Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

RHSA-2022:6252: Red Hat Security Advisory: OpenShift Container Platform 3.11.784 security update

Red Hat OpenShift Container Platform release 3.11.784 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-39226: grafana: Snapshot authentication bypass

Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#auth#rpm
CVE-2022-35513: Releases · todbot/Blink1Control2

The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.

New Stealthy Shikitega Malware Targeting Linux Systems and IoT Devices

A new piece of stealthy Linux malware called Shikitega has been uncovered adopting a multi-stage infection chain to compromise endpoints and IoT devices and deposit additional payloads. "An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed and set to persist," AT&T Alien Labs said in a new report published Tuesday. The findings add to a

MagicRAT: Lazarus’ latest gateway into victim networks

By Jung soo An, Asheer Malhotra and Vitor Ventura. Cisco Talos has discovered a new remote access trojan (RAT) we're calling "MagicRAT," developed and operated by the Lazarus APT group, which the U.S. government believes is a North Korean state-sponsored actor. Lazarus deployed MagicRAT after the successful exploitation of vulnerabilities in VMWare Horizon platforms. We've also found links between MagicRAT and another RAT known as "TigerRAT," disclosed and attributed to Lazarus by the Korean Internet & Security Agency (KISA) recently. TigerRAT has evolved over the past year to include new functionalities that we illustrate in this blog. Executive Summary Cisco Talos has discovered a new remote access trojan (RAT), which we are calling "MagicRAT," that we are attributing with moderate to high confidence to the Lazarus threat actor, a state-sponsored APT attributed to North Korea by the U.S. Cyber Security & Infrastructure Agency (CISA). This new RAT was found on victims ...

Everything You Need To Know About BlackCat (AlphaV)

A relative newcomer to the ransomware scene, the BlackCat group quickly gained notoriety and may be associated with other APT groups like Conti and DarkSide.

CVE-2022-38530: AddressSanitizer: stack-overflow when processing ISOM_IOD · Issue #2216 · gpac/gpac

GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD.

CVE-2022-38529: Heap-buffer-overflow still exists in the rleUncompress · Issue #169 · syoyo/tinyexr

tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress.

CVE-2022-38528: Bug: SEGV on unknown address still exists in Assimp::XFileImporter::CreateMeshes · Issue #4662 · assimp/assimp

Open Asset Import Library (assimp) commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes.

CVE-2022-35913: [bitcoin-dev] Playing with full-rbf peers for fun and L2s security

Samourai Wallet Stonewallx2 0.99.98e allows a denial of service via a P2P coinjoin. The attacker and victim must follow each other's paynym. Then, the victim must try to collaborate with the attacker for a Stonewallx2 transaction. Next, the attacker broadcasts a tx, spending the inputs used in Stonewallx2 before the victim can broadcast the collaborative transaction. The attacker does not signal opt in RBF, and uses the lowest fee rate. This would result in the victim being unable to perform Stonewallx2. (Note that the attacker could use multiple paynyms.)

CVE-2022-37253: Crime Reporting System 1.0 Cross Site Scripting ≈ Packet Storm

Persistent cross-site scripting (XSS) in Crime Reporting System 1.0 allows a remote attacker to introduce arbitary Javascript via manipulation of an unsanitized POST parameter