Daily Archives: February 19, 2023

Advisories

openssl11-1.1.1k-5.el7

Read Time:31 Second

FEDORA-EPEL-2023-66548f784b

Packages in this update:

openssl11-1.1.1k-5.el7

Update description:

backport from 1.1.1k-9: Fixed Timing Oracle in RSA Decryption

Resolves: CVE-2022-4304

backport from 1.1.1k-9: Fixed Double free after calling PEM_read_bio_ex

Resolves: CVE-2022-4450

backport from 1.1.1k-9: Fixed Use-after-free following BIO_new_NDEF

Resolves: CVE-2023-0215

backport from 1.1.1k-9: Fixed X.400 address type confusion in X.509 GeneralName

Resolves: CVE-2023-0286

backport from 1.1.1k-8: Fix no-ec build

Resolves: rhbz#2071020

Read More

Advisories, CWE, Education

The Most Dangerous Vulnerabilities in Apache Tomcat and How to Protect Against Them

Read Time:2 Minute, 19 Second

Apache Tomcat is an open-source web server and servlet container that is widely used in enterprise environments to run Java web applications. However, like any web server, it is also vulnerable to various security threats. In this article, we’ll explore some of the most dangerous vulnerabilities in Tomcat and provide tips on how to protect your server from potential attacks.

  1. CVE-2020-1938 (Ghostcat) CVE-2020-1938, also known as Ghostcat, is a vulnerability that allows attackers to view sensitive information on Tomcat servers. This vulnerability can be exploited by sending a specially crafted request to the server, allowing an attacker to view files and directories that are not intended to be public. Ghostcat affects Tomcat versions 7.x, 8.x, 9.x, and 10.x.

To protect against Ghostcat, users should ensure that their Tomcat servers are up-to-date with the latest security patches. Additionally, users should limit access to sensitive files and directories, and implement network security measures such as firewalls and VPNs.

  1. CVE-2017-12617 (Apache Tomcat Remote Code Execution) CVE-2017-12617 is a remote code execution vulnerability that allows attackers to execute arbitrary code on Tomcat servers. This vulnerability can be exploited by sending a specially crafted request to the server, allowing an attacker to execute commands on the server as the user running the Tomcat process.

To protect against this vulnerability, users should ensure that their Tomcat servers are up-to-date with the latest security patches. Additionally, users should follow best practices such as restricting access to the Tomcat server to trusted networks and disabling unnecessary features and services.

  1. CVE-2020-9484 (Apache Tomcat RCE) CVE-2020-9484 is a remote code execution vulnerability that allows attackers to execute arbitrary code on Tomcat servers. This vulnerability can be exploited by sending a specially crafted request to the server, allowing an attacker to execute commands on the server with the permissions of the user running the Tomcat process.

To protect against this vulnerability, users should ensure that their Tomcat servers are up-to-date with the latest security patches. Additionally, users should restrict access to the Tomcat server to trusted networks, implement network security measures such as firewalls and VPNs, and limit the use of default or weak passwords.


Apache Tomcat is a popular web server and servlet container that is widely used in enterprise environments. However, it is also vulnerable to various security threats. To protect against these threats, users should ensure that their Tomcat servers are up-to-date with the latest security patches, follow best practices such as restricting access to the server and implementing network security measures, and stay informed about emerging threats and vulnerabilities. By taking these steps, users can help safeguard their Tomcat servers and prevent potential attacks.

Advisories, CWE, Education

ZDI-CAN-18333: A Critical Zero-Day Vulnerability in Microsoft Windows

Read Time:1 Minute, 46 Second

Zero-day vulnerabilities are a serious threat to cybersecurity, as they can be exploited by malicious actors to gain unauthorized access to systems. One such vulnerability is ZDI-CAN-18333, a critical zero-day vulnerability that affects Microsoft Windows. In this article, we’ll take a closer look at what this vulnerability is, how it works, and what you can do to protect your systems.

What is ZDI-CAN-18333?

ZDI-CAN-18333 is a zero-day vulnerability that was discovered by researchers from the Zero Day Initiative (ZDI). The vulnerability affects Microsoft Windows, one of the most widely used operating systems in the world. ZDI-CAN-18333 is considered critical as it could allow attackers to execute arbitrary code on a victim’s system, potentially giving them access to sensitive information.

