Ubuntu Security Notice USN-6747-2

Ubuntu Security Notice 6747-2 - USN-6747-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Bartek Nowotarski discovered that Firefox did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service. Gary Kwong discovered that Firefox did not properly manage memory when running garbage collection during realm initialization. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory during JIT optimizations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. Nan Wang discovered that Firefox did not properly manage memory during WASM garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

May 2^nd 2024 at 13:56

Red Hat Security Advisory 2024-2651-03

Red Hat Security Advisory 2024-2651-03 - An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

May 2^nd 2024 at 13:48

Red Hat Security Advisory 2024-2645-03

Red Hat Security Advisory 2024-2645-03 - An update for podman is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

May 2^nd 2024 at 13:48

News ≈ Packet Storm
1,400 GitLab Servers Impacted By Exploited Vulnerability
May 2^nd 2024 at 13:45

1,400 GitLab Servers Impacted By Exploited Vulnerability

Related tags
May 2^nd 2024 at 13:45

News ≈ Packet Storm
Hackers Compromised Dropbox eSignature Service
May 2^nd 2024 at 13:45

Hackers Compromised Dropbox eSignature Service

Related tags
- ❌
- headline,hacker,flaw
May 2^nd 2024 at 13:45

News ≈ Packet Storm
REvil Ransomware Scum Gets 14 Years, $16 Million Fine
May 2^nd 2024 at 13:44

REvil Ransomware Scum Gets 14 Years, $16 Million Fine

Related tags
- ❌
- headline,hacker,malware,cybercrime,fraud,cryptography,ukraine
May 2^nd 2024 at 13:44

News ≈ Packet Storm
Hacker Free-For-All Fights For Control Of Home And Office Routers Everywhere
May 2^nd 2024 at 13:44

Hacker Free-For-All Fights For Control Of Home And Office Routers Everywhere

Related tags
- ❌
- headline,hacker,microsoft,email,spam,botnet
May 2^nd 2024 at 13:44

News ≈ Packet Storm
Here's Your Chance To Own A Decommissioned US Government Supercomputer
May 2^nd 2024 at 13:42

Here's Your Chance To Own A Decommissioned US Government Supercomputer

Related tags
- ❌
- headline,government,usa
May 2^nd 2024 at 13:42

The Register - Security
Think tank: China's tech giants refine and define Beijing's propaganda push
May 2^nd 2024 at 06:57

Think tank: China's tech giants refine and define Beijing's propaganda push

Taking down TikTok won't stop the CCP's attempt to control global narratives

Chinese tech companies that serve as important links in the world's digital supply chains are helping Beijing to execute and refine its propaganda strategy, according to an Australian think tank.…

May 2^nd 2024 at 06:57

The Register - Security
REvil ransomware scum sentenced to almost 14 years inside, ordered to pay $16 million
May 2^nd 2024 at 06:31

REvil ransomware scum sentenced to almost 14 years inside, ordered to pay $16 million

After extorting $700 million from thousands of victims

A Ukrainian man has been sentenced to almost 14 years in prison and ordered to pay more than $16 million in restitution for his role in infecting thousands of victims with REvil ransomware.…

May 2^nd 2024 at 06:31

WIRED
Inside Ukraine’s Killer-Drone Startup Industry
May 2^nd 2024 at 06:00

Inside Ukraine’s Killer-Drone Startup Industry

By Justin Ling

Ukraine needs small drones to combat Russian forces—and is bootstrapping its own industry at home.

Related tags
May 2^nd 2024 at 06:00

/r/netsec - Information Security News & Discussion
It’s Morphin’ Time: Self-Modifying Code Sections with WriteProcessMemory for EDR Evasion
May 2^nd 2024 at 05:55

It’s Morphin’ Time: Self-Modifying Code Sections with WriteProcessMemory for EDR Evasion

By /u/thewatcher_

submitted by /u/thewatcher_
[link] [comments]

Related tags
- ❌
- r/netsec
May 2^nd 2024 at 05:55

The Hacker News
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
May 2^nd 2024 at 14:22

Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw

By Newsroom

Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability codenamed the Dirty Stream attack that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app's home directory. "The implications of this vulnerability pattern include arbitrary code execution and token theft,

May 2^nd 2024 at 14:22

The Hacker News
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million
May 2^nd 2024 at 12:26

Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million

By Newsroom

A Ukrainian national has been sentenced to more than 13 years in prison and ordered to pay $16 million in restitution for carrying out thousands of ransomware attacks and extorting victims. Yaroslav Vasinskyi (aka Rabotnik), 24, along with his co-conspirators part of the REvil ransomware group orchestrated more than 2,500 ransomware attacks and demanded ransom payments in

May 2^nd 2024 at 12:26

The Hacker News
When is One Vulnerability Scanner Not Enough?
May 2^nd 2024 at 10:25

When is One Vulnerability Scanner Not Enough?

