07-08

Weekly Awareness Report (WAR)

July 8, 2019

The Cyber Intelligence Report is an Open Source Intelligence AKA OSINT resource focusing on advanced persistent threatsand other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime category directed at bothbusiness and political targets. Attack vectors include system compromise, social engineering, and even traditionalespionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.

Summary

Symantec ThreatCon Low: Basic network posture

This condition applies when there is no discernible network incident activity and no maliciouscode activity with a moderate or severe risk rating. Under these conditions, only a routinesecurity posture, designed to defeat normal network threats, is warranted. