10-14

October 14, 2019

The Cyber WAR (Weekly Awareness Report) is an Open Source Intelligence AKA OSINT resource focusing on advancedpersistent threats and other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime categorydirected at both business and political targets. Attack vectors include system compromise, social engineering, and eventraditional espionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.

Summary

Symantec ThreatCon Low: Basic network posture

This condition applies when there is no discernible network incident activity and no maliciouscode activity with a moderate or severe risk rating. Under these conditions, only a routinesecurity posture, designed to defeat normal network threats, is warranted. Automated systemsand alerting mechanisms should be used.

Sophos: Last Malware* Troj/Steale-K* Troj/DocDl-VSJ* Troj/Zbot-NRW* Troj/Tesla-F* Troj/RTFDl-ANO* Troj/RTFDl-ANN* Troj/DNetInj-KF* Troj/Fareit-IPQ* Troj/Wanna-AL* Troj/Keylog-YG

Last PUAs* AirInstaller* XMRig Miner* Mughthesec* Cryptocoin miner* DynamicWrapperX* Genieo* Download Assistant* IStartSurfInstaller* SurfBuyer* Bundlore

Interesting News

* Managed Detection and Response analytics report, H1 2019This report contains the results of the Managed Detection and Response (MDR) service. The MDR service providesmanaged threat hunting and initial incident response.

* * The Cyber Intelligence Report has a brand new look and the 2019 Quarter 4 issue will be released the begining October. There are some great walkthroughs inside you shouldn't miss. We have an active Facebook group that discusses topicsranging from computer forensics to ethical hacking and more. Join the Cyber Secrets Facebook group here. If you wouldlike to receive the CIR updates by email, Subscribe at: CIR@informationwarfarecenter.com

Index of Sections

Current News

* Packet Storm Security

* Krebs on Security

* Dark Reading

* The Hacker News

* Security Week

* Infosecurity Magazine

* Naked Security

* Quick Heal - Security Simplified

* Threat Post

The Hacker Corner:

* Security Conferences

* Zone-H Latest Published Website Defacements

Tools & Techniques

* Packet Storm Security Latest Published Tools

* Kali Linux Tutorials

* GBHackers Analysis

Exploits and Proof of Concepts

* Packet Storm Security Latest Published Exploits

* Exploit Database Releases

Advisories

* US-Cert (Current Activity-Alerts-Bulletins)

* Symantec's Latest List

* Packet Storm Security's Latest List

Credits

Packet Storm Security

* These Are The 29 Countries Vulnerable To SIM Jacker Attacks* China's Study The Great Nation App Enables Spying Via Back Door* Vulnerability Found And Fixed In HP Bloatware* Hammond Held In Contempt For Refusing To Answer Questions* Feds Arrest International ATM Skimmer Ring* Planes, Gate, And Bags: How Hackers Can Hijack Your Local Airport* Teenagers Arrested Over Hacks To Met Police Website* Sophisticated Spy Kit Targets Russians With Rare GSM Plugin* Apple Drops Hong Kong Police Tracking App Used By Protesters* Forum Cracks The Vintage Passwords Of Ken Thompson And Other Unix Pioneers* Ransomware Gang Uses iTunes Zero-Day* Human Rights Activist Allegedly Targeted With NSO Malware* Court Finds FBI Use Of NSA Database Violated Americans' 4th Amendment Rights* Cookie Monster Eats Data From Sesame Street Store* iOS 13 Tells You When Apps Are Secretly Tracking You* Twitter Sold User Security Information To Advertisers* Trump's Syria Move Blindsides National Security Leaders* D-Link Gear Open To Remote Takeover Will Remain Unpatched* APT Groups Exploiting Flaws In Unpatched VPNs* US Negotiates Sharing Electronic Evidence Internationally* 90 Former National Security Officials Praise Whistleblower* Whitehat Hacks Muhstik Ransomware Gang And Release Keys* Copycat Coders Create Vulnerable Apps* FBI Warns About Attacks That Bypass Multi Factor Authentication* VoIP Espionage Campaign Hits U.S. Utilities Supplier

Krebs on Security

* Patch Tuesday Lowdown, October 2019 Edition* Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany* German Cops Raid "Cyberbunker 2.0," Arrest 7 in Child Porn, Dark Web Market Sting* MyPayrollHR CEO Arrested, Admits to $70M Fraud* Interview With the Guy Who Tried to Frame Me for Heroin Possession* Before He Spammed You, this Sly Prince Stalked Your Mailbox* Man Who Hired Deadly Swatting Gets 15 Months* NY Payroll Company Vanishes With $35 Million* Patch Tuesday, September 2019 Edition* Secret Service Investigates Breach at U.S. Govt IT Contractor