By The Hacker News

Like antivirus software, vulnerability scans rely on a database of known weaknesses. That’s why websites like VirusTotal exist, to give cyber practitioners a chance to see whether a malware sample is detected by multiple virus scanning engines, but this concept hasn’t existed in the vulnerability management space. The benefits of using multiple scanning engines Generally speaking

May 2^nd 2024 at 10:25

The Hacker News
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
May 2^nd 2024 at 10:19

Dropbox Discloses Breach of Digital Signature Service Affecting All Users

By Newsroom

Cloud storage services provider Dropbox on Wednesday disclosed that Dropbox Sign (formerly HelloSign) was breached by unidentified threat actors, who accessed emails, usernames, and general account settings associated with all users of the digital signature product. The company, in a filing with the U.S. Securities and Exchange Commission (SEC), said it became aware of the "

May 2^nd 2024 at 10:19

The Hacker News
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw
May 2^nd 2024 at 10:10

New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw

By Newsroom

A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security flaw with the goal of using the compromised devices for further attacks. The vulnerability in question is CVE-2015-2051 (CVSS score: 9.8), which affects D-Link DIR-645 routers and allows remote attackers to execute arbitrary

May 2^nd 2024 at 10:10

The Hacker News
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
May 2^nd 2024 at 06:15

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability

By Newsroom

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KEV) catalog, owing to active exploitation in the wild. Tracked as CVE-2023-7028 (CVSS score: 10.0), the maximum severity vulnerability could facilitate account takeover by sending password reset emails to an unverified email

May 2^nd 2024 at 06:15

The Hacker News
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
May 2^nd 2024 at 05:04

New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials

By Newsroom

A new malware called Cuttlefish is targeting small office and home office (SOHO) routers with the goal of stealthily monitoring all traffic through the devices and gather authentication data from HTTP GET and POST requests. "This malware is modular, designed primarily to steal authentication material found in web requests that transit the router from the adjacent

May 2^nd 2024 at 05:04

The Register - Security
A million Australian pubgoers wake up to find personal info listed on leak site
May 2^nd 2024 at 04:01

A million Australian pubgoers wake up to find personal info listed on leak site

Man arrested and blackmail charges expected after allegations of unpaid contractors and iffy infosec

Updated Over a million records describing Australians who visited local pubs and clubs have apparently been posted online.…

May 2^nd 2024 at 04:01

The Register - Security
Dropbox dropped the ball on security, haemorrhaging customer and third-party info
May 2^nd 2024 at 00:58

Dropbox dropped the ball on security, haemorrhaging customer and third-party info

Only from its digital doc-signing service, which is isolated from its cloudy storage

Dropbox has revealed a major attack on its systems that saw customers' personal information accessed by unknown and unauthorized entities.…

May 2^nd 2024 at 00:58

The Register - Security
Block accused of mass compliance failures that saw digi-dollars reach terrorists
May 2^nd 2024 at 00:30

Block accused of mass compliance failures that saw digi-dollars reach terrorists

Developer of Square and Cash App reportedly has big back-end problems it was slow to fix

Fintech biz Block is reportedly under investigation by US prosecutors over claims by a former employee that lax compliance checks mean its Square and Cash App services may have been used by terrorists – or in countries that US orgs are not permitted to do business.…

May 2^nd 2024 at 00:30

The Register - Security
Infosec biz boss accused of BS'ing the world about his career, anti-crime product, customers
May 1^st 2024 at 18:58

Infosec biz boss accused of BS'ing the world about his career, anti-crime product, customers

Intrusion investors went through Blount farce trauma, says SEC

Jack Blount, the now-ex CEO of Intrusion, has settled with the SEC over allegations he made false and misleading statements about his infosec firm's product as well as his own background and experience.…

May 1^st 2024 at 18:58

The Register - Security
US charges 16 over 'depraved' grandparent scams
May 1^st 2024 at 17:00