How does ZDI-CAN-18333 work?

The ZDI-CAN-18333 vulnerability is related to the way that Microsoft Windows processes certain types of user input. Specifically, the vulnerability is related to the way that the operating system handles the printing of documents. By exploiting this flaw, an attacker can execute arbitrary code on a victim’s system, potentially giving them access to sensitive information or allowing them to install other malware.

What can you do to protect your systems?

Microsoft has released a security patch to address the ZDI-CAN-18333 vulnerability, which should be installed as soon as possible. Additionally, users should ensure that their operating system is up to date with the latest version of Microsoft Windows, as older versions may not be eligible for security patches. It’s also recommended to follow standard security practices such as avoiding suspicious websites and downloads, using strong passwords, and enabling two-factor authentication.

Zero-day vulnerabilities like ZDI-CAN-18333 are a serious threat to cybersecurity, and it’s important to stay informed about emerging threats and take steps to protect your systems. By keeping your operating system up to date with the latest security patches and following standard security practices, you can help safeguard your system from potential attacks. Remember to stay vigilant and report any suspicious activity to your IT department or security provider.

Advisories, Education, News

CVE-2020-36518: A Critical Vulnerability in SolarWinds Orion Platform

Read Time:1 Minute, 42 Second

The discovery of vulnerabilities in popular software can have far-reaching implications for cybersecurity. One such vulnerability is CVE-2020-36518, a critical vulnerability in the SolarWinds Orion Platform. In this article, we’ll explore what this vulnerability is, how it works, and what you can do to protect your systems.

What is CVE-2020-36518?

CVE-2020-36518 is a critical vulnerability in the SolarWinds Orion Platform, a popular network management software used by many organizations. The vulnerability could allow attackers to execute remote code on affected systems, potentially giving them access to sensitive information or allowing them to install other malware. The vulnerability was first identified in December 2020 and is considered a major threat to cybersecurity.

How does CVE-2020-36518 work?

The CVE-2020-36518 vulnerability is related to the way that the SolarWinds Orion Platform processes certain types of user input. Specifically, the vulnerability is related to the way that the software handles authentication requests. By exploiting this flaw, an attacker could potentially execute remote code on a victim’s system, allowing them to gain access to sensitive information or install other malware.

What can you do to protect your systems?

SolarWinds has released a security update to address the CVE-2020-36518 vulnerability, which should be installed as soon as possible. Additionally, it’s recommended that users of the SolarWinds Orion Platform follow standard security practices such as using strong passwords, enabling two-factor authentication, and monitoring their systems for any suspicious activity. It’s also important to stay informed about emerging threats and to take steps to secure your systems against potential attacks.

CVE-2020-36518 is a critical vulnerability in the SolarWinds Orion Platform that could have serious implications for cybersecurity. It’s crucial for organizations to stay informed about emerging threats and to take steps to protect their systems against potential attacks. By keeping their software up to date with the latest security patches, following standard security practices, and monitoring their systems for any suspicious activity, organizations can help safeguard their networks against potential threats.

Education, News

Uncovering ZDI-22-1021: A Critical Zero-Day Vulnerability in Google Chrome

Read Time:1 Minute, 43 Second

Zero-day vulnerabilities are a serious threat to cybersecurity, as they can be exploited by malicious actors to gain unauthorized access to systems. One such vulnerability is ZDI-22-1021, a critical zero-day vulnerability that affects Google Chrome. In this article, we’ll take a closer look at what this vulnerability is, how it works, and what you can do to protect yourself.

What is ZDI-22-1021?
ZDI-22-1021 is a zero-day vulnerability that was discovered by researchers from the Zero Day Initiative (ZDI). The vulnerability affects Google Chrome, one of the most popular web browsers in the world. ZDI-22-1021 is considered critical as it could allow attackers to execute arbitrary code on a victim’s system, potentially giving them access to sensitive information.

How does ZDI-22-1021 work?

The ZDI-22-1021 vulnerability is related to the way that Google Chrome handles certain types of user input. Specifically, the vulnerability is related to the way that the browser processes JavaScript code. By exploiting this flaw, an attacker can execute arbitrary code on a victim’s system, potentially giving them access to sensitive information or allowing them to install other malware.

