Daily Archives: October 13, 2022

Advisories

CVE-2020-26844

Read Time:9 Second

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

Read More

News

New Chinese attack framework Alchimist serves Windows, Linux, and macOS implants

Read Time:37 Second

Researchers have discovered a new attack framework of Chinese origin that they believe is being used in the wild. The framework is made up of a command-and-control (C2) backend dubbed Alchimist and an accompanying customizable remote access Trojan (RAT) for Windows and Linux machines. The framework can also be used to generate PowerShell-based attack shellcode or distribute malicious implants for other platforms such as macOS.

“Our discovery of Alchimist is yet another indication that threat actors are rapidly adopting off-the-shelf C2 frameworks to carry out their operations,” researchers from Cisco Talos said in a new report. “A similar ready-to-go C2 framework called ‘Manjusaka’ was recently disclosed by Talos.”

To read this article in full, please click here

Read More

Advisories

python-m2r-0.2.1-12.20190604git66f4a5a.fc37 python-mistune-2.0.4-1.fc37 python-mistune08-0.8.4-7.fc37 python-sphinx-typlog-theme-0.8.0-1.fc37

Read Time:32 Second

FEDORA-2022-e4f5866111

Packages in this update:

python-m2r-0.2.1-12.20190604git66f4a5a.fc37
python-mistune08-0.8.4-7.fc37
python-mistune-2.0.4-1.fc37
python-sphinx-typlog-theme-0.8.0-1.fc37

Update description:

updates mistune to 2.0.4
m2r updated to pin dependency to mistune < 2
new package: python-mistune08 compatibility package, to be used by dependents that cannot use the new mistune (namely nbconvert)
new package: python-sphinx-typlog-theme, needed to build mistune 2.x documentation

Compatibility package for mistune 0.8, so we can update mistune to 2x without breaking unported dependents like nbconvert

Read More