Read Time:8 Second
FEDORA-EPEL-2022-f2840cccbe
Packages in this update:
ntfs-3g-2022.10.3-1.el9
Update description:
Update to 2022.10.3. Fixes CVE-2022-40284
Daily Archives: November 16, 2022
ntfs-3g-2022.10.3-1.el8
Read Time:8 Second
FEDORA-EPEL-2022-15e4c3606e
Packages in this update:
ntfs-3g-2022.10.3-1.el8
Update description:
Update to 2022.10.3. Fixes CVE-2022-40284
Botnets, Trojans, DDoS From Ukraine and Russia Have Increased Since Invasion
Read Time:5 Second
The news comes from a report by Top10VPN and is based on data by the Shadowserver Foundation
thunderbird-102.5.0-1.fc37
Read Time:12 Second
FEDORA-2022-c6922f983b
Packages in this update:
thunderbird-102.5.0-1.fc37
Update description:
Update to 102.5.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/ ;
https://www.thunderbird.net/en-US/thunderbird/102.4.2/releasenotes/
USN-5726-1: Firefox vulnerabilities
Read Time:1 Minute, 15 Second
Multiple security issues were discovered in Firefox. If a user were tricked
into opening a specially crafted website, an attacker could potentially
exploit these to cause a denial of service, spoof the contents of the
addressbar, bypass security restrictions, cross-site tracing or execute
arbitrary code. (CVE-2022-45403, CVE-2022-45404, CVE-2022-45405,
CVE-2022-45406, CVE-2022-45407, CVE-2022-45408, CVE-2022-45409, CVE-2022-45410,
CVE-2022-45411, CVE-2022-45413, CVE-2022-40674, CVE-2022-45418, CVE-2022-45419,
CVE-2022-45420, CVE-2022-45421)
Armin Ebert discovered that Firefox did not properly manage while resolving
file symlink. If a user were tricked into opening a specially crafted weblink,
an attacker could potentially exploit these to cause a denial of service.
(CVE-2022-45412)
Jefferson Scher and Jayateertha Guruprasad discovered that Firefox did not
properly sanitize the HTML download file extension under certain circumstances.
If a user were tricked into downloading and executing malicious content, a
remote attacker could execute arbitrary code with the privileges of the user
invoking the programs. (CVE-2022-45415)
Erik Kraft, Martin Schwarzl, and Andrew McCreight discovered that Firefox
incorrectly handled keyboard events. An attacker could possibly use this
issue to perform a timing side-channel attack and possibly figure out which
keys are being pressed. (CVE-2022-45416)
Kagami discovered that Firefox did not detect Private Browsing Mode correctly.
An attacker could possibly use this issue to obtain sensitive information about
Private Browsing Mode.
(CVE-2022-45417)
Palo Alto releases PAN-OS 11.0 Nova with new evasive malware, injection attack protection
Read Time:42 Second
Palo Alto Networks has announced PAN-OS 11.0 Nova, the latest version of its PAN-OS software, featuring new product updates and features. These include the Advanced WildFire cloud-delivered security service to help protect against evasive malware and the Advanced Threat Prevention (ATP) service, which protects against injection attacks. The cybersecurity vendor also revealed new web proxy support and enhanced cloud access security broker (CASB) integration with new SaaS security posture management (SSPM) capabilities.
In a press release, Anand Oswal, senior VP network security at Palo Alto Networks, said that the new version of Nova is now able to stop 26% more zero-day malware than traditional sandboxes and detect 60% more injection attacks. The updates are the latest in a series of security releases from Palo Alto in 2022.
State-Backed APT Group Activity Continuing Apace
Read Time:4 Second
The report outlines recent APT group activity from Russia, China, Iran and North Korea
samba-4.15.12-0.fc35
Read Time:10 Second
FEDORA-2022-003403ec6b
Packages in this update:
samba-4.15.12-0.fc35
Update description:
Update to version 4.15.12
Update to version 4.15.11 – Security fixes for CVE-2022-3437
samba-4.17.3-0.fc37
Read Time:6 Second
FEDORA-2022-2156b74a6a
Packages in this update:
samba-4.17.3-0.fc37
Update description:
Update to version 4.17.3
Russian Software Company Pretending to Be American
Read Time:1 Minute, 4 Second
Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian.
According to company documents publicly filed in Russia and reviewed by Reuters, Pushwoosh is headquartered in the Siberian town of Novosibirsk, where it is registered as a software company that also carries out data processing. It employs around 40 people and reported revenue of 143,270,000 rubles ($2.4 mln) last year. Pushwoosh is registered with the Russian government to pay taxes in Russia.
On social media and in US regulatory filings, however, it presents itself as a US company, based at various times in California, Maryland, and Washington, DC, Reuters found.
What does the code do? Spy on people:
Pushwoosh provides code and data processing support for software developers, enabling them to profile the online activity of smartphone app users and send tailor-made push notifications from Pushwoosh servers.
On its website, Pushwoosh says it does not collect sensitive information, and Reuters found no evidence Pushwoosh mishandled user data. Russian authorities, however, have compelled local companies to hand over user data to domestic security agencies.
I have called supply chain security “an insurmountably hard problem,” and this is just another example of that.