Dark Reading

* Sophos for Sale: Thoma Bravo Offers $3.9B* Cyber Theft, Humint Helped China Cut Corners on Passenger Jet* Pitney Bowes Hit by Ransomware* Tamper Protection Arrives for Microsoft Defender ATP* When Using Cloud, Paranoia Can Pay Off* The Connected Cybercrime Ecosystem & the Impact of the Capital One Breach* Can I Get More Mileage From My Existing Security Tools?* Click2Mail Suffers Data Breach* 7 SMB Security Tips That Will Keep Your Company Safe * FBI: Phishing Can Defeat Two-Factor Authentication* A Murderers' Row of Poisoning Attacks* Creative Wi-Fi Passwords* Build Your Cybersecurity Toolkit at Black Hat Europe in December* Close the Gap Between Cyber-Risk and Business Risk * Edge Feature Section* Of Interest* iTunes Zero-Day Exploited to Deliver BitPaymer* AppSec 'Spaghetti on the Wall' Tool Strategy Undermining Security* Imperva Details Response to Customer Database Exposure* Akamai Snaps Up ChameleonX to Tackle Magecart

The Hacker News

* Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted* Apple Under Fire Over Sending Some Users Browsing Data to China's Tencent* SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks* UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked* Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks* New Comic Videos Take CISO/Security Vendor Relationship to the Extreme* 7-Year-Old Critical RCE Flaw Found in Popular iTerm2 macOS Terminal App* Breaches are now commonplace, but Reason Cybersecurity lets users guard their privacy* You Gave Your Phone Number to Twitter for Security and Twitter Used it for Ads* Microsoft Releases October 2019 Patch Tuesday Updates* vBulletin Releases Patch Update for New RCE and SQLi Vulnerabilities* Adobe Suspends Accounts for All Venezuela Users Citing U.S. Sanctions* Signal Messenger Bug Lets Callers Auto-Connect Calls Without Receivers' Interaction* New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild* Just a GIF Image Could Have Hacked Your Android Phone Using WhatsApp

Security Week

* Mozilla Hardens Firefox Against Injection Attacks* California Attorney General Outlines How State Will Enforce Upcoming Privacy Law* Critical Flaw in Sophos Cyberoam Appliances Allows Remote Code Execution* Why All Security Disciplines Should Use the Intelligence Cycle* Alleged Hacker Arraigned on $1.4 Million Cryptocurrency Fraud Charges* Majority of Simjacker Attacks Aimed at Mobile Phones in Mexico* Thoma Bravo to Acquire Sophos for $3.9 Billion* Compromised AWS API Key Allowed Access to Imperva Customer Data* Amazon Calls for Government Regulation of Facial Recognition Tech* 'Attor' Cyber-Espionage Platform Used in Attacks Aimed at Russia* Google Patches 8 Vulnerabilities in Chrome 77* Hospitals Resume Accepting Patients After Malware Attack* NIST and Microsoft Partner to Improve Enterprise Patching Strategies* New Blockchain Solution for IIoT Aims to Solve Scaling Problem* Magecart Attack on eCommerce Platform Hits Thousands of Online Shops* Flaw in HP Touchpoint Analytics Could Impact Many PCs* iTunes Zero-Day Vulnerability Exploited by BitPaymer Ransomware* Singaporean Indicted in U.S. for Illegal Crypto-Mining* Tor to Reject End-of-Life Relays by Default* Spanish Court Probes Alleged Spying of Assange at Ecuadorian Embassy

Infosecurity Magazine

* Atlanta Judge Pleads Not Guilty to Improper Access of County Network * Thoma Bravo Buys Sophos Group for $3.8bn* Tactics of Supply-Chain Attack Group Exposed * Stolen Cloud API Key to Blame for Imperva Breach* Scottish Teens Charged With Met Police Hack* Microsoft and NIST Team Up on Patching Guide* Mississippi Shows Flagrant Disregard for Cybersecurity * Most Americans Are Clueless About Private Browsing * US Homeland Security Wants to Subpoena ISPs to Hand Over Data* #SecTorCa: Finding a New Route to Solve Tomorrow's Cyber-Attacks* BAE Systems Pilots Tech to Support Child Protection Agencies* #SecTorCa: Millions of Phones Leaking Information Via Tor

