than or equal to 1.8.8 are affected.

Gentoo Linux Security Advisory 202405-10

Gentoo Linux Security Advisory 202405-10 - A vulnerability has been discovered in Setuptools, which can lead to denial of service. Versions greater than or equal to 65.5.1 are affected.

Gentoo Linux Security Advisory 202405-06

Gentoo Linux Security Advisory 202405-6 - Multiple vulnerabilities have been discovered in mujs, the worst of which could lead to remote code execution. Versions greater than or equal to 1.3.2 are affected.

Gentoo Linux Security Advisory 202405-11

Gentoo Linux Security Advisory 202405-11 - Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution. Versions greater than or equal to 1.21.2 are affected.

Gentoo Linux Security Advisory 202405-07

Gentoo Linux Security Advisory 202405-7 - Multiple vulnerabilities have been discovered in HTMLDOC, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 1.9.16 are affected.

Gentoo Linux Security Advisory 202405-08

Gentoo Linux Security Advisory 202405-8 - Multiple vulnerabilities have been discovered in strongSwan, the worst of which could possibly lead to remote code execution. Versions greater than or equal to 5.9.10 are affected.

Gentoo Linux Security Advisory 202405-09

Gentoo Linux Security Advisory 202405-9 - Multiple vulnerabilities have been found in MediaInfo and MediaInfoLib, the worst of which could allow user-assisted remote code execution. Versions greater than or equal to 23.10 are affected.

Debian Security Advisory 5677-1

Debian Linux Security Advisory 5677-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in information disclosure, denial of service or the execution of arbitrary code.

Debian Security Advisory 5678-1

Debian Linux Security Advisory 5678-1 - Several vulnerabilities were discovered in nscd, the Name Service Cache Daemon in the GNU C library which may lead to denial of service or the execution of arbitrary code.

Debian Security Advisory 5679-1

Debian Linux Security Advisory 5679-1 - Several vulnerabilities were discovered in less, a file pager, which may result in the execution of arbitrary commands if a file with a specially crafted file name is processed.

Gentoo Linux Security Advisory 202405-05

Gentoo Linux Security Advisory 202405-5 - Multiple vulnerabilities have been discovered in MPlayer, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 1.5 are affected.

Live2D Cubism Heap Corruption

Live2D Cubism suffers from a heap corruption vulnerability.

Gentoo Linux Security Advisory 202405-03

Gentoo Linux Security Advisory 202405-3 - A vulnerability has been discovered in Dalli, which can lead to code injection. Versions greater than or equal to 3.2.3 are affected.

Gentoo Linux Security Advisory 202405-04

Gentoo Linux Security Advisory 202405-4 - Multiple vulnerabilities have been discovered in systemd, the worst of which can lead to a denial of service. Versions greater than or equal to 252.4 are affected.

Gentoo Linux Security Advisory 202405-02

Gentoo Linux Security Advisory 202405-2 - Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution. Versions greater than or equal to 6.9.13.0 are affected.

Red Hat Security Advisory 2024-2699-03

Red Hat Security Advisory 2024-2699-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-2700-03

Red Hat Security Advisory 2024-2700-03 - An update for varnish is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.

Gentoo Linux Security Advisory 202405-01

Gentoo Linux Security Advisory 202405-1 - Multiple vulnerabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation. Versions greater than or equal to 3.10.14:3.10 are affected.

Red Hat Security Advisory 2024-2697-03

Red Hat Security Advisory 2024-2697-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2696-03

Red Hat Security Advisory 2024-2696-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

US Says North Korean Hackers Exploiting Weak DMARC Settings

MS Overhauls Cybersecurity Strategy After Scathing CSRB Report

RSA Conference 2024: What To Expect

Iranian Cyberspies Hit Targets With New Backdoors

CISA says 'no more' to decades-old directory traversal bugs

Recent attacks on healthcare thrust infosec agency into alert mode

CISA is calling on the software industry to stamp out directory traversal vulnerabilities following recent high-profile exploits of the 20-year-old class of bugs.…

LLM pentest: Leveraging agent integration for RCE

submitted by /u/dr_delete
[link] [comments]

Apple’s iPhone Spyware Problem Is Getting Worse. Here’s What You Should Know

The iPhone maker has detected spyware attacks against people in more than 150 countries. Knowing if your device is infected can be tricky—but there are a few steps you can take to protect yourself.

Empowering Cybersecurity with AI: The Future of Cisco XDR

Learn how the Cisco AI Assistant in XDR adds powerful functionality to Cisco XDR that increases defenders efficiency and accuracy.

Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution

More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that's vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which described it as a use-after-free bug impacting versions 1.10.0 and 1.11.1, the latter of

China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices

The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked actors, according to new findings from attack surface management firm Censys. Dubbed ArcaneDoor, the activity is said to have commenced around July 2023, with the first confirmed attack against an unnamed victim

Cisco Hypershield – Our Vision to Combat Unknown Vulnerabilities

Cisco Hypershield can help protect organizations agains unknown vulnerabilities by detecting and blocking unknown vulnerabilities in runtime workloads.

