IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 225222.
Daily Archives: October 23, 2023
Cybersecurity as a Service: A new, flexible model for security program development and operation
Cybersecurity services are changing, especially cybersecurity consulting. Vendors are quickly adapting service delivery models as they look to better support digital-first business and security leaders are tasked with driving business innovation and growth by going faster, being more agile, and doing more with fewer people. New models like “Cybersecurity as a Service” are emerging, aimed at addressing such challenges.
Watch this brand new video short and learn how it all works from AT&T Cybersecurity consultant, Bindu Sundaresan. Dave Gruber of Enterprise Strategy Group (ESG) interviews Bindu in this video to break it down:
USN-6441-2: Linux kernel (GCP) vulnerabilities
Ross Lagerwall discovered that the Xen netback backend driver in the Linux
kernel did not properly handle certain unusual packets from a
paravirtualized network frontend, leading to a buffer overflow. An attacker
in a guest VM could use this to cause a denial of service (host system
crash) or possibly execute arbitrary code. (CVE-2023-34319)
Kyle Zeng discovered that the networking stack implementation in the Linux
kernel did not properly validate skb object size in certain conditions. An
attacker could use this cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-42752)
Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did
not properly calculate array offsets, leading to a out-of-bounds write
vulnerability. A local user could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-42753)
Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP)
classifier implementation in the Linux kernel contained an out-of-bounds
read vulnerability. A local attacker could use this to cause a denial of
service (system crash). Please note that kernel packet classifier support
for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755)
Kyle Zeng discovered that the netfilter subsystem in the Linux kernel
contained a race condition in IP set operations in certain situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-42756)
Bing-Jhong Billy Jheng discovered that the Unix domain socket
implementation in the Linux kernel contained a race condition in certain
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-4622)
Budimir Markovic discovered that the qdisc implementation in the Linux
kernel did not properly validate inner classes, leading to a use-after-free
vulnerability. A local user could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-4623)
Alex Birnberg discovered that the netfilter subsystem in the Linux kernel
did not properly validate register length, leading to an out-of- bounds
write vulnerability. A local attacker could possibly use this to cause a
denial of service (system crash). (CVE-2023-4881)
It was discovered that the Quick Fair Queueing scheduler implementation in
the Linux kernel did not properly handle network packets in certain
conditions, leading to a use after free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-4921)
USN-6439-2: Linux kernel (AWS) vulnerabilities
It was discovered that the IPv6 implementation in the Linux kernel
contained a high rate of hash collisions in connection lookup table. A
remote attacker could use this to cause a denial of service (excessive CPU
consumption). (CVE-2023-1206)
Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in
the Linux kernel contained a race condition, leading to a null pointer
dereference vulnerability. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-31083)
Ross Lagerwall discovered that the Xen netback backend driver in the Linux
kernel did not properly handle certain unusual packets from a
paravirtualized network frontend, leading to a buffer overflow. An attacker
in a guest VM could use this to cause a denial of service (host system
crash) or possibly execute arbitrary code. (CVE-2023-34319)
Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the
Linux kernel contained a null pointer dereference vulnerability in some
situations. A local privileged attacker could use this to cause a denial of
service (system crash). (CVE-2023-3772)
Kyle Zeng discovered that the networking stack implementation in the Linux
kernel did not properly validate skb object size in certain conditions. An
attacker could use this cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-42752)
Kyle Zeng discovered that the netfiler subsystem in the Linux kernel did
not properly calculate array offsets, leading to a out-of-bounds write
vulnerability. A local user could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-42753)
Kyle Zeng discovered that the IPv4 Resource Reservation Protocol (RSVP)
classifier implementation in the Linux kernel contained an out-of-bounds
read vulnerability. A local attacker could use this to cause a denial of
service (system crash). Please note that kernel packet classifier support
for RSVP has been removed to resolve this vulnerability. (CVE-2023-42755)
Bing-Jhong Billy Jheng discovered that the Unix domain socket
implementation in the Linux kernel contained a race condition in certain
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-4622)
Budimir Markovic discovered that the qdisc implementation in the Linux
kernel did not properly validate inner classes, leading to a use-after-free
vulnerability. A local user could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-4623)
Alex Birnberg discovered that the netfilter subsystem in the Linux kernel
did not properly validate register length, leading to an out-of- bounds
write vulnerability. A local attacker could possibly use this to cause a
denial of service (system crash). (CVE-2023-4881)
It was discovered that the Quick Fair Queueing scheduler implementation in
the Linux kernel did not properly handle network packets in certain
conditions, leading to a use after free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-4921)
USN-6408-2: libXpm vulnerabilities
USN-6408-1 fixed several vulnerabilities in libXpm. This update provides
the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
Yair Mizrahi discovered that libXpm incorrectly handled certain malformed
XPM image files. If a user were tricked into opening a specially crafted
XPM image file, a remote attacker could possibly use this issue to consume
memory, leading to a denial of service. (CVE-2023-43786)
Yair Mizrahi discovered that libXpm incorrectly handled certain malformed
XPM image files. If a user were tricked into opening a specially crafted
XPM image file, a remote attacker could use this issue to cause libXpm to
crash, leading to a denial of service, or possibly execute arbitrary code.
