09-23

September 23, 2019

The Cyber WAR (Weekly Awareness Report) is an Open Source Intelligence AKA OSINT resource focusing on advancedpersistent threats and other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime categorydirected at both business and political targets. Attack vectors include system compromise, social engineering, and eventraditional espionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.

Summary

Symantec ThreatCon Low: Basic network posture

This condition applies when there is no discernible network incident activity and no maliciouscode activity with a moderate or severe risk rating. Under these conditions, only a routinesecurity posture, designed to defeat normal network threats, is warranted. Automated systemsand alerting mechanisms should be used.

Sophos: Last Malware* Troj/DocDrp-NO* Troj/DocDrp-NN* Troj/Agent-BCQJ* Troj/Nanoco-YP* Troj/HawkEye-YI* Troj/Xtbl-EI* Troj/DocPh-IO* Troj/Trickbo-SV* Troj/RTFDl-AKU* JS/Dwnldr-YVN

Last PUAs* XMRig Miner* T-Rex NVIDIA GPU Miner* LaZagne* IStartSurfInstaller* AirInstaller* 4Share Downloader* Obnovi Soft* DealPly Updater* ADEGrab* Neoreklami

Interesting News

* Threat landscape for smart buildingsWe decided to study the live threats to building-based automation systems and to see what malware their ownersencountered in the first six months of 2019.

* * The Cyber Intelligence Report has a brand new look and the 2019 Quarter 4 issue will be released the begining October. There are some great walkthroughs inside you shouldn't miss. We have an active Facebook group that discusses topicsranging from computer forensics to ethical hacking and more. Join the Cyber Secrets Facebook group here. If you wouldlike to receive the CIR updates by email, Subscribe at: CIR@informationwarfarecenter.com

Index of Sections

Current News

* Packet Storm Security

* Krebs on Security

* Dark Reading

* The Hacker News

* Security Week

* Infosecurity Magazine

* Naked Security

* Quick Heal - Security Simplified

* Threat Post

The Hacker Corner:

* Security Conferences

* Zone-H Latest Published Website Defacements

Tools & Techniques

* Packet Storm Security Latest Published Tools

* Kali Linux Tutorials

* GBHackers Analysis

Exploits and Proof of Concepts

* Packet Storm Security Latest Published Exploits

* Exploit Database Releases

Advisories

* US-Cert (Current Activity-Alerts-Bulletins)

* Symantec's Latest List

* Packet Storm Security's Latest List

Credits

Packet Storm Security

* How Google Changed The Secretive Market For The Most Dangerous Hacks In The World* 200K Sign Petition Against Equifax Data Breach Settlement* Facebook Suspends Tens Of Thousands Of Apps Over Privacy Issues* Forcepoint VPN For Windows Patches Privilege Escalation Vuln* New North Korean Malware Targeting ATMs Spotted In India* WeWork Unsecured WiFi Exposes Documents* Thinkful Confirms Breach* Payment Card Thieves Hack Click2Gov Bill Paying Portals In 8 Cities* Hotel Booking Sites Come Under Fire From Magecart* Advanced Hackers Are Infecting IT Providers To Get At Customers* Iowa Officials Claim Confusion Over Scope In Pen-Test Arrest* Smart TVs, Subscription Services Leak Data To Facebook, Google* Hotel Websites Infected With Skimmer Via Supply Chain Attack* Medical Records For 24.3 Million Left Exposed* New Algorithms Aim To Stamp Out Abuse On Twitter* Poor Protocol Design For IoT Devices Fueling DDoS* Novaestrat Exec Arrested After Ecuadorian Data Leak* Alleged JPMorgan Hacker Set To Plead Guilty* The Air Force Will Let Hackers Try To Hijack An Orbiting Satellite* Gootkit Crew Left Database Exposed Without A Password* Attackers Pose As Business Executives To Secure Security Certificates* Personal Data From Entire 16.6M Population Of Ecuador Leaked Online* Uber Confirms Account Takeover Vulnerability* iPhone iOS 13 Lockscreen Bypass Flaw Exposes Contacts* 198M Records Of Prospective Auto Buyers Leaked

Krebs on Security

* Before He Spammed You, this Sly Prince Stalked Your Mailbox* Man Who Hired Deadly Swatting Gets 15 Months* NY Payroll Company Vanishes With $35 Million* Patch Tuesday, September 2019 Edition* Secret Service Investigates Breach at U.S. Govt IT Contractor* 'Satori' IoT Botnet Operator Pleads Guilty* Spam In your Calendar? Here's What to Do.* Feds Allege Adconion Employees Hijacked IP Addresses for Spamming* Phishers are Angling for Your Cloud Providers* Ransomware Bites Dental Data Backup Firm

Dark Reading

* YouTube Creators Hit in Account Hijacking Campaign* How Network Logging Mitigates Legal Risk * Security 101* 'Playing Around' with Code Keeps Security, DevOps Skills Sharp * 7 Ways VPNs Can Turn from Ally to Threat* HP Purchases Security Startup Bromium* Ransomware Strikes 49 School Districts & Colleges in 2019* WeWork's Wi-Fi Exposed Files, Credentials, Emails* A Safer IoT Future Must Be a Joint Effort* Edge Feature Section* A Beginner's Guide to Microsegmentation* Lion Air the Latest to Get Tripped Up by Misconfigured AWS S3 * Metasploit Creator HD Moore's Latest Hack: IT Assets * California's IoT Security Law Causing Confusion* BSIMM10 Emphasizes DevOps' Role in Software Security* Security Pros Value Disclosure ... Sometimes* Deconstructing an iPhone Spearphishing Attack* Ping Identity Prices IPO at $15 per Share* Crowdsourced Security & the Gig Economy* The 20 Worst Metrics in Cybersecurity

The Hacker News

* Two Widely Used Ad Blocker Extensions for Chrome Caught in Ad Fraud Scheme* Update Google Chrome Browser to Patch New Critical Security Flaws* IT Firm Manager Arrested in the Biggest Data Breach Case of Ecuador's History* Smominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last Month* The Definitive RFP Templates for EDR/EPP and APT Protection* Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions* United States Sues Edward Snowden and You'd be Surprised to Know Why* Thousands of Google Calendars Possibly Leaking Private Information Online* 125 New Flaws Found in Routers and NAS Devices from Popular Brands* WhatsApp 'Delete for Everyone' Doesn't Delete Media Files Sent to iPhone Users* How Cloud-Based Automation Can Keep Business Operations Secure* US Sanctions 3 North Korean Hacking Groups Accused for Global Cyber Attacks* Yikes! iOS 13 Coming Next Week With iPhone LockScreen Bypass Bug* New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS* WebARX — A Defensive Core For Your Website

Security Week

* 0patch Promises Support for Windows 7 Beyond January 2020* Being CISO Is No Longer a Dead-End Job* Use Case-Centric Threat Intelligence Requires a Considered Approach* Wyoming Hospital's Services Disrupted by Ransomware* Flaw Gives Hackers Remote Access to Files Stored on D-Link DNS-320 Devices* Digital Threats Multiply Ahead of 2020 US Elections* Google Awards $40,000 for Chrome Sandbox Escape Vulnerabilities* Mac Malware Poses as Trading App* Alleged Hacker Faces 154 Charges in Football Leaks Case* Payouts From Insurance Policies May Fuel Ransomware Attacks* Iran Denies Successful Cyber Attacks on Oil Sector* Facebook Suspends 'Tens of Thousands' of Apps in Privacy Review* Eight U.S. Cities Impacted in New Series of Click2Gov Breaches* 200,000 Sign Petition Against Equifax Data Breach Settlement* Indonesia, Malaysia Probe Lion Air Customer Data Leak* Twitter Closes Thousands of Fake News Accounts Worldwide* Vulnerability Patched in Forcepoint VPN Client for Windows* France Has 'Not Changed Mind' on Rejecting Snowden Asylum* Two Indicted in $10 Million Tech Support Fraud Scheme* VMware Patches Six Vulnerabilities in Various Products

Infosecurity Magazine

* Twitter Culls 10,000 More State-Sponsored Accounts * Thinkful Resets Passwords After Data Breach Exposes Coders* Facebook Suspends Tens of Thousands of Apps* City of Los Angeles Teams Up with IBM to Fight Cybercrime* WeWork's WiFi Security Worryingly Weak * US Air Force Invites Bids for $95m Cybersecurity Contract * Republicans U-Turn to Back $250m Election Security Boost* Senior Execs Shun Cyber Risk as Concerns Grow* Duo Indicted in $10m Tech Support Scam Case* MITRE Names 2019's Most Dangerous Software Errors* Vacationers Hit by Skimming Attack * Study Reveals Most Expensive State for Cyber Insurance