Naked Security

* Stalker found pop star by searching eyes' reflections on Google Maps* Soldering spy chips inside firewalls is now a cheap hack, shows researcher* Computing enthusiast cracks ancient Unix code* Hacker wants $300 for 250,000 records stolen from sex worker site* Monday review - the hot 20 stories of the week* S2 Ep12: Dark Web, O.MG Cable spying and securing new laptops - Naked Security Podcast* Most Americans don't have a clue what https:// means* Hackers bypassing some types of 2FA security FBI warns* Facebook flags thousands of kids as interested in gambling, booze* Apple removes app that tracks Hong Kong police and protestors

Quick Heal - Security Simplified

* Which Antivirus to choose for protecting my Android phone?* Quick Heal reports 29 malicious apps with 10 million+ downloads on Google Play Store* Trivia! 5 things you never imagined could be hacked by cyber criminals* The Free Mobile Anti-virus you are using can be a Fake!* Teacher's Day Special - Things that teachers must know about their students to make them cyber safe* PowerShell: Living off the land!* Cybersquatting and Typosquatting victimizing innocent customers and brands* Phishers using custom 404 Not Found error page to steal Microsoft credentials* Alert! 27 apps found on Google Play Store that prompt you to install Fake Google Play Store* Alert! Income tax refund SMS - Newest way of conducting bank fraud by cyber criminals

Threat Post

* Apple Shares Some Browsing History with Chinese Company* Software, Supply-Chain Dangers Top List of 5G Cyber Risks* Imperva: Data Breach Caused by Cloud Misconfiguration* Fin7 Cybergang Retools With New Malicious Code* Iran-Linked 'Charming Kitten' Touts New Spearphishing Tactics* vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach* Cryptomining Crook Steals Game Developer's Identity to Carry Out Dirty Work* Sophisticated Spy Kit Targets Russians with Rare GSM Plugin* China's Sway Over Tech Companies Tested with Apple, Blizzard* Apple iTunes Bug Actively Exploited in BitPaymer/iEncrypt Campaign

The Hacker Corner

Conferences

* Advertising Landing Page Copy/Form* Apply: FREE 6 Month InfoSec Speaking Plan* Apply: FREE 6 Month InfoSec Speaking Plan* How To Speak At DEF CON* Join Our LinkedIn Group* Upcoming Cybersecurity Conferences in the United States & Canada* Upcoming Cybersecurity Conferences in Europe* 29 Amazing TED Cybersecurity Talks (2008 - 2020)* 7 Proven Ideas for Your InfoSec Conference Delegate Acquisition Strategy* An Interview with Jack Daniel: Co-Founder of BSides!

Latest Website Defacements

* http://rio15.rid.go.th/engineering/configuration.php* http://mproject.rid.go.th/mainwp/wp-snapshots/index.php* http://telecom.rid.go.th/configuration.php* http://hydrology.rid.go.th/hyd/README.txt* http://www.web.ses26.go.th/counter.txt* http://doc.as.gov/sid.txt* http://www.jdih.pa-boyolali.go.id/uwu.txt* http://transparencia.pradopolis.sp.gov.br/lucid.php* http://www.pradopolis.sp.gov.br/lucid.php* http://bappenda.lomboktengahkab.go.id/007.html* http://www.spfu.kerala.gov.in/007.html* http://www.arcch.gov.et* http://nihort.gov.ng/rx.html* http://quytreemvn.gov.vn/untitled.html* http://www.khuyennongvn.gov.vn/untitled.html* http://nguoicocong.gov.vn/untitled.html* https://www.wenceslaubraz.pr.gov.br* http://sanbartolocoyotepec.gob.mx/rx.html* http://sipp.pn-tabanan.go.id/grt.txt* http://srb1.go.th/c0d3.html

Tools & Techniques

Packet Storm Security Tools Links

* GRR 3.3.0.8* OpenSSH 8.1p1* Faraday 3.9.2* Zeek 3.0.0 (Formerly Known As Bro)* WhatWeb Scanner 0.5.0* Clam AntiVirus Toolkit 0.102.0* PDFGrab 0.4.4* Haveged 1.9.8* SQLMAP - Automatic SQL Injection Tool 1.3.10* tcpdump 4.9.3

