A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with service user privileges to upload arbitrary files. By uploading a specially crafted tar file an attacker can execute arbitrary commands.
Daily Archives: April 14, 2022
CVE-2020-16238
A vulnerability in the configuration import mechanism of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with command line access to the underlying Linux system to escalate privileges to the root user.
What is the cyber kill chain? A model for tracing cyberattacks
As an infosec professional, you’ve likely heard about using a cyber kill chain to help identify and prevent intrusions. Attackers are evolving their methods, which might require that you look at the cyber kill chain differently. What follows is an explanation of the cyber kill chain and how you might employ it in your environment.
Cyber kill chain definition
The cyber kill chain, also known as the cyberattack lifecycle, is a model developed by Lockheed Martin that describes the phases of a targeted cyberattack. It breaks down each stage of a malware attack where defenders can identify and stop it.
5 Ongoing Cybersecurity Concerns and How SLTTs Can Beat Them
Many SLTTs have been grappling with the same five cybersecurity concerns since 2015. But these obstacles aren’t insurmountable.
Rare and dangerous Incontroller malware targets ICS operations
In the second major industrial control system (ICS) threat development this week, the U.S. Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) issued a Cybersecurity Advisory (CSA) warning of a complex and dangerous ICS threat. The CSA says that specific unnamed advanced persistent threat (APT) actors have exhibited the capability to gain complete system access to multiple ICS and supervisory control and data acquisition (SCADA) devices.
xen-4.16.1-1.fc36
FEDORA-2022-b50023a180
Packages in this update:
xen-4.16.1-1.fc36
Update description:
update to xen-4.16.1
strip .efi file to help EFI partitions with limited space
Racy interactions between dirty vram tracking and paging log dirty
hypercalls [XSA-397, CVE-2022-26356]
race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357]
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400,
CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361]
Kyndryl rolls out Dell partnership for disaster recovery and security
A new system recovery offering from former IBM division and current managed infrastructure service provider Kyndryl incorporates air-gapped data vaulting technology from Dell for faster recovery from major cybersecurity incidents like ransomware attacks.
The Cyber Incident Recovery service is a four-part system, says Kyndryl global security and resiliency practice leader Kris Lovejoy. Kyndryl provides an orchestration tool that offers users a way to respond programmatically and immediately to a cybersecurity event, an analytics tool that uses machine learning to do regular integrity checking on system configuration data (ensuring that it hasn’t been compromised by bad actors), and the company’s own in-house expertise in deployment and configuration of large-scale, enterprise systems.
podman-tui-0.2.1-1.fc35
FEDORA-2022-932d07be95
Packages in this update:
podman-tui-0.2.1-1.fc35
Update description:
Security fix for [CVE-2022-1227]
US Government warns of new malware attacks on ICS/SCADA systems
Agencies of the US Government have issued a joint warning that hackers have revealed their capability to gain full system access to industrial control systems that might help enemy states sabotage critical infrastructure.
Read more in my article on the Tripwire State of Security blog.
MetroHealth Data Breach Involved 1700 Patients
The breach involved patient names, care provider names and appointment details