Naked Security

* Google pulls more fake adblockers from Chrome Web Store* Investors accuse FedEx of lying, stock dumping after NotPetya attack* Could EarEcho change the way we authenticate our phones?* Two charged with tech-support scamming the elderly for $10m* WannaCry - and why it never went away* Monday review - the hot 22 stories of the week* Server-squashing zero-day published for phpMyAdmin tool* IBM's new 53-qubit quantum 'mainframe' is live in the cloud* Report: Use of AI surveillance is growing around the world* Facebook Libra rejected by France as "dangerous”

Quick Heal - Security Simplified

* Trivia! 5 things you never imagined could be hacked by cyber criminals* The Free Mobile Anti-virus you are using can be a Fake!* Teacher's Day Special - Things that teachers must know about their students to make them cyber safe* PowerShell: Living off the land!* Cybersquatting and Typosquatting victimizing innocent customers and brands* Phishers using custom 404 Not Found error page to steal Microsoft credentials* Alert! 27 apps found on Google Play Store that prompt you to install Fake Google Play Store* Alert! Income tax refund SMS - Newest way of conducting bank fraud by cyber criminals* Android based IoT devices with open ADB port inviting easy attacks by Crypto-miners* MegaCortex Returns…

Threat Post

* Google Assistant Audio Privacy Controls Updated After Outcry* 200K Sign Petition Against Equifax Data Breach Settlement* Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica* Forcepoint VPN Client is Vulnerable to Privilege Escalation Attacks* News Wrap: Emotet's Return, U.S. Vs. Snowden, Physical Pen Testers Arrested* Mattress Company Leaks Data Records of 387K Customers* Payment Card Breach Hits 8 Cities Using Vulnerable Bill Portal* Microsoft Silent Update Torpedoes Windows Defender* These Hacks Require Literally Sneaking in the Backdoor* Smart TVs, Subscription Services Leak Data to Facebook, Google

The Hacker Corner

Conferences

* Advertising Landing Page Copy/Form* Apply: FREE 6 Month InfoSec Speaking Plan* Apply: FREE 6 Month InfoSec Speaking Plan* How To Speak At DEF CON* Join Our LinkedIn Group* Upcoming Cybersecurity Conferences in the United States & Canada* Upcoming Cybersecurity Conferences in Europe* 29 Amazing TED Cybersecurity Talks (2008 - 2020)* 7 Proven Ideas for Your InfoSec Conference Delegate Acquisition Strategy* An Interview with Jack Daniel: Co-Founder of BSides!

Latest Website Defacements

* http://sec40.go.th/counter.txt* https://maketi.gov.to/007.html* http://sayoang.polmankab.go.id/vz.htm* http://paopao.polmankab.go.id/vz.htm* http://lapeo.polmankab.go.id/vz.htm* http://sambaliwali.polmankab.go.id/vz.htm* http://panyampa.polmankab.go.id/vz.htm* http://kesbangpol.polmankab.go.id/vz.htm* http://sidorejo.polmankab.go.id/vz.htm* http://ugibaru.polmankab.go.id/vz.htm* http://kenje.polmankab.go.id/vz.htm* http://sumberjo.polmankab.go.id/vz.htm* http://galunglombok.polmankab.go.id/vz.htm* http://petoosang.polmankab.go.id/vz.htm* http://alu.polmankab.go.id/vz.htm* http://saragian.polmankab.go.id/vz.htm* http://mombi.polmankab.go.id/vz.htm* http://bonnebonne.polmankab.go.id/vz.htm* http://anreapi.polmankab.go.id/vz.htm* http://kalumammang.polmankab.go.id/vz.htm

Tools & Techniques

Packet Storm Security Tools Links

* Wireshark Analyzer 3.0.5* Web-Based Firewall Logging Tool 1.1.2* TOR Virtual Network Tunneling Tool 0.4.1.6* Packet Fence 9.1.0* Wireshark Analyzer 3.0.4* OpenSSL Toolkit 1.1.1d* Wapiti Web Application Vulnerability Scanner 3.0.2* SQLMAP - Automatic SQL Injection Tool 1.3.9* SSLsplit 0.5.5* Bro Network Security Monitor 2.6.4

