Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Stage Rock Convert plugin <= 2.11.0 on WordPress.

*   Details
*   Reviews
*   Support
*   Development

Publique banners no seu blog de maneira rápida e efetiva, e converta visitantes em subscribers, leads ou clientes sem precisar entender código. Esses calls-to-action (CTAs) serão publicados diretamente do seu painel do WordPress e poderão ser monitorados através do Google Analytics.

**Adicione os banners em massa**

Seus posts estão sendo criados, mas você tem problemas quando o assunto é aumentar o número de conversões? Publique seus banners em todos os seus posts sem mexer diretamente no código.

**Organize de acordo com categorias**

Para facilitar, os banners podem ser organizados para serem apresentados de acordo com a categoria dos posts do seu blog. Assim fica fácil manter o controle sobre o que cada conteúdo irá apresentar.

**Personalize e obtenha melhores resultados**

Posicione o CTA dentro dos posts escolhendo entre o topo e o final do conteúdo, programe a data do lançamento e personalize as tags HTML para obter melhores resultados.

**Analise os resultados**

Insira UTMs (as tags de monitoramento padrão do Google) para monitorar os resultados diretamente no Google Analytics.

**Outras funcionalidades**

*   Compatível com SEO.
*   Compatível com qualquer versão do WordPress, sem a necessidade de customização de estilo (CSS).
*   Compatível com AMP.
*   Responsivo (funciona em qualquer dispositivo).
*   Disponível em inglês (en) e português (pt-br).
*   Clique aqui para ver exemplos online.

Avalie o plugin deixando uma classificação ou sugira novas features no fórum de suporte.

Feito com ❤ pelo time da Rock Content no #SanPedroValley.

Rock Convert will definitely save you some hours of manual work through enabling you to scale banner distribution across your blog and converting users to leads. If you download it, you will not regret!

As estatísticas pararam de funcionar. Testei direto no PHP e direto no texto também, mas não contabiliza mais. Utilizo o plugin há tempos e funcionava. Estou usando a versão 2.9.5.

Instalei pois necessitava de uma caixa de captura para newsletter. A caixa é a com o melhor design e a mais fácil de configurar entre todas as opções que vi (testei várias). Porém a mesma não funciona no site versão AMP. Uso o AMP oficial do Wordpress. Entrei em contato com o suporte e infelizmente também não conseguiram resolver. Sá não tirei ainda do meu site, pois os demais plugins de newsletter não me agradaram.

Gostei mas o plugin não está atualizado, só queria adicionar CTA de baixar o conteúdo em páginas e não artigos. Está causando erro quando atualiza a nova versão do WordPress.

Sou desenvolvedor e sempre instalo nos WP que faço. Com ele de maneira muito fácil você consegue colocar e partes estratégicas do site um action para sua LP e assim aumentar o número de leads

Ainda não experimentei pois o WP só permite instalação de plugins no plano pago(pago eu utilizo o Wix). Ou plano de hospedagem profissional, mas a princípio para uma forma de adSense da RockContent.

Read all 20 reviews

“Rock Convert” is open source software. The following people have contributed to this plugin.

Contributors

*    Rock Content

**3.0.0**

*   Revisão completa do plugin
*   Refatorado o código para melhor desempenho e segurança
*   Todas as variáveis e opções foram escapadas a fim de evitar ataques XSS
*   Refatoração baseada no WordPress Coding Standard

**2.11.0**

Correção:  
\* Corrigidos pontos de vulnerabilidade XSS  
\* Melhoria na semântica dos formulários da área administrativa  
\* Corrigida chamada a API Rest

**2.10.2**

Improvements:  
\* Improvements in the plugin security

**2.10.1**

Correção:  
\* Css which affected the theme fixed

**2.10.0**

Correção:  
\* Fix popup front

**2.9.9**

Correção:  
\* Fix query categories and layout admin

**2.9.8**

Correção:  
\* Correção do formulário de popup

**2.9.7**

Correção:  
\* Melhorias no layout do preview

**2.9.6**

Correção:  
\* Correção de chamada de função javascript  
\* Melhorias no layout do preview

**2.9.5**

Correção:  
\* Correção dos endpoints rest

**2.9.4**

Correção:  
\* Correção de css dos titulos do blog

**2.9.3**

Correção:  
\* Correção de versão do arquivo javascript

**2.9.2**

Correção:  
\* Correção de bug no campo de widget

**2.9.1**

Correção:  
\* Correção de bug no layout do admin

**2.9**

Novidades:  
\* Adição de nova funcionalidade de popup exit

**2.8.1**

Melhorias:  
\* Corrigida chamada rest  
\* Corrigida quebra de layout no painel

**2.8**

Novidades:  
\* Adicionado novos campos para o formulário do widget

**2.7.1**

Novidades:  
\* Adicionado painel para visualização das leads

**2.7.0**

Novidades:  
\* Suporte a tags  
\* Possibilidade de escolher regras de exibição mais refinadas

**2.2.0**

Novidades:  
\* Nova funcionalidade: Barra de anúncios no topo do site  
\* Nova funcionalidade: CTA customizavel na barra lateral

Melhorias:  
\* Altera separador ao exportar para arquivo CSV de ; para ,  
\* Permite alterar a mensagem de sucesso do widget Caixa de captura  
\* Permite alterar o titulo e o texto do botão na caixa de download

**2.1.4**

Melhorias:  
\* Adiciona suporte a event tracking para o Google Analytics  
\* Reduz o tamanho do script necessário para utilizar o Rock Convert

**2.1.3**

Correção:  
\* Previne que aconteça o Fatal Error na função get\_rest\_url

Melhorias:  
\* Previne que as visualizações dos CTAs sejam bloqueadas por plugins de cache

**2.1.2**

Melhorias:  
\* Permite cadastrar parametros customizados no link do CTA  
\* Adiciona suporte ao WordPress 5.0  
\* Adiciona formulário na página de configurações para se inscrever na newsletter do Rock Convert

**2.1**

Novas funcionalidades  
\* Adiciona Widget com caixa de captura de e-mails

**2.0.11**

Correção:  
\* Previne que o erro “Undefined index” aconteça ao mostrar banners na página do post

**2.0.0**

Melhorias:  
\* Visibilidade: Agora é possível escolher páginas onde um banner não deve aparecer;  
\* Shortcode: Todo banner tem um shortcode único que pode ser adicionado em qualquer posição de qualquer conteúdo;

Novas funcionalidades:  
\* Analytics: saiba como seus CTAs estão performando diretamente no painel do wordpress;  
\* Captura de leads: Disponibilize seus posts para download no formato PDF e capture os e-mails;  
\* Faça download dos leads no formato CSV

**1.0.0**

*   Permite criar CTAs
*   Permite selecionar as categorias onde o CTA deve aparecer
*   Permite selecionar a imagem do CTA
*   Permite selecionar onde o CTA deve aparecer (início ou fim do post)
*   Permite cadastrar as UTM Tags para o link

CVE-2022-36428: Rock Convert

By Deeba Ahmed
Elusiv protocol offers privacy with compliance to protect Solana users with accessible and compliant privacy.
This is a post from HackRead.com Read the original post: Privacy Protocol Elusiv Raises $3.5 Million in Seed Funding

A zero-knowledge-oriented compliant privacy protocol, Elusiv, has secured $3.5 million in its seed funding round. LongHash and Staking Facilities Ventures led this round. The company stated in its press release that individual freedom relies on financial privacy, but privacy-maintaining technology requires practical compliance.

> “ZK and new decentralized technologies allow us to overcome the notion that privacy and compliance are exclusive and instead enable us to form a new kind of symbiosis between privacy and compliance.”
> 
> Yannik Schrade – Co-founder Elusiv

**Elusiv** is gearing up to become the “backbone of the blockchain financial ecosystem.” The protocol aims to provide users and merchants with privacy while maintaining safety via low-trade-off compliance solutions. Moreover, Elusiv will make standard transactions private while allowing users to choose the transactions to make public.

For your information, the Elusiv protocol boasts full composability, so it can be directly integrated into protocols and wallets and stay functioning even if just one party is using it to maintain privacy. This is definitely a competitive advantage because the existing solutions demand that both parties use the same service.

The proceeds will be used to create Elusiv’s own development team and manage security audits. Additionally, it will bring its **solution to different blockchains**. Some investors include NGC Ventures, Jump Crypto, Anagram, Big Brain Holdings, Cogitent Ventures, Equilibrium, Token Adventures, Marin Ventures, Monke Ventures, Moonrock Capital, SolanaFM, etc. Also included are several angels e.g., the founders of UXD Protocol, Zeta, Solana, Notify, and Solflare.

The General Partner and Chief Operations Officer at **LongHash Ventures**, Wei Shi Khai stated that the company is excited by the strong position taken by Elusiv to address this space via their user-friendly and scalable integrations without compromising upon the practicality of compliance.

> “Moving forward, we see privacy as a key modular layer in our multi-chain infrastructure thesis, especially as more social and identity use cases mature.”
> 
> Wei Shi Khai – LongHash Ventures

Conversely, Staking Facilities Ventures’ Venture Partner Louis Bauer stated that Elusiv had laid the foundation for sensitive transactions to be carried out on-chain. Ensuring privacy with compliance can widen blockchain’s options.

Some key systems introduced by Elusiv for compliance include Zero-Knowledge proofs and advanced **cryptography**. Elusiv allows users to provide insights into their private assets and transactions to third parties by sharing individual transaction viewing keys or adopting the TTP (trusted third parties) to view every transaction. Users can also prove to third parties that their transactions weren’t sent, such as by a known threat actor, with just a button or click.

The best aspect is that Elusiv’s advanced compliance system utilizes a decentralized network of trusted execution environments so bad actors don’t lose ownership of their funds but cannot gain privacy. The system allows disclosing retroactively made truncations of malicious actors to make Elusiv an unfavorable option for them and provide security to other users.

1.  **The Benefits Of Blockchain In The Travel Industry**
2.  **Ankr Launches Chainscanner Blockchain Explorer Tool**
3.  **Blokhaus Launches New Open-Source NFT Tool Minterpress**
4.  **Yield Monitor Integrates DeFiChain Blockchain Into Its Database**

Privacy Protocol Elusiv Raises $3.5 Million in Seed Funding

**TEL AVIV, LONDON and NEW YORK – November 3, 2022 –** Apiiro, the leader in Cloud-Native Application Security, today announced a significant Series B round of $100M led by General Catalyst with participation by Greylock and Kleiner Perkins. The new funding will be used to accelerate the business and advance the company’s mission to empower developers and application security engineers to proactively fix risks before releasing to the cloud with all the context they need in a single solution.

With more companies shifting to agile development and adopting CI/CD practices to release code to the cloud on a daily basis, there is an exponential increase in the number of changes. This creates a massive market opportunity to help CISOs and CIOs effectively and contextually identify, prioritize and eliminate risks in their code and development environments to prevent application and software supply chain threats using one solution.

“In this economy, it’s important to invest in technology that helps companies drive business growth,” said Quentin Clark, Managing Director at General Catalyst. “Idan, Yonatan and the Apiiro team are giving customers a solution to a whole problem – not just a piece of it. They are going beyond providing tools for developers to address potential security issues in the code base and actually delivering an operational platform that workflows those fixes in context of how a company is configuring and deploying software. This approach has driven phenomenal growth to date, which comes from strong execution with the right team at the right time.”

Apiiro has introduced a completely new approach to application security in the cloud by providing complete visibility into code bases, assessing risks from design to code to cloud and proactively fixing actual risks that attackers can exploit before releasing to the cloud. This enables Fortune 500 companies to reduce operational costs and risks at scale with seamless deployment by connecting to their source control managers via API.

There are several isolated and unrelated findings hiding across code, configurations, open source packages and cloud infrastructure that when pulled together with relevant context, creates a “risk story” that is exploitable by attackers. Apiiro’s Risk Graph technology connects these infinite factors with actionable context to offer a completely new way for developers and security teams to fix risks.

_“_The unrelenting demand for next generation application security solutions has allowed us to deploy our product at-scale with leading Fortune 500 customers,” said Idan Plotnik, co-founder and CEO of Apiiro. “Early innovation enabled us to grow faster and more efficiently than the competition, and we are building the company for hyper growth. The combination of our team, business momentum, and support from top-tier investors positions Apiiro to continue to lead a growing industry.”

**Supporting Resources**

*   Apiiro blog
*   Apiiro on LinkedIn
*   Apiiro on Twitter

**About Apiiro**

Apiiro helps security and development teams proactively fix risks before releasing to the cloud. The company is backed by General Catalyst, Greylock, and Kleiner Perkins. apiiro.com.

Apiiro Raises $100M Series B Funding Round to Solidify Position as the Cloud-Native Application Security Leader

Banco de Crédito Cooperativo (BCC) wins the first hyper-realistic cybersecurity competition for the financial industry.

**RESTON, Va. and BOSTON, Nov. 3, 2022 /PRNewswire/ —** FS-ISAC, the member-driven, not-for-profit organization that advances cybersecurity and resilience in the global financial system, and Cyberbit, provider of the world's leading cybersecurity skill development and readiness platform, announced today that team "IsNotTheEDR" from Banco de Crédito Cooperativo (BCC) is the winner of the first International Cyber League (ICL) Financial Cup, 2022 – the first hyper-realistic cybersecurity tournament for the financial industry. The first runner-up is team "Suboptimal" from a leading Fortune 500 financial institution, the second runner-up is Team "AskITTeam" from BCC and the third runner up is team "TIAA" from TIAA.

The tournament ran from 6-26 October 2022 and challenged cybersecurity teams from the financial sector to respond to live-fire cyberattack simulations replicating attacks they may encounter in real life. Teams were scored based on typical incident response KPIs including investigation, eradication, and remediation goals, as well as their response times. The BCC team outperformed 55 cyber defense teams from leading financial organizations around the world and scored a perfect 100 in the live-fire challenge. The Cyberbit platform, normally used by enterprises to train and upskill information security teams, as well as for FS-ISAC's monthly cyber range workshops, was repurposed to power the ICL competition. The platform provided a virtual arena that emulated an organizational network and a virtual security operations center (SOC) that simulated the live attacks and automatically scored the teams based on their achievements.

The ICL reinvents cybersecurity competition formats by assessing cyber defense skills in real-world scenarios, allowing teams to predict their performance during an attack. Traditional Capture-the-Flag (CTF) events test offensive skills, but these do not reflect the capabilities that cyber defenders will be required to demonstrate during an attack. The ICL leverages cyber range live-fire scenarios to simulate real threat vectors and malware that assess essential "blue team" skills, including technical skills like malware analysis and SIEM investigation, as well as soft skills like teamwork, critical thinking, and communications.

"We in the financial sector believe that exercising builds muscle memory to ensure smooth and efficient incident response," said **Cameron Dicker, Global Head of Business Resilience at FS-ISAC**. "We run a wide variety of exercises to ensure preparedness throughout all different organizational levels and functions, and we chose this competition format during Cybersecurity Awareness Month to bring a little fun into this critical tool for operational resilience."

"CISA and the NCA aptly named this year's cyber awareness month theme as 'See Yourself in Cyber,' demonstrating that cybersecurity is ultimately, about people," said **Sharon Rosenman, Chief Marketing Officer at Cyberbit**. "The feedback from the ICL teams was overwhelmingly positive and we are proud to collaborate with FS-ISAC in helping the financial industry become better prepared for real-world attacks by assessing and maximizing human performance."

"A Cyber Range is a strategic capability that enables governments and companies to effectively educate and train their professionals, as well as to experiment, test and validate new cybersecurity and cyber defense concepts, technologies, techniques, and tactics. Cyber range competitions such as the ICL Financial Cup help in providing a comparison with the rest of the peers in the sector", said Francisco Navarro García, Chief Information Security Officer, Banco de Crédito Cooperativo (BCC).

Additional teams who reached the top 10 in ICL finals include Loan Depot and Somerset Trust.

"The International Cyber League has been an excellent experience for our teams and a fantastic opportunity for them to test their skills with other elite teams across the financial services sector. We are incredibly proud of their work in keeping our company safe. Their strong performance in this competition is celebrated across Technology and the entire company", said Harold Rivas, Chief Information Officer, Loan Depot.

"Somerset Trust takes the security of our information very seriously, and I have always known that we assembled a good team of security professionals. It's always nice to see a competition like this that hones their skills and proves our dedication to security", said John Ash, Sr. Vice President and Chief Information Officer, Somerset Trust.

**About FS-ISAC**

FS-ISAC is the member-driven, not-for-profit organization that advances cybersecurity and resilience in the global financial system, protecting the financial institutions and the people they serve. Founded in 1999, the organization's real-time information sharing network amplifies the intelligence, knowledge, and practices of its members for the financial sector's collective security and defenses. Member financial firms represent $100 trillion in assets in 75 countries.

**About Cyberbit**

Cyberbit provides the global leading attack readiness platform for enabling SOC teams to maximize their performance when responding to cyberattacks. The platform empowers security leaders to make the most of their cybersecurity investment by boosting the impact of the human element in their organization. Cyberbit delivers hyper-realistic attack simulations mirroring real-world scenarios. It enables security leaders to dramatically reduce MTTR, dwell time and cybercrime costs, improve hiring and onboarding, and increase employee retention. Customers include Fortune 500 companies, MSSPs, systems integrators, governments, and leading healthcare providers.

FS-ISAC and Cyberbit Announce Winner of the First Financial Cyber League

TA569 has modified the JavaScript of a legitimate content and advertising engine used by news affiliates, in order to spread the FakeUpdates initial access framework.

The cyber-threat threat actor known as TA569, or SocGholish, has compromised JavaScript code used by a media content provider in order to spread the FakeUpdates malware to major media outlets across the US.

According to a series of tweets from the Proofpoint Threat Research Team posted late Wednesday, the attackers have tampered with the codebase of an application that the unnamed company uses to serve video and advertising to national and regional newspaper websites. The supply chain attack is being used to spread TA569's custom malware, which is typically employed to establish an initial access network for follow-on attacks and ransomware delivery.

Detection might be tricky, the researchers warned: "TA569 historically removed and reinstated these malicious JS injects on a rotating basis," according to one of the tweets. "Therefore the presence of the payload and malicious content can vary from hour to hour and shouldn't be considered a false positive."

More than 250 regional and national newspaper sites have accessed the malicious JavaScript, with impacted media organizations serving cities such as Boston, Chicago, Cincinnati, Miami, New York, Palm Beach, and Washington, DC, according to Proofpoint. However, only the impacted media content company knows the full range of the attack and its impact on affiliate sites, the researchers said.

The tweets cited Proofpoint threat detection analyst Dusty Miller, senior security researcher Kyle Eaton, and senior threat researcher Andrew Northern for the discovery and investigation of the attack.

**Historical Links to Evil Corp**

FakeUpdates is an initial access malware and attack framework in use since at least 2020 (but potentially earlier), that in the past has used drive-by downloads masquerading as software updates to propagate. It previously has been linked to activity by the suspected Russian cybercrime group Evil Corp, which has been formally sanctioned by the US government.

The operators typically host a malicious website that executes a drive-by download mechanism — such as JavaScript code injections or URL redirections — which in turn triggers the download of an archive file that contains malware.

Symantec researchers previously observed Evil Corp using the malware as part of an attack sequence to download WastedLocker, then a new ransomware strain, on target networks back in July 2020.

A surge of drive-by download attacks that used the framework followed toward the end of that year, with the attackers hosting malicious downloads by leveraging iFrames to serve up compromised websites via a legitimate site.

More recently, researchers tied a threat campaign distributing FakeUpdates through existing infections of the Raspberry Robin USB-based worm, a move that signified a link between the Russian cybercriminal group and the worm, which acts as a loader for other malware.

**How to Approach the Supply Chain Threat**

The campaign discovered by Proofpoint is yet another example of attackers using the software supply chain to infect code that's shared across multiple platforms, to broaden the impact of malicious attack without having to work any harder.

Indeed, there already have been numerous examples of the ripple effect these attacks can have, with the now infamous SolarWinds and Log4J scenarios being among the most prominent.

The former started in late December 2020 with a breach in the SolarWinds Orion software and spread deep into the next year, with multiple attacks across various organizations. The latter saga unfolded in early December 2021, with the discovery of a flaw dubbed Log4Shell in a widely used Java logging tool. That spurred multiple exploits and made millions of applications vulnerable to attack, many of which remain unpatched today.

Supply chain attacks have become so prevalent that security administrators are looking for guidance about how to prevent and mitigate them, which both the public and private sector have been happy to offer.

Following an executive order issued by President Biden last year directing government agencies to improve the security and integrity of the software supply chain, the National Institute for Standards and Technology (NIST) earlier this year updated its cybersecurity guidance for addressing software supply chain risk. The publication includes tailored sets of suggested security controls for various stakeholders, such as cybersecurity specialists, risk managers, systems engineers, and procurement officials.

Security professionals also have offered organizations advice on how to better secure the supply chain, recommending that they take a zero-trust approach to security, monitor third-party partners more than any other entity in an environment, and choose one supplier for software needs that offers frequent code updates.

Supply Chain Attack Pushes Out Malware to More than 250 Media Websites

With Microsoft’s announcement on Nov. 2 of its support for Azure AD Certificate-based authentication (CBA) for both iOS and Android devices, Yubico is excited to share that the YubiKey is currently the only external device that supports CBA on Android and iOS. Plus, the YubiKey is the only FIPS certified phishing-resistant solution available for Azure AD on mobile.

Yubico worked closely with Microsoft to ensure CBA on mobile became a reality.

Microsoft’s new support provides users with the same convenient smart card authentication method on mobile devices that they have on their desktops. CBA has been a staple of governments and high security environments for decades, long before the invention of FIDO U2F and FIDO2, mostly due to its reliability and effectiveness in physical environments. With Executive Order 14028 on Improving the Nation's Cybersecurity, the adoption of CBA and other phishing-resistant multi-factor authentication methods are mandated for civilian federal agencies in the US.

CBA is widely deployed across many industries, and remains a favorite amongst security experts. For some organizations, it is the logical choice from the available Azure offerings. With this announcement, customers can now use CBA on their mobile devices using native Azure AD CBA. When using native Azure AD CBA, organizations can reduce their existing infrastructure and move it into the cloud. Azure AD CBA capabilities can also be combined with Conditional Access policies so admins can enforce phishing-resistant sign-in methods.

CBA is currently the only form of phishing-resistant authentication within Azure that is supported on mobile devices, which is an important factor for an organization when deciding which scheme to adopt.

“Yubico has been a driving force in working with our teams to build this solution that allows Microsoft customers to securely log into their Microsoft accounts on their iPhone or Android mobile device. This is a big win for us, Yubico, and most importantly our federal government customers,” said Sue Bohn, Vice President of Product Management for Microsoft’s Identity and Network Access (IDNA) group.

Setting up CBA on Azure requires some basic configuration steps within Azure AD and installation of the Microsoft Authenticator app on Android or iOS/iPadOS. The Yubico Authenticator app is also needed on iOS/iPadOS. The PIV credential must be set up independently from the Azure solution. Your existing YubiKey PIV/smart card issuance process does not need to change.

Also, with the new Conditional Access authentication strength policies, you can enforce CBA as the required sign-in mechanism.