Kali Linux Tutorials

* SIEM - A Beginner's Guide to Security Information and Event Management Tools* ISPY : Eternalblue/Bluekeep Scanner & Exploit* Zeek : A Powerful Network Analysis Framework* Maryam : Open-source Intelligence(OSINT) Framework* Box.JS : A Tool For Studying JavaScript Malware* FATT -Fingerprint All The Things* Penta : Open Source All-In-One CLI Tool To Automate Pentesting* Tarnish : A Chrome Extension Static Analysis Tool* B2R2 : A Collection of Algorithms, Functions And Tools For Binary Analysis* Userrecon-py : Username Recognition On Various Websites

GBHackers Analysis

* 18 International Hackers who Steal Tens of Millions of Dollars Arrested For ATM Skimming Attack* FIN7 APT Hackers Added New Hacking Tools in Their Malware Arsenal to Evade AV Detection* Click2mail Hacked - Hackers Starts Sending Spam Emails To Stolen Email Address of Users* Multiple Vulnerabilities Found in Satellite Internet Access Terminal Let Hackers Intercept the GPS Traffic* Microsoft Security Update Fixed 59 Vulnerabilities Including Multiple Critical Severity Bugs - Update Now!!

Proof of Concept (PoC) & Exploits

Packet Storm Security

* ASUS RT-N10+ 2.0.3.4 CSRF / XSS / Command Execution* Kirona-DRS 5.5.3.5 Information Disclosure* Express Invoice 7.12 Cross Site Scripting* ActiveFax Server 6.92 Build 0316 Denial Of Service* Open-Xchange OX App Suite SSRF / XSS / Information Disclosure / Access Controls* SpotAuditor 5.3.1.0 Denial Of Service* Uplay 92.0.0.6280 Local Privilege Escalation* Joomla Sumoku 3.9.8 SQL Injection* Joomla Vemod News Mailer 1.0 SQL Injection* Joomla MediaLibrary 1.5.26 SQL Injection* Joomla MisterEstate 1.5.26 SQL Injection* Joomla Google Maps 1.0.4 SQL Injection* Joomla Mad4Joomla 1.1.x SQL Injection* Joomla Cactus 1.2.0 SQL Injection* Joomla SwPhotoGallery 1.5.26 SQL Injection* Openfire 4.4.1 Cross Site Scripting* SugarCRM 9.0.1 Phar Deserialization* SugarCRM 9.0.1 PHP Object Injection* SugarCRM 9.0.1 PHP Code Injection* SugarCRM 9.0.1 Path Traversal* Visual Studio Code Remote Debugger Enabled* SugarCRM 9.0.1 Broken Access Controls* SugarCRM 9.0.1 SQL Injection* SugarCRM 9.0.1 Cross Site Scripting* Ajenti Remote Command Execution

Proof of Concept (PoC) & Exploits

Exploit Database

* [webapps] WordPress Arforms 3.7.1 - Directory Traversal* [webapps] Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting* [local] National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation* [dos] Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File* [dos] Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing MalformedPE File* [dos] Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PEFile* [dos] Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE File* [dos] Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE File* [dos] Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter* [webapps] TP-Link TL-WR1043ND 2 - Authentication Bypass* [local] ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow (Metasploit, DEP Bypass)* [webapps] SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery* [dos] XNU - Remote Double-Free via Data Race in IPComp Input Path* [dos] Foscam Video Management System 1.1.6.6 - 'UID' Denial of Service (PoC)* [local] DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow (DEP Bypass)* [webapps] vBulletin 5.0 * [webapps] Zabbix 4.4 - Authentication Bypass* [remote] freeFTP 1.0.8 - 'PASS' Remote Buffer Overflow* [local] CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation* [webapps] IBM Bigfix Platform 9.5.9.62 - Arbitrary File Upload* [webapps] Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting* [local] ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow (DEP)* [webapps] Zabbix 4.2 - Authentication Bypass* [local] logrotten 3.15.1 - Privilege Escalation* [webapps] Joomla 3.4.6 - 'configuration.php' Remote Code Execution

AdvisoriesUS-Cert Alerts & bulletins

* AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability* AA19-122A: New Exploits for Unsecure SAP Systems* AA19-024A: DNS Infrastructure Hijacking Campaign* Vulnerability Summary for the Week of September 30, 2019* Vulnerability Summary for the Week of September 23, 2019* Vulnerability Summary for the Week of September 16, 2019

