Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and
and CRL distribution points (CDP) in certificates. A remote attacker could
possibly use this issue to initiate IKE_SAs and send crafted certificates
that contain URIs pointing to servers under their control, which can lead
to a denial-of-service attack.
Monthly Archives: October 2022
USN-5614-2: Wayland vulnerability
USN-5614-1 fixed a vulnerability in Wayland. This update
provides the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Wayland incorrectly handled reference counting
certain objects. An attacker could use this issue to cause Wayland to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Student data leaked after LA school district says it won’t pay ransom
Hackers have leaked data stolen from the United States’s second-largest school district, after the Los Angeles Unified School District (LAUSD) announced it would not be giving in to ransom demands.
Read more in my article on the Hot for Security blog.
There’s good and bad news about the Microsoft Exchange server zero-day exploit
Yay, Microsoft has told us how to mitigate against the recently-discovered zero-day attacks.
Boo, the mitigations can be bypassed…
Ex-NSA Employee Charged For Trying to Sell US Secrets
Dalke reportedly requested $85,000 in return for additional information in his possession
USN-5652-1: Linux kernel (Azure) vulnerabilities
It was discovered that the framebuffer driver on the Linux kernel did not
verify size limits when changing font or screen size, leading to an out-of-
bounds write. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-33655)
Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter
subsystem in the Linux kernel did not properly handle rules that truncated
packets below the packet header size. When such rules are in place, a
remote attacker could possibly use this to cause a denial of service
(system crash). (CVE-2022-36946)
6 Questions for Building and Scaling a Cybersecurity Plan
Here are six essential questions that organizations should continually ask themselves to build and scale an effective, sustainable cybersecurity plan. […]
CVE-2022-33882 (autodesk_desktop)
Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA). An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code.
Phishing Campaigns Target KFC, McDonald’s in Saudi Arabia, UAE, Singapore
Payment details of some of the victims were successfully stolen by the attackers
LiveAction adds new SOC-focused features to ThreatEye NDR platform
End-to-end network security and performance visibility vendor LiveAction has announced new security operations center (SOC) focused updates to its Network Detection and Response (NDR) platform, ThreatEye. In a press release, the firm stated that the platform features a new user interface (UI) designed to enhance the ability of SOC analysts to correlate findings and policy violations to track incidents.
The platform offers enhanced predicative threat intelligence capabilities that allow SOC analysts to identify and track domains and IP addresses not yet active but registered by threat actors and associated malware campaigns. It also includes packet-based behavioral fingerprinting to identify behavior in encrypted traffic streams and host-based behavioral analysis, LiveAction added.