Kali Linux Tutorials

* Dr_Robot : Tool Used To Enumerate The Subdomains Associated With A Company* FudgeC2 : A Collaborative C2 Framework For Purple-Teaming Written In Python3, Powershell & .NET* Aura Botnet : A Super Portable Botnet Framework With A Django-Based C2 Server* Stardox : Github Stargazers Information Gathering Tool* Act Platform : Open Platform For Collection & Exchange Of Threat Intelligence Information* PrivExchange : Exchange Your Privileges For Domain Admin Privs By Abusing Exchange* PostShell - Post Exploitation Bind/Backconnect Shell* TinkererShell : A Simple Python Reverse Shell* DetExploit : OSS Vulnerability Scanner for Windows Platform* Stegify : Go Tool For LSB Steganography,Capable Of Hiding Any File Within An Image

GBHackers Analysis

* Top 7 Vulnerability Database Sources to Trace New Vulnerabilities* CWE Top 25 (2019) - List of Top 25 Most Dangerous Software Weakness that Developers Need to Focus* Vulnerability in Exim Mail Server Let Hackers Gain Root Access Remotely From 5 Million Email Servers* Twitter CEO Jack Dorsey Account Hacked using Sim Swapping Attack* A Critical Vulnerability in Tesla Model S Let Hackers Clone The Car Key Within 2 Seconds & Steal Car

Proof of Concept (PoC) & Exploits

Packet Storm Security

* Dokeos 1.8.6.1 / 1.8.6.3 Arbitrary File Upload* Palo Alto Networks Cross Site Request Forgery* Hisilicon HiIpcam V100R003 Remote ADSL Credential Disclosure* LayerBB 1.1.3 Cross Site Request Forgery* GOautodial 4.0 Cross Site Scripting* DIGIT CENTRIS 4 ERP SQL Injection* Western Digital My Book World II NAS 1.02.12 Hardcoded Credential* macOS 18.7.0 Kernel Local Privilege Escalation* Hospital-Management 1.26 SQL Injection* Oracle Mojarra JSF / Eclipse Mojarra JSF 2.2 / 2.3 Cross Site Scripting* Google Chrome Password Disclosure* Microsoft Windows Internet Settings Security Feature Bypass* V8 Map Migration Type Confusion* LastPass Credential Leak From Previous Site* Inteno IOPSYS Gateway 3DES Key Extraction Improper Access* docPrint Pro 8.0 SEH Buffer Overflow* AppXSvc 17763.1.amd64fre.rs5_release.180914-1434 Privilege Escalation* Master Data Online Cross Site Request Forgery / Data Tampering* Webmin 1.920 Remote Code Execution* College-Management-System 1.2 Authentication Bypass* Ticket-Booking 1.4 Authentication Bypass* Piwigo 2.9.5 Cross Site Request Forgery / Cross Site Scripting* phpMyAdmin 4.9.0.1 Cross Site Request Forgery* Dolibarr ERP-CRM 10.0.1 Cross Site Scripting* Folder Lock 7.7.9 Denial Of Service

Proof of Concept (PoC) & Exploits

Exploit Database

* [remote] HPE Intelligent Management Center * [webapps] Gila CMS * [remote] Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure* [webapps] LayerBB * [webapps] GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting* [webapps] DIGIT CENTRIS 4 ERP - 'datum1' SQL Injection* [local] macOS 18.7.0 Kernel - Local Privilege Escalation* [webapps] Western Digital My Book World II NAS 1.02.12 - Authentication Bypass / Command Execution* [webapps] Hospital-Management 1.26 - 'fname' SQL Injection* [webapps] CollegeManagementSystem-CMS 1.3 - 'batch' SQL Injection* [local] docPrint Pro 8.0 - SEH Buffer Overflow* [webapps] Symantec Advanced Secure Gateway (ASG) / ProxySG - Unrestricted File Upload* [remote] Inteno IOPSYS Gateway - Improper Access Restrictions* [local] AppXSvc - Privilege Escalation* [webapps] College-Management-System 1.2 - Authentication Bypass* [webapps] Ticket-Booking 1.4 - Authentication Bypass* [webapps] LimeSurvey 3.17.13 - Cross-Site Scripting* [webapps] phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery* [webapps] Dolibarr ERP-CRM 10.0.1 - 'User-Agent' Cross-Site Scripting* [dos] Folder Lock 7.7.9 - Denial of Service* [dos] Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF Fonts* [dos] Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF Fonts* [webapps] eWON Flexy - Authentication Bypass* [webapps] AVCON6 systems management platform - OGNL Remote Command Execution* [local] Windows 10 - UAC Protection Bypass Via Windows Store (WSReset.exe) and Registry (Metasploit)

AdvisoriesUS-Cert Alerts & bulletins

* AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability* AA19-122A: New Exploits for Unsecure SAP Systems* AA19-024A: DNS Infrastructure Hijacking Campaign* Vulnerability Summary for the Week of September 16, 2019* Vulnerability Summary for the Week of September 9, 2019* Vulnerability Summary for the Week of September 2, 2019

Symantec - Latest List

* Microsoft .NET Core CVE-2019-1301 Denial of Service Vulnerability* Microsoft Windows CVE-2019-1215 Local Privilege Escalation Vulnerability* Microsoft Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability* Microsoft SharePoint CVE-2019-1296 Remote Code Execution Vulnerability* Microsoft Team Foundation Server CVE-2019-1305 Cross Site Scripting Vulnerability* Microsoft Excel CVE-2019-1297 Remote Code Execution Vulnerability* Microsoft SharePoint CVE-2019-1295 Remote Code Execution Vulnerability* Microsoft Windows Secure Boot CVE-2019-1294 Local Security Bypass Vulnerability* Microsoft Windows LNK CVE-2019-1280 Remote Code Execution Vulnerability* Microsoft Winlogon CVE-2019-1268 Local Privilege Escalation Vulnerability* Microsoft Compatibility Appraiser CVE-2019-1267 Local Privilege Escalation Vulnerability* Microsoft Exchange Server CVE-2019-1266 Spoofing Vulnerability* Microsoft Yammer CVE-2019-1265 Security Bypass Vulnerability* Microsoft Office CVE-2019-1264 Security Bypass Vulnerability* Microsoft Excel CVE-2019-1263 Information Disclosure Vulnerability* Microsoft Office SharePoint CVE-2019-1262 Cross Site Scripting Vulnerability* Microsoft SharePoint CVE-2019-1261 Spoofing Vulnerability* Microsoft SharePoint CVE-2019-1260 Remote Privilege Escalation Vulnerability* Microsoft SharePoint CVE-2019-1259 Spoofing Vulnerability* Microsoft SharePoint CVE-2019-1257 Remote Code Execution Vulnerability* Microsoft Windows Text Service Framework CVE-2019-1235 Local Privilege Escalation Vulnerability* Microsoft Exchange CVE-2019-1233 Remote Denial of Service Vulnerability* Microsoft Windows Diagnostics Hub CVE-2019-1232 Local Privilege Escalation Vulnerability* Microsoft Rome SDK CVE-2019-1231 Information Disclosure Vulnerability* Microsoft ASP.NET Core CVE-2019-1302 Remote Privilege Escalation Vulnerability* Microsoft Lync CVE-2019-1209 Information Disclosure Vulnerability

AdvisoriesPacket Storm Security - Latest List

Red Hat Security Advisory 2019-2809-01Red Hat Security Advisory 2019-2809-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issuesaddressed include null pointer and use-after-free vulnerabilities.Red Hat Security Advisory 2019-2781-01Red Hat Security Advisory 2019-2781-01 - Red Hat Satellite is a system management solution that allowsorganizations to configure and maintain their systems without the necessity to provide public Internet access totheir servers or other client systems. It performs provisioning and configuration management of predefinedstandard operating environments. A TLS man-in-the-middle vulnerability has been addressed.Red Hat Security Advisory 2019-2782-01Red Hat Security Advisory 2019-2782-01 - Red Hat Satellite is a system management solution that allowsorganizations to configure and maintain their systems without the necessity to provide public Internet access totheir servers or other client systems. It performs provisioning and configuration management of predefinedstandard operating environments. A TLS man-in-the-middle vulnerability has been addressed.Red Hat Security Advisory 2019-2837-01Red Hat Security Advisory 2019-2837-01 - The kernel packages contain the Linux kernel, the core of any Linuxoperating system. Issues addressed include denial of service and null pointer vulnerabilities.Red Hat Security Advisory 2019-2789-01Red Hat Security Advisory 2019-2789-01 - Jenkins is a continuous integration server that monitors executionsof repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a cross siterequest forgery vulnerability.Red Hat Security Advisory 2019-2836-01Red Hat Security Advisory 2019-2836-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems,written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either themaildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issuesaddressed include an out of bounds write vulnerability.Debian Security Advisory 4526-1Debian Linux Security Advisory 4526-1 - It was discovered that OpenDMARC, a milter implementation ofDMARC, is prone to a signature-bypass vulnerability with multiple From: addresses.Debian Security Advisory 4527-1Debian Linux Security Advisory 4527-1 - Multiple security issues were found in PHP, a widely-used opensource extension and the iconv_mime_decode_headers() function could result in information disclosure ordenial of service.Debian Security Advisory 4528-1Debian Linux Security Advisory 4528-1 - Daniel McCarney discovered that the BIRD internet routing daemonincorrectly validated RFC 8203 messages in it's BGP daemon, resulting in a stack buffer overflow.Red Hat Security Advisory 2019-2829-01Red Hat Security Advisory 2019-2829-01 - The kernel packages contain the Linux kernel, the core of any Linux

