** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.
Daily Archives: October 13, 2022
CVE-2020-26843
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.
CVE-2020-26842
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.
CVE-2020-26841
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.
CVE-2020-26840
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.
CVE-2020-26839
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.
New Chinese attack framework Alchimist serves Windows, Linux, and macOS implants
Researchers have discovered a new attack framework of Chinese origin that they believe is being used in the wild. The framework is made up of a command-and-control (C2) backend dubbed Alchimist and an accompanying customizable remote access Trojan (RAT) for Windows and Linux machines. The framework can also be used to generate PowerShell-based attack shellcode or distribute malicious implants for other platforms such as macOS.
“Our discovery of Alchimist is yet another indication that threat actors are rapidly adopting off-the-shelf C2 frameworks to carry out their operations,” researchers from Cisco Talos said in a new report. “A similar ready-to-go C2 framework called ‘Manjusaka’ was recently disclosed by Talos.”
Chinese APT WIP19 Targets IT Service Providers and Telcos
The group is characterized by the use of a stolen digital certificate issued by DEEPSoft
Malicious WhatsApp Mod Spotted Infecting Android Devices
YoWhatsApp v2.22.11.75 was distributed via ads on Android apps like Snaptube and VidMate
python-m2r-0.2.1-12.20190604git66f4a5a.fc37 python-mistune-2.0.4-1.fc37 python-mistune08-0.8.4-7.fc37 python-sphinx-typlog-theme-0.8.0-1.fc37
FEDORA-2022-e4f5866111
Packages in this update:
python-m2r-0.2.1-12.20190604git66f4a5a.fc37
python-mistune08-0.8.4-7.fc37
python-mistune-2.0.4-1.fc37
python-sphinx-typlog-theme-0.8.0-1.fc37
Update description:
updates mistune to 2.0.4
m2r updated to pin dependency to mistune < 2
new package: python-mistune08 compatibility package, to be used by dependents that cannot use the new mistune (namely nbconvert)
new package: python-sphinx-typlog-theme, needed to build mistune 2.x documentation
Compatibility package for mistune 0.8, so we can update mistune to 2x without breaking unported dependents like nbconvert