US charges 16 over 'depraved' grandparent scams

Vulnerable elderly people tricked into paying tens of thousands over fake car accidents

Sixteen people are facing charges from US prosecutors for allegedly preying on the elderly and scamming them out of millions of dollars.…

May 1^st 2024 at 17:00

/r/netsec - Information Security News & Discussion
5 Methods I Use To Discover APIs
May 1^st 2024 at 16:10

5 Methods I Use To Discover APIs

By /u/Specific_Energy_3895

submitted by /u/Specific_Energy_3895
[link] [comments]

Related tags
- ❌
- r/netsec
May 1^st 2024 at 16:10

WIRED
The US Government Is Asking Big Tech to Promise Better Cybersecurity
May 1^st 2024 at 16:01

The US Government Is Asking Big Tech to Promise Better Cybersecurity

By Eric Geller

The Biden administration is asking tech companies to sign a pledge, obtained by WIRED, to improve their digital security, including reduced default password use and improved vulnerability disclosures.

Related tags
May 1^st 2024 at 16:01

Ubuntu Security Notice USN-6760-1

Ubuntu Security Notice 6760-1 - George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure when parsing certain nested RS-274X format files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.

May 1^st 2024 at 15:30

Advisory Files ≈ Packet Storm
Kernel Live Patch Security Notice LSN-0103-1
May 1^st 2024 at 15:28

Kernel Live Patch Security Notice LSN-0103-1

Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

May 1^st 2024 at 15:28

Advisory Files ≈ Packet Storm
Microsoft PlayReady Cryptography Weakness
May 1^st 2024 at 15:27

Microsoft PlayReady Cryptography Weakness

There is yet another attack possible against Protected Media Path process beyond the one involving two global XOR keys. The new attack may also result in the extraction of a plaintext content key value.

May 1^st 2024 at 15:27

News ≈ Packet Storm
Adobe Adds Content Credentials And Firefly To Bug Bounty Program
May 1^st 2024 at 15:19

Adobe Adds Content Credentials And Firefly To Bug Bounty Program

Related tags
- ❌
- headline,flaw,adobe
May 1^st 2024 at 15:19

News ≈ Packet Storm
Qantas App Glitch Sees Boarding Passes Fly To Other Accounts
May 1^st 2024 at 15:19

Qantas App Glitch Sees Boarding Passes Fly To Other Accounts

Related tags
May 1^st 2024 at 15:19

News ≈ Packet Storm
London Drugs Pharmacy Closes All Stores To Respond To Cyber Incident
May 1^st 2024 at 15:19

London Drugs Pharmacy Closes All Stores To Respond To Cyber Incident

Related tags
May 1^st 2024 at 15:19

News ≈ Packet Storm
Google Boosts Bug Bounty Payouts Tenfold In Mobile App Security Push
May 1^st 2024 at 15:19

Google Boosts Bug Bounty Payouts Tenfold In Mobile App Security Push

Related tags
- ❌
- headline,flaw,google
May 1^st 2024 at 15:19

News ≈ Packet Storm
China's Attacks On Critical Infrastructure Tip Of Iceberg
May 1^st 2024 at 15:18

China's Attacks On Critical Infrastructure Tip Of Iceberg

Related tags
- ❌
- headline,government,usa,china,cyberwar,scada
May 1^st 2024 at 15:18

Red Hat Security Advisory 2024-2633-03

Red Hat Security Advisory 2024-2633-03 - Updated container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog.

May 1^st 2024 at 15:15

Red Hat Security Advisory 2024-2639-03

Red Hat Security Advisory 2024-2639-03 - The Migration Toolkit for Containers 1.7.15 is now available.

May 1^st 2024 at 15:15

Red Hat Security Advisory 2024-2631-03

Red Hat Security Advisory 2024-2631-03 - An update is now available for Red Hat Ceph Storage 6.1 in the Red Hat Ecosystem Catalog.

May 1^st 2024 at 15:15

Red Hat Security Advisory 2024-2624-03

Red Hat Security Advisory 2024-2624-03 - Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service.

May 1^st 2024 at 15:14

Red Hat Security Advisory 2024-2625-03

Red Hat Security Advisory 2024-2625-03 - An update for rhc-worker-script is now available for Red Hat Enterprise Linux 7. Issues addressed include a denial of service vulnerability.

May 1^st 2024 at 15:14

Red Hat Security Advisory 2024-2621-03

Red Hat Security Advisory 2024-2621-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.