Symantec - Latest List

* Juniper Junos CVE-2019-0057 Local Authorization Bypass Vulnerability* Google Chrome Prior to 77.0.3865.120 Multiple Security Vulnerabilities* WebKit Multiple Cross Site Scripting and Memory Corruption Vulnerabilities* Apple Swift CVE-2019-8790 Information Disclosure Vulnerability* Apple macOS/iCloud for Windows/iTunes CVE-2019-8745 Buffer Overflow Vulnerability* WebKit Information Disclosure and Security Vulnerability* WebKit CVE-2019-8720 Memory Corruption Vulnerability* Juniper Junos CVE-2019-0058 Local Privilege Escalation Vulnerability* Juniper Junos CVE-2019-0059 Memory Leak Denial of Service Vulnerability* Apple macOS Multiple Security Vulnerabilities* Apple iOS APPLE-SA-2019-9-26-3 Multiple Security Vulnerabilities* PHP CVE-2019-11042 Heap Buffer Overflow Vulnerability* PHP CVE-2019-11041 Heap Buffer Overflow Vulnerability* Juniper Junos CVE-2019-0060 Denial of Service Vulnerability* Oracle October 2019 Critical Patch Update Multiple Vulnerabilities* Intel Active System Console CVE-2019-11120 Local Privilege Escalation Vulnerability* Intel Smart Connect Technology CVE-2019-11167 Local Privilege Escalation Vulnerability* Multiple Intel NUC Products Multiple Unspecified Local Security Vulnerabilities* Juniper SBR Carrier CVE-2019-0072 Information Disclosure Vulnerability* Juniper Junos CVE-2019-0075 Denial of Service Vulnerability* Juniper Junos CVE-2019-0063 Denial of Service Vulnerability* Juniper Junos CVE-2019-0068 Denial of Service Vulnerability* Juniper Junos CVE-2019-0050 Denial of Service Vulnerability* Juniper Junos CVE-2019-0055 Denial of Service Vulnerability* Juniper Junos CVE-2019-0066 Denial of Service Vulnerability* GE Mark VIe Controller CVE-2019-13554 Authorization Bypass Vulnerability

AdvisoriesPacket Storm Security - Latest List

Apple Security Advisory 2019-10-11-1Apple Security Advisory 2019-10-11-1 - Swift 5.1.1 for Ubuntu is now available and addresses an issue withdata disclosure.Debian Security Advisory 4539-3Debian Linux Security Advisory 4539-3 - The update for openssl released as DSA 4539-1 introduced aregression where AES-CBC-HMAC-SHA ciphers were not enabled. Updated openssl packages are nowavailable to correct this issue.Red Hat Security Advisory 2019-3024-01Red Hat Security Advisory 2019-3024-01 - The ovirt-web-ui package provides the web interface for Red HatVirtualization. Issues addressed include code execution, cross site scripting, and denial of servicevulnerabilities.Red Hat Security Advisory 2019-3011-01Red Hat Security Advisory 2019-3011-01 - The redhat-virtualization-host packages provide the Red HatVirtualization Host. These packages include redhat-release-virtualization-host, redhat-virtualization-host, andovirt-node-ng. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux withonly the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring thehost's resources and performing administrative tasks. Red Hat Security Advisory 2019-3023-01Red Hat Security Advisory 2019-3023-01 - The ovirt-engine-ui-extensions package contains UI plugins thatprovide various extensions to the oVirt administration UI. Issues addressed include code execution, cross sitescripting, and denial of service vulnerabilities.Microsoft Surface Mouse WS3-00002 Insufficient Memory ProtectionSySS GmbH found out that the embedded flash memory of the Bluetooth LE Microsoft Surface Mouse can beread and written via the SWD (Serial Wire Debug) interface of the used nRF51822 Bluetooth SoC as the flashmemory is not protected by the offered readback protection feature.Microsoft Surface Keyboard WS2-00005 Insufficient Memory ProtectionSySS GmbH found out that the embedded flash memory of the Bluetooth LE Microsoft Surface Keyboard canbe read and written via the SWD (Serial Wire Debug) interface of the used nRF51822 Bluetooth SoC as theflash memory is not protected by the offered readback protection feature.Microsoft Designer Bluetooth Desktop Insufficient Memory ProtectionSySS GmbH found out that the embedded flash memory of the Microsoft Designer Bluetooth Desktop keyboardcan be read and written via the SWD (Serial Wire Debug) interface of the used nRF51822 Bluetooth SoC asthe flash memory is not protected by the offered readback protection feature.Ubuntu Security Notice USN-4151-2Ubuntu Security Notice 4151-2 - USN-4151-1 fixed several vulnerabilities in Python. This update provides thecorresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Python incorrectlyparsed certain email addresses. A remote attacker could possibly use this issue to trick Python applications