What can you do to protect yourself? Google has released a security patch to address the ZDI-22-1021 vulnerability, which should be installed as soon as possible. Additionally, users should ensure that their browser is up to date with the latest version of Google Chrome, as older versions may not be eligible for security patches. It’s also recommended to follow standard security practices such as avoiding suspicious websites and downloads, using strong passwords, and enabling two-factor authentication.

Zero-day vulnerabilities like ZDI-22-1021 are a serious threat to cybersecurity, and it’s important to stay informed about emerging threats and take steps to protect yourself. By keeping your browser up to date with the latest security patches and following standard security practices, you can help safeguard your system from potential attacks. Remember to stay vigilant and report any suspicious activity to your IT department or security provider.

Education

Exploring ZDI-CAN-18802: A Critical Zero-Day Vulnerability in Microsoft Windows

Read Time:1 Minute, 49 Second

The discovery of zero-day vulnerabilities is a major concern for cybersecurity professionals, as they can be exploited by malicious actors to compromise systems without being detected. One such vulnerability is ZDI-CAN-18802, a critical zero-day vulnerability that affects Microsoft Windows. In this article, we’ll explore what this vulnerability is, how it works, and what you can do to protect your system.

What is ZDI-CAN-18802? ZDI-CAN-18802 is a zero-day vulnerability that was discovered by researchers from the Zero Day Initiative (ZDI). The vulnerability affects Microsoft Windows and is considered critical as it could allow attackers to remotely execute code on a victim’s system without their knowledge. The vulnerability is caused by a flaw in the Windows Task Scheduler, a component of the operating system that allows users to schedule tasks to be performed automatically.

How does ZDI-CAN-18802 work? The ZDI-CAN-18802 vulnerability is related to the way the Windows Task Scheduler loads various DLL files when a task is scheduled to run. By exploiting this flaw, an attacker can load a malicious DLL file that is designed to execute code on the victim’s system. Once the code is executed, the attacker can gain control over the system and potentially steal sensitive information or install other malware.

What can you do to protect your system? Microsoft has released a security patch to address the ZDI-CAN-18802 vulnerability, which should be installed as soon as possible. Additionally, users should ensure that their systems are running the latest version of Windows, as older versions may not be eligible for security patches. It’s also recommended to follow standard security practices such as avoiding suspicious emails and attachments, keeping antivirus software up to date, and running regular security scans on your system.


Zero-day vulnerabilities like ZDI-CAN-18802 are a major concern for cybersecurity professionals, as they can be exploited by malicious actors to gain unauthorized access to systems. It’s crucial to stay vigilant and keep your systems up to date with the latest security patches and updates. By following best practices and staying informed about emerging threats, you can help protect your system from potential attacks.

Education

Top 5 Most Dangerous CVEs of All Time: Learn from History’s Worst Cybersecurity Threats

Read Time:2 Minute, 24 Second

The Common Vulnerabilities and Exposures (CVE) system is used to identify and track publicly disclosed vulnerabilities and security exposures. Over the years, numerous CVEs have been identified, some of which have been more dangerous than others. In this article, we’ll take a look at some of the most dangerous CVEs ever identified that pose a real threat to your cybersecurity.