Cisco & Splunk: A Complete SOC Platform Purpose-Built for the AI-Driven Future

We're excited about the integration of Cisco XDR and Splunk Enterprise Security, creating a SecOps platform that can grow with customers as needs change.

It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs

Cybercriminals are vipers. They’re like snakes in the grass, hiding behind their keyboards, waiting to strike. And if you're a small- and medium-sized business (SMB), your organization is the ideal lair for these serpents to slither into.  With cybercriminals becoming more sophisticated, SMBs like you must do more to protect themselves. But at what price? That’s the daunting question

Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components

Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. "The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbitrary files with system privileges, [and] disclosure of phone, settings and Xiaomi account data," mobile security firm

A New Surveillance Tool Invades Border Towns

Plus: An assassination plot, an AI security bill, a Project Nimbus revelation, and more of the week’s top security news.

Microsoft PlayReady toolkit - codes release

Posted by Security Explorations on May 06

Hello All,

We released codes for "Microsoft PlayReady toolkit", a tool that has
been developed as part of our research from 2022:

https://security-explorations.com/microsoft-playready.html#details

The toolkit illustrates the following:
- fake client device identity generation,
- acquisition of license and content keys for encrypted content,
- downloading and decryption of content,
- content inspection (MPEG-4 file format),
- Manifest...

Germany points finger at Fancy Bear for widespread 2023 hacks, DDoS attacks

Also: Microsoft promises to git gud on cybersecurity; unqualified attackers are targeting your water systems, and more

Infosec in brief It was just around a year ago that a spate of allegedly Russian-orchestrated cyberattacks hit government agencies in Germany, and now German officials claim to know for a fact who did it: APT28, or Fancy Bear, a Russian threat actor linked to the GRU intelligence service.…

Malware Analysis Blog(Formbook info stealer analysis)

submitted by /u/AdvancedFinish6896
[link] [comments]

End-to-end encryption may be the bane of cops, but they can't close that Pandora's Box

Internet Society's Robin Wilton tells us the war on privacy won't be won by the plod

interview Police can complain all they like about strong end-to-end encryption making their jobs harder, but it doesn't matter because the technology is here and won't go away. …

pcap-did-what: Analyze pcaps with Zeek and a Grafana Dashboard

submitted by /u/thewanderer1999
[link] [comments]

Dating apps kiss'n'tell all sorts of sensitive personal info

Privacy Not Included label slapped on 22 of 25 top lonely-hearts corners

Interview Dating apps ask people to disclose all kinds of personal information in the hope of finding them love, or at least a hook-up.…

[webapps] Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure

[webapps] Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass

[webapps] Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass

[webapps] Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Device Config Disclosure

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Device Config Disclosure

[webapps] Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Authentication Bypass

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Authentication Bypass

[webapps] Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure

Pay up, or else? – Week in security with Tony Anscombe

Organizations that fall victim to a ransomware attack are often caught between a rock and a hard place, grappling with the dilemma of whether to pay up or not

New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs

Cybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that's designed to set up persistence on the infected hosts and act as a spyware. Dubbed Cuckoo by Kandji, the malware is a universal Mach-O binary that's capable of running on both Intel- and Arm-based Macs. The exact distribution vector is currently unclear, although there are

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The Czech Republic's Ministry of Foreign Affairs (MFA), in a statement, said some unnamed

Kaspersky hits back at claims its AI helped Russia develop military drone systems

Ready, set, sanctions?

AI built by Russian infosec firm Kaspersky was used in Russian drones for its war on Ukraine, volunteer intelligence gatherers claim.…

It may take decade to shore up software supply chain security, says infosec CEO

Sure, we're waking to the risk, but we gotta get outta bed, warns Endor Labs founder Varun Badhwar

interview The more cybersecurity news you read, the more often you seem to see a familiar phrase: Software supply chain (SSC) vulnerabilities. Varun Badhwar, founder and CEO at security firm Endor Labs, doesn't believe that's by coincidence. …

Flutter Windows Thick Client SSL Pinning Bypass

submitted by /u/Ano_F
[link] [comments]

Live2D Cubism refusing to fix validation issue leading to heap corruption.

Posted by PT via Fulldisclosure on May 03

Live2D Cubism is the dominant "vtuber" software suite for 2D avatars for use in livestreaming and integrating them in
other software.
They publish various SDKs and a frameworks for integrating their libraries with your own program. You're supposed to
use those to deserialize and render/animate the models created with their main software - often untrusted files from
random people on the internet.
While their main java-based...

Demystifying RCE Vulnerabilities in LLM-Integrated Apps

submitted by /u/louis11
[link] [comments]

Ubuntu Security Notice USN-6757-2

Ubuntu Security Notice 6757-2 - USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem. It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

Ubuntu Security Notice USN-6762-1

Ubuntu Security Notice 6762-1 - It was discovered that GNU C Library incorrectly handled netgroup requests. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. It was discovered that GNU C Library might allow context-dependent attackers to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. It was discovered that GNU C Library when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. This issue only affected Ubuntu 14.04 LTS.

Red Hat Security Advisory 2024-2679-03

Red Hat Security Advisory 2024-2679-03 - An update for libxml2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-2674-03

Red Hat Security Advisory 2024-2674-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.