May 1^st 2024 at 15:14

Red Hat Security Advisory 2024-2627-03

Red Hat Security Advisory 2024-2627-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

May 1^st 2024 at 15:14

Red Hat Security Advisory 2024-2619-03

Red Hat Security Advisory 2024-2619-03 - An update for rh-mysql80-mysql is now available for Red Hat Software Collections.

May 1^st 2024 at 15:14

Red Hat Security Advisory 2024-2628-03

Red Hat Security Advisory 2024-2628-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

May 1^st 2024 at 15:14

Red Hat Security Advisory 2024-2585-03

Red Hat Security Advisory 2024-2585-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

May 1^st 2024 at 15:13

Red Hat Security Advisory 2024-2586-03

Red Hat Security Advisory 2024-2586-03 - An update for the container-tools:3.0 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

May 1^st 2024 at 15:13

Red Hat Security Advisory 2024-2587-03

Red Hat Security Advisory 2024-2587-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

May 1^st 2024 at 15:13

Red Hat Security Advisory 2024-2616-03

Red Hat Security Advisory 2024-2616-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.

May 1^st 2024 at 15:13

Red Hat Security Advisory 2024-2583-03

Red Hat Security Advisory 2024-2583-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

May 1^st 2024 at 15:13

Red Hat Security Advisory 2024-2584-03

Red Hat Security Advisory 2024-2584-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.

May 1^st 2024 at 15:13

Red Hat Security Advisory 2024-2582-03

Red Hat Security Advisory 2024-2582-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

May 1^st 2024 at 15:12

Red Hat Security Advisory 2024-2577-03

Red Hat Security Advisory 2024-2577-03 - An update for shadow-utils is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

May 1^st 2024 at 15:10

Red Hat Security Advisory 2024-2580-03

Red Hat Security Advisory 2024-2580-03 - An update for yajl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a memory leak vulnerability.

May 1^st 2024 at 15:10

Red Hat Security Advisory 2024-2581-03

Red Hat Security Advisory 2024-2581-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

May 1^st 2024 at 15:10

Red Hat Security Advisory 2024-2575-03

Red Hat Security Advisory 2024-2575-03 - An update for expat is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

May 1^st 2024 at 15:09

Red Hat Security Advisory 2024-2570-03

Red Hat Security Advisory 2024-2570-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9. Issues addressed include an information leakage vulnerability.

May 1^st 2024 at 15:09

Red Hat Security Advisory 2024-2571-03

Red Hat Security Advisory 2024-2571-03 - An update for sssd is now available for Red Hat Enterprise Linux 9.

May 1^st 2024 at 15:09

The Register - Security
Qantas app glitch sees boarding passes fly to other accounts
May 1^st 2024 at 15:03

Qantas app glitch sees boarding passes fly to other accounts

Issue now resolved and isn't thought to be the work of criminals

Aussie airline Qantas says its app is now stable following a data breach that saw boarding passes take off from passengers' accounts.…

May 1^st 2024 at 15:03

Front Porch Digital Forensics - Trap beats, open loops and Dirty Daves spell trouble for our forensicators.

By /u/jms_dot_py

submitted by /u/jms_dot_py
[link] [comments]

Related tags
- ❌
- r/netsec
May 1^st 2024 at 14:09

WIRED
A Vast New Data Set Could Supercharge the AI Hunt for Crypto Money Laundering
May 1^st 2024 at 13:00

A Vast New Data Set Could Supercharge the AI Hunt for Crypto Money Laundering

By Andy Greenberg

Blockchain analysis firm Elliptic, MIT, and IBM have released a new AI model—and the 200-million-transaction dataset it's trained on—that aims to spot the “shape” of bitcoin money laundering.

Related tags
May 1^st 2024 at 13:00

Full Disclosure
Microsoft PlayReady white-box cryptography weakness
May 1^st 2024 at 12:01

Microsoft PlayReady white-box cryptography weakness

Posted by Security Explorations on May 01

Hello All,

There is yet another attack possible against Protected Media Path
process beyond the one involving two global XOR keys [1]. The new
attack may also result in the extraction of a plaintext content key
value.

The attack has its origin in a white-box crypto [2] implementation.
More specifically, one can devise plaintext content key from white-box
crypto data structures of which goal is to make such a reconstruction
difficult / not...

May 1^st 2024 at 12:01