operating system. Issues addressed include a buffer overflow vulnerability.Red Hat Security Advisory 2019-2830-01Red Hat Security Advisory 2019-2830-01 - The kernel-rt packages provide the Real Time Linux Kernel, whichenables fine-tuning for systems with extremely high determinism requirements. Issues addressed include abuffer overflow vulnerability.Red Hat Security Advisory 2019-2827-01Red Hat Security Advisory 2019-2827-01 - The kernel packages contain the Linux kernel, the core of any Linuxoperating system. Issues addressed include a buffer overflow vulnerability.Red Hat Security Advisory 2019-2828-01Red Hat Security Advisory 2019-2828-01 - The kernel-rt packages provide the Real Time Linux Kernel, whichenables fine-tuning for systems with extremely high determinism requirements. Issues addressed include abuffer overflow vulnerability.Red Hat Security Advisory 2019-2822-01Red Hat Security Advisory 2019-2822-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems,written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either themaildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issuesaddressed include an out of bounds write vulnerability.VMware Security Advisory 2019-0013VMware Security Advisory 2019-0013 - VMware ESXi and vCenter Server updates address command injectionand information disclosure vulnerabilities.VMware Security Advisory 2019-0014VMware Security Advisory 2019-0014 - VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updatesaddress use-after-free and denial of service vulnerabilities.Red Hat Security Advisory 2019-2799-01Red Hat Security Advisory 2019-2799-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP,POP3 and IMAP protocols, with a focus on high concurrency, performance and low memory usage. Issuesaddressed include a denial of service vulnerability.Debian Security Advisory 4525-1Debian Linux Security Advisory 4525-1 - Simon McVittie reported a flaw in ibus, the Intelligent Input Bus. Dueto a misconfiguration during the setup of the DBus, any unprivileged user could monitor and send method callsto the ibus bus of another user, if able to discover the UNIX socket used by another user connected on agraphical environment. The attacker can take advantage of this flaw to intercept keystrokes of the victim user ormodify input related configurations through DBus method calls.Red Hat Security Advisory 2019-2807-01Red Hat Security Advisory 2019-2807-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Thisupdate upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting anduse-after-free vulnerabilities.Red Hat Security Advisory 2019-2805-01Red Hat Security Advisory 2019-2805-01 - The systemd packages contain systemd, a system and servicemanager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelismcapabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, andkeeps track of processes using Linux cgroups. An insufficient input validation issue was addressed.Red Hat Security Advisory 2019-2806-01Red Hat Security Advisory 2019-2806-01 - Ruby is an extensible, interpreted, object-oriented, scriptinglanguage. It has features to process text files and to perform system management tasks. Issues addressedinclude a code execution vulnerability.Red Hat Security Advisory 2019-2808-01Red Hat Security Advisory 2019-2808-01 - The kernel packages contain the Linux kernel, the core of any Linuxoperating system. A page cache side channel attack issue was addressed.

Red Hat Security Advisory 2019-2798-01Red Hat Security Advisory 2019-2798-01 - The patch program applies diff files to originals. The diff commandis used to compare an original to a changed file. Diff lists the changes made to the file. A person who has theoriginal file can then use the patch command with the diff file to add the changes to their original file. Issuesaddressed include a code execution vulnerability.Red Hat Security Advisory 2019-2773-01Red Hat Security Advisory 2019-2773-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Thisupdate upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting anduse-after-free vulnerabilities.

https://www.informationwarfarecenter.com