Yubico and Microsoft are globally recognized leaders in cybersecurity assisting public and private organizations on their journey to Zero Trust. Both Yubico and Microsoft are FIDO Alliance members and committed to providing phishing-resistant authentication solutions based on FIDO2 and certificate-based authentication standards.

**Learn more**

Microsoft's mobile certificate-based solution coupled with the YubiKey is a simple, convenient, FIPS certified phishing-resistant MFA methods for organizations, and we’re excited to share additional details and best practices during our upcoming webinar, _New solutions to prevent phishing with Azure AD and YubiKeys_ on November 3rd at 9 am PT, register here to attend.

Certificate-Based Authentication With YubiKeys for Microsoft, Third-Party, and Web Applications Now Available on iOS and Android

"SandStrike," the latest example of espionage-aimed Android malware, relies on elaborate social media efforts and back-end infrastructure.

Adware and other unwanted and potentially risky applications continue to represent the biggest threat that users of mobile devices currently face. But that doesn't mean attackers aren't constantly trying to deploy other sophisticated mobile malware as well.

The latest example is "SandStrike," a booby-trapped VPN application for loading spyware on Android devices. The malware is designed to find and steal call logs, contact lists, and other sensitive data from infected devices; it can also track and monitor targeted users, Kaspersky said in a report this week.

The security vendor said its researchers had observed the operators of SandStrike attempting to deploy the sophisticated spyware on devices belonging to members of Iran's Baha'i community, a persecuted, Persian-speaking minority group. But the vendor did not disclose how many devices the threat actor might have targeted or succeeded in infecting. Kaspersky could not be immediately reached for comment.

**Elaborate Social Media Lures**

To lure users into downloading the weaponized app, the threat actors have established multiple Facebook and Instagram accounts, all of which purport to have more than 1,000 followers. The social media accounts are loaded with what Kaspersky described as attractive, religious-themed graphics designed to grab the attention of members of the targeted faith group. The accounts often also contain a link to a Telegram channel that offers a free VPN app for users wishing to access sites containing banned religious materials.

According to Kaspersky, the threat actors have even set up their own VPN infrastructure to make the app fully functional. But when a user downloads and uses SandStrike, it quietly collects and exfiltrates sensitive data associated with the owner of the infected device.

The campaign is just the latest in a growing list of espionage efforts involving advanced infrastructure and mobile spyware — an arena that includes well-known threats like NSO Group's notorious Pegasus spyware along with emerging problems like Hermit.

**Mobile Malware on the Rise**

The booby-trapped SandStrike VPN app is an example of the growing range of malware tools being deployed on mobile devices. Research that Proofpoint released earlier this year highlighted a 500% increase in mobile malware delivery attempts in Europe in the first quarter of this year. The increase followed a sharp decline in attack volumes toward the end of 2021.

The email security vendor found that many of the new malware tools are capable of a lot more than just credential stealing: "Recent detections have involved malware capable of recording telephone and non-telephone audio and video, tracking location and destroying or wiping content and data."

Google and Apple's official mobile app stores continue to be a popular mobile malware delivery vector. But threat actors are also increasingly using SMS-based phishing campaigns and social engineering scams of the sort seen in the SandStrike campaign to get users to install malware on their mobile devices.

Proofpoint also found that attackers are targeting Android devices far more heavily than iOS devices. One big reason is that iOS doesn't allow users to install an app via an unofficial third-party app store or to download it directly to the device, like Android does, Proofpoint said.

**Different Types of Mobile Malware in Circulation**

Proofpoint identified the most significant mobile malware threats as FluBot, TeaBot, TangleBot, MoqHao, and BRATA. The different capabilities integrated into these malware tools include data and credential theft, stealing funds from online accounts, and general spying and surveillance. One of these threats — FluBot — has been largely quiet since the disruption of its infrastructure in a coordinated law enforcement action in June.

Proofpoint found that mobile malware is not confined to a specific region or language. "Instead, threat actors adapt their campaigns to a variety of languages, regions and devices," the company warned.

Meanwhile, Kaspersky said it blocked some 5.5 million malware, adware, and riskware attacks targeted at mobile devices in Q2 2022. More than 25% of these attacks involved adware, making it the most common mobile threat at the moment. But other notable threats included mobile banking Trojans, mobile ransomware tools, spyware link SandStrike, and malware downloaders. Kaspersky found that creators of some malicious mobile apps have increasingly targeted users from multiple countries at once.

The mobile malware trend poses a growing threat to enterprise organizations, especially those that allow unmanaged and personally owned devices in the workplace. Last year, the US Cybersecurity and Infrastructure Security Agency (CISA) released a checklist of actions that organizations can take to address these threats. Its recommendations include the need for organizations to implement security-focused mobile device management; to ensure that only trusted devices are allowed access to applications and data; to use strong authentication; to disable access to third-party app stores; and to ensure that users use only curated app stores.

Cyber-Threat Actor Uses Booby-Trapped VPN App to Deploy Android Spyware

We can bridge that gap by spreading the word about the opportunities, the requirements, and the many tools available to help applicants break into the field.

Cybercrime seems to be in the headlines every day, as ransomware demands escalate and distributed denial-of-service (DDoS) attacks and other assaults paralyze and damage enterprises of all types and sizes. In 2021, the Federal Bureau of Investigation's Internet Crime Complaint Center (IC3) received 847,376 reports of cyberattacks, up 7% from 2020, with a growing focus on critical infrastructure and the supply chain. The costs of cybercrime are astronomical, approaching $7 billion, according to FBI statistics.

Hoping to remediate, or preferably prevent, such attacks, companies work daily to bolster their cybersecurity measures. The federal Cybersecurity and Infrastructure Security Agency launched its Shields Up campaign this year to encourage proactive defenses against potential cyberattacks prompted by US sanctions placed on Russia. Insurance companies, meanwhile, are raising premiums and limiting coverage for organizations with inadequate cyber protection.

