Category Archives: Advisories

Advisories

Brain Cipher Ransomware Attack

Read Time:51 Second

What is the attack?A significant ransomware attack has struck Pusat Data Nasional (PDN), one of Indonesia’s government-owned national data centers. This incident involved threat actors encrypting government data, which disrupted digital services for immigration, airport checks, and several public services. This ransomware attack represents a new variant of the LockBit 3.0 ransomware. In 2023, the LockBit hacker group also severely disrupted the Bank Syariah Indonesia (BSI) systems.What is the recommended Mitigation?Ensure that all systems are up to date with robust cybersecurity measures. Also, maintain general awareness and training about the risk of phishing and social engineering attacks in the organization. What FortiGuard Coverage is available?FortiGuard Labs has AV signatures to block all the known malware variants used by the Ransomware group.Behavior-based detection through FortiSandbox and FortiEDR detects new and unknown ransomware malware samples.All the known IoCs related to the campaign are blocked via Web filtering service. These IOCs are available for threat hunting through FortiAnalyzer, FortiSIEM, and FortiSOAR.

Read More

Advisories

USN-6851-2: Netplan regression

Read Time:30 Second

USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of
a regression in netplan which caused systemctl enable to fail on systems where
systemd is not running. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Andreas Hasenack discovered that netplan incorrectly handled the permissions
for netdev files containing wireguard configuration. An attacker could use
this to obtain wireguard secret keys.

It was discovered that netplan configuration could be manipulated into injecting
arbitrary commands while setting up network interfaces. An attacker could
use this to execute arbitrary commands or escalate privileges.

Read More

Advisories

USN-6844-2: CUPS regression

Read Time:27 Second

USN-6844-1 fixed vulnerabilities in the CUPS package. The update
lead to the discovery of a regression in CUPS with regards to
how the cupsd daemon handles Listen configuration directive.
This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:
Rory McNamara discovered that when starting the cupsd server with a
Listen configuration item, the cupsd process fails to validate if
bind call passed. An attacker could possibly trick cupsd to perform
an arbitrary chmod of the provided argument, providing world-writable
access to the target.

Read More

Advisories

USN-6855-1: libcdio vulnerability

Read Time:11 Second

Mansour Gashasbi discovered that libcdio incorrectly handled certain
memory operations when parsing an ISO file, leading to a buffer overflow
vulnerability. An attacker could use this to cause a denial of service
or possibly execute arbitrary code.

Read More

Advisories

USN-5615-3: SQLite vulnerability

Read Time:44 Second

USN-5615-1 fixed several vulnerabilities in SQLite. This update provides
the corresponding fix for CVE-2020-35525 for Ubuntu 14.04 LTS.

Original advisory details:

It was discovered that SQLite incorrectly handled INTERSEC query
processing. An attacker could use this issue to cause SQLite to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2020-35525)

It was discovered that SQLite incorrectly handled ALTER TABLE for views
that have a nested FROM clause. An attacker could use this issue to cause
SQLite to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue was only addressed in Ubuntu 20.04 LTS.
(CVE-2020-35527)

It was discovered that SQLite incorrectly handled embedded null characters
when tokenizing certain unicode strings. This issue could result in
incorrect results. This issue only affected Ubuntu 20.04 LTS.
(CVE-2021-20223)

Read More