into accepting email addresses that should be denied. Various other issues were also addressed.Ubuntu Security Notice USN-4153-1Ubuntu Security Notice 4153-1 - Daniel Preussker discovered that Octavia incorrectly handled client certificatechecking. A remote attacker on the management network could possibly use this issue to perform configurationchanges and obtain sensitive information.Red Hat Security Advisory 2019-3002-01Red Hat Security Advisory 2019-3002-01 - Red Hat Fuse Integration Services provides a set of tools andcontainerized xPaaS images that enable development, deployment, and management of integrationmicroservices within OpenShift. Issues addressed include code execution and deserialization vulnerabilities.Red Hat Security Advisory 2019-2998-01Red Hat Security Advisory 2019-2998-01 - Red Hat OpenShift Application Runtimes provides an applicationplatform that reduces the complexity of developing and operating applications for OpenShift as a containerizedplatform. This release of RHOAR Thorntail 2.5.0 serves as a replacement for RHOAR Thorntail 2.4.0, andincludes security and bug fixes and enhancements. Issues addressed include code execution anddeserialization vulnerabilities.Red Hat Security Advisory 2019-2995-01Red Hat Security Advisory 2019-2995-01 - AMQ Broker is a high-performance messaging implementationbased on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supportsmultiple languages, protocols, and platforms. This release of Red Hat A-MQ Broker 7.5.0 serves as areplacement for Red Hat A-MQ Broker 7.4.1, and includes security and bug fixes, and enhancements. A ClassLoader manipulation vulnerability was addressed.Ubuntu Security Notice USN-4152-1Ubuntu Security Notice 4152-1 - It was discovered that libsoup incorrectly handled parsing certain NTLMmessages. If a user or automated system were tricked into connecting to a malicious server, a remote attackercould possibly use this issue to cause a denial of service.Ubuntu Security Notice USN-4151-1Ubuntu Security Notice 4151-1 - It was discovered that Python incorrectly parsed certain email addresses. Aremote attacker could possibly use this issue to trick Python applications into accepting email addresses thatshould be denied. It was discovered that the Python documentation XML-RPC server incorrectly handledcertain fields. A remote attacker could use this issue to execute a cross-site scripting attack.Ubuntu Security Notice USN-4149-1Ubuntu Security Notice 4149-1 - It was discovered that Unbound incorrectly handled certain NOTIFY queries.An attacker could possibly use this issue to cause a denial of service.Apple Security Advisory 2019-10-07-4Apple Security Advisory 2019-10-07-4 - iCloud for Windows 7.14 is now available and addresses bufferoverflow, code execution, and cross site scripting vulnerabilities.Red Hat Security Advisory 2019-2975-01Red Hat Security Advisory 2019-2975-01 - The kernel packages contain the Linux kernel, the core of any Linuxoperating system. Bluetooth BR/EDR encryption key negotiation attacks were addressed.Red Hat Security Advisory 2019-2980-01Red Hat Security Advisory 2019-2980-01 - Python is an interpreted, interactive, object-oriented programminglanguage, which includes modules, classes, exceptions, very high level dynamic data types and dynamictyping. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.Issues addressed include an information leakage vulnerability.Apple Security Advisory 2019-10-07-3Apple Security Advisory 2019-10-07-3 - iCloud for Windows 10.7 is now available and addresses bufferoverflow, code execution, and cross site scripting vulnerabilities.Red Hat Security Advisory 2019-2978-01Red Hat Security Advisory 2019-2978-01 - The polkit packages provide a component for controlling

system-wide privileges. This component provides a uniform and organized way for non-privileged processes tocommunicate with privileged ones. An auth hijacking issue has been addressed.Apple Security Advisory 2019-10-07-2Apple Security Advisory 2019-10-07-2 - iTunes for Windows 12.10.1 is now available and addresses bufferoverflow, code execution, and cross site scripting vulnerabilities.Apple Security Advisory 2019-10-07-1Apple Security Advisory 2019-10-07-1 - macOS Catalina 10.15 is now available and addresses buffer overflowand code execution vulnerabilities.Red Hat Security Advisory 2019-2977-01Red Hat Security Advisory 2019-2977-01 - The Berkeley Internet Name Domain is an implementation of theDomain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying thatthe DNS server is operating correctly. A rate limiting issue has been addressed.

https://www.informationwarfarecenter.com