  1. Heartbleed (CVE-2014-0160): The Most Dangerous CVE Ever Identified Heartbleed is a security vulnerability in the OpenSSL cryptographic software library. It was discovered in 2014 and is considered one of the most dangerous CVEs ever identified. The vulnerability allowed attackers to steal sensitive information, including passwords and encryption keys, from websites that used OpenSSL. It affected millions of websites, including Yahoo, Airbnb, and the Canada Revenue Agency.
  2. Shellshock (CVE-2014-6271): Vulnerability in the Bash Shell Used by Many Unix-Based Systems Shellshock is a security vulnerability that was discovered in 2014 in the Bash shell used by many Unix-based systems. The vulnerability allowed attackers to execute arbitrary code on vulnerable systems, which could potentially give them complete control over the system. The vulnerability affected many Linux and Unix-based systems, including web servers and routers.
  3. WannaCry (CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148): Ransomware That Caused Significant Damage to Businesses WannaCry is a type of ransomware that was first identified in 2017. The malware spread rapidly and affected thousands of computers worldwide. It exploited a vulnerability in the Microsoft Windows operating system that allowed it to spread across networks without user interaction. The vulnerability was later patched by Microsoft, but not before WannaCry caused significant damage to businesses and organizations.
  4. Meltdown (CVE-2017-5754): A Security Vulnerability in Modern Microprocessors Meltdown is a security vulnerability that was discovered in 2017 in modern microprocessors. The vulnerability allowed attackers to access sensitive information, including passwords and encryption keys, from a system’s memory. It affected many popular processors, including those from Intel, AMD, and ARM.
  5. Spectre (CVE-2017-5753, CVE-2017-5715): A Difficult-to-Detect and Exploit Security Vulnerability Spectre is a security vulnerability that was discovered in 2017 in modern microprocessors. The vulnerability allowed attackers to access sensitive information, including passwords and encryption keys, from a system’s memory. It affected many popular processors, including those from Intel, AMD, and ARM. Spectre is considered one of the most dangerous CVEs ever identified, as it is difficult to detect and exploit.

The above CVEs are just a few of the most dangerous ever identified. While many vulnerabilities have been discovered and patched over the years, it’s important to remain vigilant and keep your systems up to date with the latest security patches and updates to protect against new and emerging threats. Be sure to watch out for these 5 most dangerous CVEs identified, and take necessary steps to secure your systems against them.

Education

Evaluating the Strengths and Weaknesses of PCI-DSS – Payment Card Industry Data Security Standard

Read Time:2 Minute, 7 Second

The Payment Card Industry Data Security Standard (PCI-DSS) is a widely recognized standard for the security of credit and debit card transactions. The standard is designed to ensure that merchants, payment processors, and other entities that handle payment card information maintain adequate security controls to protect sensitive cardholder data from theft or misuse. While PCI-DSS has proven to be an effective tool for enhancing payment card security, it’s not without its drawbacks. In this article, we’ll examine some of the key strengths and weaknesses of PCI-DSS.

Strengths of PCI-DSS
One of the major strengths of PCI-DSS is its comprehensive approach to security. The standard provides a clear set of requirements for protecting payment card information, covering everything from network security to physical security, access controls, and encryption. This holistic approach ensures that organizations implementing PCI-DSS have a solid foundation for securing payment card data.

Another strength of PCI-DSS is its broad applicability. The standard applies to all entities that accept payment card transactions, regardless of size or industry. This means that merchants, payment processors, and other entities of all sizes and types must adhere to the same security requirements, promoting a level playing field for payment security.

Weaknesses of PCI-DSS
One of the key weaknesses of PCI-DSS is that it is a compliance-driven standard, rather than a security-driven one. This means that some organizations may view compliance as the end goal, rather than using the standard as a tool to improve their overall security posture. Additionally, the standard is not updated frequently enough to keep pace with rapidly evolving security threats and attack methods.

Another potential weakness of PCI-DSS is the reliance on auditors. While the standard provides clear requirements for security controls, auditors are responsible for assessing compliance and making the final determination of whether an organization meets the standard. This can create potential conflicts of interest, as auditors are paid by the organizations they are auditing, which may impact their objectivity.

While the PCI-DSS has helped improve payment card security, there is always room for improvement. Organizations should strive to view PCI-DSS as a tool for improving their security posture, rather than simply checking off compliance requirements. Additionally, the PCI-DSS council should consider updating the standard more frequently to address emerging threats and improve the overall effectiveness of the standard. Finally, more transparent and independent oversight of the auditing process may help address potential conflicts of interest and enhance the reliability of PCI-DSS certifications.

Education

Boost Your Cybersecurity Skills with Free Online Courses: Learn from Experts on Threats, Protection, and Prevention

Read Time:2 Minute, 18 Second

In today’s digital age, there’s nothing more vital than protecting yourself and your sensitive information online. Cyber security is the key to safeguarding your digital life from a host of malicious online threats. The good news is that there are several free online courses that can help you acquire essential knowledge about cyber security. And, let me tell you, these courses are not your run-of-the-mill boring lectures. Instead, they offer a fun and exciting way to learn the basics of cyber security.

