golang-1.18.5-1.fc36

Read Time:15 Second

FEDORA-2022-1f829990f0

Packages in this update:

golang-1.18.5-1.fc36

Update description:

go1.18.5 includes security fixes to the encoding/gob and math/big packages, as well as bug fixes to the compiler, the go command, the runtime, and the testing package.

Upstream notes.

Read More

Traceable AI adds eBPF to security platform for deeper API observability and visibility

Read Time:36 Second

API security firm Traceable AI has announced the addition of extended Berkeley Packet Filter (eBPF) data to its platform to enhance API observability and visibility. eBPF is a technology that makes it possible to run special programs deep inside the Linux operating system in an isolated way.

A variant of BPF, it has become a universal in-kernel virtual machine that allows teams to collect data from Linux applications and network resources more easily and efficiently. By adding eBPF data to its platform, Traceable AI said it is helping CISOs, DevSecOps, and DevOps teams improve API security postures without the need to change kernel source code or add instrumentation.

To read this article in full, please click here

Read More

Backdoor.Win32.Destrukor.20 / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Aug 01

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Destrukor.20
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 6969. Third-party adversaries
who can reach infected hosts can run commands made available by the…

Read More

Backdoor.Win32.Destrukor.20 / Authentication Bypass

Read Time:18 Second

Posted by malvuln on Aug 01

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Destrukor.20
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 6969. However, after sending a
specific cmd “rozmiar” the backdoor returns “moznasciagac” in Polish…

Read More