Read Time:7 Second
FEDORA-2022-8c3ebc1a18
Packages in this update:
firefox-107.0.1-1.fc36
Update description:
Updated to latest upstream (107.0.1)
Monthly Archives: December 2022
firefox-107.0.1-1.fc37
Read Time:7 Second
FEDORA-2022-b58437c302
Packages in this update:
firefox-107.0.1-1.fc37
Update description:
Updated to latest upstream (107.0.1)
CVE-2022-23470 (galaxy)
Read Time:35 Second
Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is running. This vulnerability affects Galaxy 22.01 and higher, after the switch to gunicorn, which serve static contents directly. Additionally, the vulnerability is mitigated when using Nginx or Apache to serve /static/* contents, instead of Galaxy’s internal middleware. This issue has been patched in commit `e5e6bda4f` and will be included in future releases. Users are advised to manually patch their installations. There are no known workarounds for this vulnerability.
CVE-2022-23466
Read Time:31 Second
teler is an real-time intrusion detection and threat alert dashboard. teler prior to version 2.0.0-rc.4 is vulnerable to DOM-based cross-site scripting (XSS) in the teler dashboard. When teler requests messages from the event stream on the `/events` endpoint, the log data displayed on the dashboard are not sanitized. This only affects authenticated users and can only be exploited based on detected threats if the log contains a DOM scripting payload. This vulnerability has been fixed on version `v2.0.0-rc.4`. Users are advised to upgrade. There are no known workarounds for this vulnerability.
China-Based Hackers Target Amnesty International Canada
Read Time:4 Second
Results suggest the attack was executed using tools and techniques associated with Chinese APTs.
Christmas Warning: Threat Actors Impersonate your Favorite Brands to Attack, Finds CSC
Read Time:7 Second
Majority of third-party domain names impersonating the biggest global brands use domain privacy services, indicating the owner’s intention to mask their identity
Swiss Government Wants to Implement Mandatory Duty to Report Cyber-Attacks
Read Time:6 Second
The move would shed light on hackers and sound the alarm more widely on cyber-threats in the country.
Flaws in MegaRAC baseband management firmware impact many server brands
Read Time:38 Second
Researchers have found three vulnerabilities in AMI MegaRAC, a baseband management controller (BMC) firmware used by multiple server manufacturers. If exploited, the flaws could allow attackers to remotely control servers, deploy malware and firmware implants, or trigger damaging actions that leave them inoperable.
BMCs are microcontrollers present on server motherboards that have their own firmware, dedicated memory, power, and network ports and are used for out-of-band management of servers when their main operating systems are shut down. They are essentially small independent computers running inside bigger computers that allow administrators to remotely perform a variety of maintenance and diagnostic tasks including reinstalling operating systems, restarting servers when they’re unresponsive, deploying firmware updates and more.
Threat Actors Use Malicious File Systems to Scale Crypto-Mining Operations
Read Time:5 Second
The hackers used PRoot to increase the scope of their operations to several Linux distributions
CVE-2020-6627 (stcg2000300_firmware, stcg3000300_firmware, stcg4000300_firmware)
Read Time:12 Second
The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300 devices allows OS command injection via mv_backend_launch in cirrus/application/helpers/mv_backend_helper.php by leveraging the “start” state and sending a check_device_name request.