(CVE-2023-43787)
Alan Coopersmith discovered that libXpm incorrectly handled certain
malformed XPM image files. If a user were tricked into opening a specially
crafted XPM image file, a remote attacker could possibly use this issue to
cause libXpm to crash, leading to a denial of service. (CVE-2023-43788,
CVE-2023-43789)
Digital Strategies to Safeguard Your Child from Upsetting and Violent Content Online
Amidst the recent heartbreaking events in the Middle East, parents now face the challenge of protecting children from the overwhelming amount of violent and disturbing content so easily accessible to children online.
Reports of unimaginable acts, including graphic photos and videos, have emerged on popular social networks, leading child advocates to call for heightened monitoring and, in some cases, the removal of these apps from children’s devices. According to a recent investigation by The Institute for Strategic Dialogue, the team adopted the personas of 13-year-olds to establish accounts on Instagram, TikTok, and Snapchat. During a 48-hour period spanning from October 14 to 16, the researchers unearthed over 300 problematic posts. Surprisingly, a significant majority of these problematic posts, approximately 78%, were discovered on Instagram, with Snapchat hosting about 5% of them.
In today’s digital age, the consensus is clear: keeping older children informed about global events is important. However, given the abundance of real-time, violent content, the urgency to protect them from distressing material that could harm their mental well-being has become even more imperative.
In such times, there isn’t a one-size-fits-all strategy, but we can provide valuable tips to help you monitor and minimize your child’s exposure to violent content.
10 Ways to Limit Your Family’s Exposure to Online Violence
Safeguard Screen Time: It’s natural if you are anxious about your child’s exposure to online content right now. Listen to that inner voice and be proactive with all screen time including television. A practical approach is to limit device access. For younger children, consider using a family device instead of a personal one to manage screen time more effectively. Know where the remote is and explain why you are making changes.
Get Serious about Parental Controls: Technology can be your ally during times of global crisis. Parental control features enable you to not only block inappropriate content but also regulate screen time. Consider apps that have built-in parental controls that can be customized to the age of your child and give you the added protection and peace of mind needed right now.
Talk Openly and Honestly. Don’t be shy about engaging your child in open and honest conversations about what’s going on in the world right now. Chances are, they’re already getting the information anyway, or absorbing the stress anyway. Depending on age, explain the basics of the conflict and why it’s dominating the news and online conversations. Encourage your children to ask questions and share their thoughts and concerns.
Monitor Their Digital Circles: Keep a watchful eye on your child’s online activities, especially during sensitive times when it’s unclear what kind of content they may see online. This includes online gaming platforms and messaging apps. Installing parental control software is important but so is listening to what and how your child (and his or her peers) posts, comments on, and shares.
Zero in on Media Literacy: Propaganda and misinformation is rampant, especially in connection with a geopolitical conflict. Teach your children the art of critical thinking and challenge them to level up their media literacy. Help them discern the difference between reliable sources and disinformation campaigns. Teach them to how to question the information and opinions they encounter online.
6. Implement a Digital Detox: During periods of particularly distressing news coverage, urge your child to take breaks from the news and model that decision as well. Engage with them in alternative activities and hobbies that foster relaxation and well-being, balancing their online exposure.
Family News Time: If age-appropriate, make watching the news a family affair. This practice allows you to explain and discuss what’s happening and address any questions or concerns your child may have in real-time.
Empathy and Compassion: Foster discussions about the importance of empathy and compassion for those suffering due to conflicts. Encourage your child to engage in activities that promote understanding and kindness.
Review Reporting Channels: If your child is online be sure they know how to report disturbing or inappropriate content on their favorite apps, games, or social sites. Most platforms have mechanisms for flagging or reporting such content, which empowers children to be active participants in online safety.
Seek Professional Support if Needed: What’s happening in the world is distressing and can ignite confusion, fear, and anxiety in a child. Every child is unique so if you notice signs of distress, anxiety, or trauma due to exposure to violent online content, don’t hesitate to seek professional help from a therapist or counselor. Their expertise can be invaluable in times of need.
To wrap up, don’t lose sight of mental and physical well-being by implementing the strategies mentioned here. By setting a strong example of a balanced digital life and open communication about real-life crises, your children will naturally pick up on how to navigate the online world. Your actions speak volumes, and they will follow your lead.
The post Digital Strategies to Safeguard Your Child from Upsetting and Violent Content Online appeared first on McAfee Blog.
New Grandoreiro Malware Variant Targets Spain
USN-6403-2: libvpx vulnerabilities
USN-6403-1 fixed several vulnerabilities in libvpx. This update provides
the corresponding update for Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that libvpx did not properly handle certain malformed
media files. If an application using libvpx opened a specially crafted
file, a remote attacker could cause a denial of service, or possibly
execute arbitrary code.
QuasarRAT Deploys Advanced DLL Side-Loading Technique
Uptycs researchers said the technique exploits Microsoft files to execute malicious commands
USN-6199-2: PHP vulnerability
USN-6199-1 fixed a vulnerability in PHP. This update provides the
corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that PHP incorrectly handled certain Digest
authentication for SOAP. An attacker could possibly use this issue
to expose sensitive information.