Read Time:9 Second
FEDORA-2022-a66124e04f
Packages in this update:
php-openpsa-universalfeedcreator-1.8.4.1-1.fc36
Update description:
Update to v1.8.4.1
Security fix for CVE-2022-28919
Category Archives: Advisories
Destructive Onyx ransomware in the wild
Read Time:2 Minute, 18 Second
FortiGuard Labs is aware that a new ransomware “Onyx” is in the wild. The ransomware was first discovered in late April, 2022. The malware appears to be based on Chaos ransomware and overwrites files bigger than 2MB, making file recovery very difficult. What is this Significant?This is significant because the threat actor opted to have Onyx ransomware overwrite files bigger than 2MB on the compromised machine rather than encrypting them. Although the threat actor promises to decrypt the affected files after ransom payment is made, recovery of the overwritten files will be difficult.What does Onyx Ransomware do?The ransomware overwrites files bigger than 2MB on the compromised machine, encrypts files smaller than 2MB, and adds file extension “.ampkcz” to them. It also collects sensitive information such as credentials from the affected machine. It then displays the following ransom message and demands ransom from the victim in order to recover the affected files:”All of your files are currently encrypted by ONYX strain.As you already know, all of your data has been encrypted by our software.It cannot be recovered by any means without contacting our team directly.DON’T TRY TO RECOVER your data by yourselves. Any attempt to recover your data (including the usage of the additional recovery software) can damage your files. However,if you want to try – we recommend choosing the data of the lowest value.DON’T TRY TO IGNORE us. We’ve downloaded a pack of your internal data and are ready to publish it on our news website if you do not respond.So it will be better for both sides if you contact us as soon as possible.DON’T TRY TO CONTACT feds or any recovery companies.We have our informants in these structures, so any of your complaints will be immediately directed to us.So if you will hire any recovery company for negotiations or send requests to the FBI, we will consider this as a hostile intent and initiate the publication of whole compromised data immediately.To prove that we REALLY CAN get your data back – we offer you to decrypt two random files completely free of charge.You can contact our team directly for further instructions through our website :TOR VERSION :(you should download and install TOR browser first https://torproject.org)http://[Removed}].onionLogin: [Removed]Password: [Removed]YOU SHOULD BE AWARE!We will speak only with an authorized person. It can be the CEO, top management, etc.In case you are not such a person – DON’T CONTACT US! Your decisions and action can result in serious harm to your company!Inform your supervisors and stay calm!”What is the Status of Coverage?FortiGuard Labs provides the following AV detection for known Onyx ransomware samples:MSIL/Filecoder.F9C3!tr.ransom
dotnet6.0-6.0.105-1.fc36
Read Time:16 Second
FEDORA-2022-9a1d5ea33c
Packages in this update:
dotnet6.0-6.0.105-1.fc36
Update description:
Update to .NET SDK 6.0.105 and Runtime 6.0.5
This is the May 2022 update for .NET 6. It includes fixes for multiple CVEs, including CVE-2022-29117, CVE-2022-29145 and CVE-2022-23267.
dotnet6.0-6.0.105-1.fc35
Read Time:16 Second
FEDORA-2022-d69fee9f38
Packages in this update:
dotnet6.0-6.0.105-1.fc35
Update description:
Update to .NET SDK 6.0.105 and Runtime 6.0.5
This is the May 2022 update for .NET 6. It includes fixes for multiple CVEs, including CVE-2022-29117, CVE-2022-29145 and CVE-2022-23267.
dotnet6.0-6.0.105-1.fc34
Read Time:16 Second
FEDORA-2022-256d559f0c
Packages in this update:
dotnet6.0-6.0.105-1.fc34
Update description:
Update to .NET SDK 6.0.105 and Runtime 6.0.5
This is the May 2022 update for .NET 6. It includes fixes for multiple CVEs, including CVE-2022-29117, CVE-2022-29145 and CVE-2022-23267.
CVE-2020-22985
Read Time:9 Second
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task.
CVE-2020-22986
Read Time:9 Second
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task.
CVE-2020-22987
Read Time:9 Second
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the fileToUpload parameter to the uploadFile task.
CVE-2020-22984
Read Time:9 Second
Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task.
yubihsm-connector-3.0.2-2.el8
Read Time:7 Second
FEDORA-EPEL-2022-a951f07499
Packages in this update:
yubihsm-connector-3.0.2-2.el8
Update description:
Rebuild for CVE-2022-24675 (#2084697)