As willing as employers may be to comply, one of the biggest challenges is finding the staff to implement stronger defenses. In the US alone, there are currently more than 700,000 openings in cybersecurity, a 43% increase over last year, according to CyberSeek. Demand isn't confined to the tech industry; it's growing in sectors such as finance, as well. Employers are struggling to fill these critical posts now but can't find enough applicants, never mind being able to meet future demand.

**Misconceptions and Missed Potential**

One of the major reasons for the severe shortage is the common misconception that it's necessary to have a STEM or security-related degree to work in cybersecurity. This is not the case. Self-motivated individuals with some level of technical skill and problem-solving experience are great candidates. The challenge is to communicate the opportunity and actual requirements so we can begin tapping this potential pool of talent.

Obviously, some familiarity with technology is a must, as it would be difficult to bring in someone with no technical background at all. But that background does not need to be specific to cybersecurity, because many job skills are readily transferable. For example, IT system admins accustomed to patching systems and investigating suspicious or unusual events will find their experience useful in cybersecurity. When I was a systems admin, I was often in meetings with the security team. I learned about vulnerabilities, and it was my responsibility to patch them. That kind of experience is invaluable for anyone considering a cybersecurity career.

We need to search out people with the innate ability to recognize what's normal and investigate deviations from that norm. If they've been involved in troubleshooting, that's a plus. Even seemingly unrelated backgrounds can come in handy. For instance, self-taught techies who love to tinker and have figured out how to build their own systems and solve problems in the process could have a future in the cybersecurity field.

**Resources for the Resourceful**

Let's make it clear that a college degree, specifically in cybersecurity, isn't the only way into this field. There are many training resources available for potential candidates who want to improve their qualifications. Self-learners can take free or low-cost online courses in cybersecurity and networking. Completing this type of training will strengthen a candidate's resume and open up more opportunities.

CyberSeek is a terrific organization dedicated to closing the cybersecurity talent gap. It offers information and resources for students, job seekers, employers, educators, and more. Among its offerings is a list of cybersecurity training available at little or no cost.

(ISC)2 is an excellent resource for experienced IT professionals as well as those just starting out in the field. It offers a range of certifications for everyone from students and entry-level candidates without a technical background to those with years of experience who want to expand or update their knowledge. Its high-level certified information systems security professional (CISSP) certification takes commitment but is considered one of the best in the industry.

There are other less demanding options that might be a good starting point, including Pluralsight's boot camps for coding. Security BSides (often called just BSides) is a nonprofit organization that hosts conferences to share knowledge on information security and provide networking opportunities. TryHackMe bills itself as "a fun way" to learn about cybersecurity through interactive, real-world scenarios suitable for all skill levels. Additionally, Amazon, IBM, and Microsoft each have a variety of free courses that prepare candidates for a career in the field.

**Talk About Rewards**

There's ample reason to hope the public will respond to our compelling message. A CISSP earns $131,030 a year, according to (ISC)2. Yet there are benefits beyond a healthy salary and job availability — protecting against cyber threats can be fulfilling in so many more ways.

For example, those with a military or law enforcement background might find cybersecurity particularly rewarding because it gives them the chance to continue performing meaningful work that protects society at large.

It's clear we must do all we can to attract desperately needed talent into the security industry. We can do that by spreading the word about the opportunities, the requirements, and the many tools available to help applicants break into the field.

How to Narrow the Talent Gap in Cybersecurity

Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: OpenShift Container Platform 4.11.12 security update  
Advisory ID:       RHSA-2022:7201-01  
Product:           Red Hat OpenShift Enterprise  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:7201  
Issue date:        2022-11-02  
CVE Names:         CVE-2020-35525 CVE-2020-35527 CVE-2022-0494  
                   CVE-2022-1353 CVE-2022-2509 CVE-2022-2588  
                   CVE-2022-3515 CVE-2022-23816 CVE-2022-23825  
                   CVE-2022-26945 CVE-2022-29900 CVE-2022-29901  
                   CVE-2022-30321 CVE-2022-30322 CVE-2022-30323  
                   CVE-2022-32742 CVE-2022-37434 CVE-2022-40674  
                   CVE-2022-41974  
====================================================================  
1. Summary:

Red Hat OpenShift Container Platform release 4.11.12 is now available with  
updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing  
Kubernetes application platform solution designed for on-premise or private  
cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container  
Platform 4.11.12. See the following advisory for the RPM packages for this  
release:

https://access.redhat.com/errata/RHBA-2022:7200

Space precludes documenting all of the container images in this advisory.  
See the following Release Notes documentation, which will be updated  
shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html

Security Fix(es):

* go-getter: command injection vulnerability (CVE-2022-26945)  
* go-getter: unsafe download (issue 1 of 3) (CVE-2022-30321)  
* go-getter: unsafe download (issue 2 of 3) (CVE-2022-30322)  
* go-getter: unsafe download (issue 3 of 3) (CVE-2022-30323)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

You may download the oc tool and use it to inspect release image metadata  
as follows:

(For x86_64 architecture)

$ oc adm release info  
quay.io/openshift-release-dev/ocp-release:4.11.12-x86_64

The image digest is  
sha256:0ca14e0f692391970fc23f88188f2a21f35a5ba24fe2f3cb908fd79fa46458e6

(For s390x architecture)

$ oc adm release info  
quay.io/openshift-release-dev/ocp-release:4.11.12-s390x

The image digest is  
sha256:7b9b21e35286e67473a0c4c28c84e3d806eb30364682a6b072b79109c2d22c6b

(For ppc64le architecture)

$ oc adm release info  
quay.io/openshift-release-dev/ocp-release:4.11.12-ppc64le

The image digest is  
sha256:c61315b1257695b5f86d2782a70909227e004cd7cd30236c6f94a9e4ecf24ecb

(For aarch64 architecture)

$ oc adm release info  
quay.io/openshift-release-dev/ocp-release:4.11.12-aarch64