First on our list is Cybrary, a popular platform that offers an array of beginner to advanced-level cyber security courses, including “Introduction to IT and Cybersecurity,” “CompTIA Security+,” and “Ethical Hacking and Penetration Testing.” The courses are designed to take you on a thrilling journey through the world of cyber security and equip you with the necessary skills to protect your online life.

Next up is OpenSecurityTraining.info, a treasure trove of cyber security courses that are available in the form of video lectures and hands-on labs. Whether you’re a beginner or an advanced learner, you’ll find something to suit your needs on this platform. From cryptography to network security and malware analysis, OpenSecurityTraining.info offers a wide range of courses that will keep you engaged and excited about cyber security.

SANS Cyber Aces Online is another free online training program that focuses on the fundamentals of cyber security. The program comprises three courses that cover topics such as network security, operating systems, and systems administration. The program also includes hands-on labs that allow you to get practical experience and hone your skills.

FutureLearn is an online learning platform that offers free cyber security courses from top universities and institutions such as the University of Southampton and the Open University. The courses cover topics such as cyber security essentials, data security and privacy, and cyber security risk management. With FutureLearn, you’ll get a chance to learn from the best and stay updated on the latest cyber security trends.

Last but not least, edX is an online learning platform that offers free cyber security courses from prestigious universities such as Harvard, MIT, and UC Berkeley. The courses range from basic cyber security concepts to advanced topics such as cryptography and secure software design. With edX, you’ll have access to a vast library of courses that are designed to challenge and inspire you.

In conclusion, these free courses offer a fantastic opportunity to learn about cyber security and protect your online life. With engaging content and practical exercises, you’ll be well-equipped to safeguard your digital presence against any online threats. So, what are you waiting for? Sign up for one of these courses today and start your journey to becoming a cyber security expert!

Education

Vulnerabilities of the TLS Protocol

Read Time:2 Minute, 6 Second

Secure Socket Layer (SSL) and its successor, Transport Layer Security (TLS), are widely used protocols for secure online communication. They provide encryption and authentication between two applications over a network, ensuring the confidentiality and integrity of data transmitted between them.

However, SSL/TLS is not invulnerable, and over the years, several vulnerabilities have been discovered that can compromise the security of online transactions. One of the most significant vulnerabilities is the POODLE attack, discovered in 2014, which affects the older versions of SSL/TLS. This vulnerability allows an attacker to exploit the way SSL/TLS handles padding in the encryption process, enabling them to read encrypted information, including sensitive information such as passwords and credit card numbers.

Another vulnerability is the BEAST attack, which exploits a vulnerability in the way SSL/TLS handles block ciphers in older versions of the protocol. This attack allows an attacker to intercept and decrypt secure HTTPS cookies, potentially giving them access to sensitive data.

A third vulnerability is known as the DROWN attack, which can exploit weak encryption protocols such as SSLv2. The attack allows an attacker to read encrypted data transmitted over an SSL/TLS connection by exploiting a flaw in the SSLv2 protocol. Even though SSLv2 is now considered obsolete and no longer used, some older systems may still have it enabled, leaving them vulnerable to attack.

To ensure the maximum security of your online transactions, it’s essential to be aware of the potential vulnerabilities of SSL/TLS and to take necessary precautions. To start with, it’s recommended to use the latest version of TLS, which is currently TLS 1.3, and to disable support for older, insecure protocols like SSLv2 and SSLv3.

It’s also important to use strong encryption ciphers and to regularly test your TLS configuration for potential vulnerabilities. This can be done using tools like SSL Labs’ SSL Server Test, which can check the strength of your TLS configuration and identify any potential vulnerabilities.

Another crucial step is to regularly update your TLS certificates, which verify the identity of the server you’re communicating with and ensure that your data is not intercepted by an attacker. TLS certificates have an expiration date, so it’s essential to keep them up to date to ensure maximum security.

Finally, consider using other security measures like firewalls, antivirus software, and two-factor authentication to provide an additional layer of protection.

By taking these necessary precautions, you can significantly reduce the risk of SSL/TLS vulnerabilities and ensure the maximum security of your online transactions.