The image digest is  
sha256:c70dc68aef64280d3cba9a056af29438943b30c260a7156893e1bae5c6c5ce3f

All OpenShift Container Platform 4.11 users are advised to upgrade to these  
updated packages and images when they are available in the appropriate  
release channel. To check for available updates, use the OpenShift Console  
or the CLI oc command. Instructions for upgrading a cluster are available  
at  
https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html

3. Solution:

For OpenShift Container Platform 4.11 see the following documentation,  
which will be updated shortly for this release, for important instructions  
on how to upgrade your cluster and fully apply this asynchronous errata  
update:

https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html

Details on how to access this content are available at  
https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html

4. Bugs fixed (https://bugzilla.redhat.com/):

2042826 - [SNO] the replicas of ingresscontroller/default is 2 on new installed SNO private cluster  
2092839 - Downward API (annotations) is missing PCI information when using the tuning metaPlugin on SR-IOV Networks  
2092918 - CVE-2022-30321 go-getter: unsafe download (issue 1 of 3)  
2092923 - CVE-2022-30322 go-getter: unsafe download (issue 2 of 3)  
2092925 - CVE-2022-30323 go-getter: unsafe download (issue 3 of 3)  
2092928 - CVE-2022-26945 go-getter: command injection vulnerability  
2099800 - Bump to kubernetes 1.24.6  
2109487 - machine-controller is case sensitive which can lead to false/positive errors

5. JIRA issues fixed (https://issues.jboss.org/):

OCPBUGS-1099 - Missing  $SEARCH domain in /etc/resolve.conf for OCP v4.9.31 cluster  
OCPBUGS-1346 - OpenStack UPI scripts do not create server group for Computes  
OCPBUGS-1658 - Whereabouts should allow non default interfaces to Pod IP list [backport 4.11]  
OCPBUGS-1713 - Kuryr-Controller Restarting on KuryrPort with missing pod  
OCPBUGS-1955 - [4.11] Dual stack cluster fails on installation when multi-path routing entries exist  
OCPBUGS-1972 - [IPI on Baremetal] ipv6 support issue in metal3-httpd  
OCPBUGS-1984 - Install Helm chart form doesn't allow the user select a specific version  
OCPBUGS-2011 - [4.11] ironic clear_job_queue and reset_idrac pending issues  
OCPBUGS-2014 - CI: Backend unit tests fails because devfile registry was updated (mock response)  
OCPBUGS-2042 - [2102088] 4.11 CatalogSourcesUnhealthy error in subscription When upgrading ptp-operator  
OCPBUGS-2046 - Remove policy/v1beta1 in 4.11 and later  
OCPBUGS-2050 - [release-4.11] DNS operator does not reconcile the openshift-dns namespace  
OCPBUGS-2092 - Use floating tags in golang imagestream  
OCPBUGS-2112 - [release-4.11] Address e2e failures due to pod security  
OCPBUGS-2113 - [4.11] etcd and kube-apiserver pods get restarted due to failed liveness probes while deleting/re-creating pods on SNO  
OCPBUGS-2140 - member loses rights after some other user login in openid / group sync  
OCPBUGS-2293 - CVO skips reconciling the installed optional resources in the 4.11 to 4.12 upgrade  
OCPBUGS-2320 - [release-4.11] Remove namespace and name from gathered DVO metrics  
OCPBUGS-2451 - e2e tests: Installs Red Hat Integration - 3scale operator test is failing due to change of Operator name  
OCPBUGS-2528 - dns-default pod missing "target.workload.openshift.io/management:" annotation  
OCPBUGS-2606 - [release-4.11] go.mod should beworking with golang-1.17 and golang-1.18  
OCPBUGS-2616 - e2e-gcp-builds is permafailing  
OCPBUGS-2626 - Worker creation fails within provider networks (as primary and secondary)  
OCPBUGS-2640 - prometheus-k8s-0 ends in CrashLoopBackOff with evel=error err="opening storage failed: /prometheus/chunks_head/000002: invalid magic number 0" on SNO after hard reboot tests  
OCPBUGS-2658 - [4.11] VPA E2Es fail due to CSV name mismatch  
OCPBUGS-2766 - 'oc login' should be robust in the face of gather failures  
OCPBUGS-2780 - Import: Advanced option sentence is splited into two parts and headlines has no padding  
OCPBUGS-449 - KubeDaemonSetRolloutStuck alert using incorrect metric in 4.9 and 4.10  
OCPBUGS-526 - Prerelease report bug link should be updated to JIRA instead of Bugzilla  
OCPBUGS-668 - Prefer local dns does not work expectedly on OCPv4.11  
OCPBUGS-673 - crio occasionally fails to start during deployment  
OCPBUGS-689 - [2112237] [ Cluster storage Operator 4.x(10/11) ] DefaultStorageClassController report fake message "No default StorageClass for this platform" on Alicloud, IBM  
OCPBUGS-744 - [4.11] Spoke BMH stuck ?provisioning? after changing a BIOS attribute via the converged workflow  
OCPBUGS-947 - [4.11] Rebase openshift/etcd 4.11 onto 3.5.5  
OCPBUGS-955 - [2087981] PowerOnVM_Task is deprecated use PowerOnMultiVM_Task for DRS ClusterRecommendation

6. References:

https://access.redhat.com/security/cve/CVE-2020-35525  
https://access.redhat.com/security/cve/CVE-2020-35527  
https://access.redhat.com/security/cve/CVE-2022-0494  
https://access.redhat.com/security/cve/CVE-2022-1353  
https://access.redhat.com/security/cve/CVE-2022-2509  
https://access.redhat.com/security/cve/CVE-2022-2588  
https://access.redhat.com/security/cve/CVE-2022-3515  
https://access.redhat.com/security/cve/CVE-2022-23816  
https://access.redhat.com/security/cve/CVE-2022-23825  
https://access.redhat.com/security/cve/CVE-2022-26945  
https://access.redhat.com/security/cve/CVE-2022-29900  
https://access.redhat.com/security/cve/CVE-2022-29901  
https://access.redhat.com/security/cve/CVE-2022-30321  
https://access.redhat.com/security/cve/CVE-2022-30322  
https://access.redhat.com/security/cve/CVE-2022-30323  
https://access.redhat.com/security/cve/CVE-2022-32742  
https://access.redhat.com/security/cve/CVE-2022-37434  
https://access.redhat.com/security/cve/CVE-2022-40674  
https://access.redhat.com/security/cve/CVE-2022-41974  
https://access.redhat.com/security/updates/classification/#important

7. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY2JozNzjgjWX9erEAQhHwxAAidAR052/ozo/ov6l13JeYEuIF/01JhB9  
P3L3rcLhNk76PR8A7gPu4UR/Ws5Jx3htFMMxWwtWGr13zpmI0KN3aFiJo5HMT07o  
Ug8TuPI66U4d5VVGhd9ihecdoYGPnRMlGVLLhIczRpnPHC960VaS9+6wUHs8Wu/S  
Du9QcuPRI8SD1sFsWZ2XPy0X6OJDkflDL1aDHQnaM6E3uajNR1lqBafZplToyPzz  
x5yB79lxz28E2/7qMFaarp9hvrel8mlXHZ3jh1K6yeLLJ/o/rxnbgyJNY2WEAnsM  
/ygqoZ+MAHAdkID38gc5vFzT75JDWfuouMrmhw6j58eb/SN4pLo1/iL9OQdKFuWs  
rQwJ4NsopoTnI1VV1awYIblPvYjK9/3MtL/denrMVgLONTvOLMSROuLtGNVeUSTZ  
VIxTV70wtT7Dn6rAfQYb35y9mfzDrQVoR01kRqlhPULUx0qPvaU+tVmXTwUShDCL  
/98LZUalebsbdwETs/vzEFMZDspBdrI0gEgbtWN1v3n2LrYaLuC+6+5THOB2zsgh  
c+vY5iR4rIh6bPRR8b79MkKWpibO2aJjuY/V/cthtVF5ZixYO4fXtmlFR010uzfV  
5Lcbt74wOOJGrcLtqtwjBLqPDzye2lkB92ukLGOKDIiJ/GyLy1trhJGjsC/xjrCx  
92G318cSZhU=qJeD  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-7201-01

Red Hat Security Advisory 2022-7280-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update  
Advisory ID:       RHSA-2022:7280-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:7280  
Issue date:        2022-11-01  
CVE Names:         CVE-2022-2588 CVE-2022-21123 CVE-2022-21125  
                   CVE-2022-21166  
====================================================================  
1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2  
Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Real Time TUS (v. 8.2) - x86_64  
Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2) - x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables  
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* A use-after-free in cls_route filter implementation may lead to privilege  
escalation (CVE-2022-2588)

* Incomplete cleanup of multi-core shared buffers (aka SBDR)  
(CVE-2022-21123)

* Incomplete cleanup of microarchitectural fill buffers (aka SBDS)  
(CVE-2022-21125)

* Incomplete cleanup in specific special register write operations (aka  
DRPW) (CVE-2022-21166)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Update RT source tree to the latest RHEL-8.2.z21 Batch (BZ#2100575)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR)  
2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS)  
2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)  
2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

6. Package List:

Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2):

Source:  
kernel-rt-4.18.0-193.93.1.rt13.143.el8_2.src.rpm

x86_64:  
kernel-rt-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-core-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-core-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-kvm-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-devel-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-kvm-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-modules-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm

Red Hat Enterprise Linux Real Time TUS (v. 8.2):

Source:  
kernel-rt-4.18.0-193.93.1.rt13.143.el8_2.src.rpm

x86_64:  
kernel-rt-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-core-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-core-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-debuginfo-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-devel-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-modules-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debug-modules-extra-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debuginfo-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-debuginfo-common-x86_64-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-devel-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-modules-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm  
kernel-rt-modules-extra-4.18.0-193.93.1.rt13.143.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2588  
https://access.redhat.com/security/cve/CVE-2022-21123  
https://access.redhat.com/security/cve/CVE-2022-21125  
https://access.redhat.com/security/cve/CVE-2022-21166  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY2FrpdzjgjWX9erEAQiUKRAAn2+wAHJN7JCGJnyrxle0O5lJG082lRys  
YadFY+KfafjmmFf3OmF8RWH5H3hURYnD8dy3l+pg9tadu1DVDQcHw4F3sa14wqka  
ozHadtjnTpdPuioSRa0nS4W1lB+KxlD0X6jcGeCd7wie5RFl589nfMJJ/uJjNJSA  
2ngUYYACAj4KW+M2nAq54l3t1TSg25Obn/C3QUxWf+p2GSutzQozkOCVTyuHQFVM  
sbjmzmzm8OkvV8FCNJaq9nCzYA4atd53NVsZ0OtvWPD2a3OC4hIpQCxlbhOzC4/6  
gEjUPf7qBt6xYNwHyIZrWU7NklEKA/cBxeCnEjrSY2EkSVABboAKSGPyTZVsHB/A  
+AeTpYEsWPbR1Tq6GOuesszkvHqLWPQHw0l02mCc4u02oJpy46zjEfyXEXmcTIps  
AwX/+gU9SS12fQQivDOsy6YTEfsUscLHvdmFyQsSXiN6CzD0zcIQE1FKe+SSqU5O  
PQksp90Hd1QvzqIww6M/TQ/gfSpvfJNdEFKeEaLXxaTOIQ/ByAKb2CRohSipOy/9  
hy78V96iAy22BQNyC1MUfXUP0pf/s7/Dhr3ZYyPHjq2Nv6NjibXLf+kO3W1uOU3s  
tA9/fOQrHEIjbuzJkDaVGq8rIstx3W2lbxOvJ8ciL+1vQhfj/xT9Sh6KPbECcBEw  
9Ag402aFhko=+/FL  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#ios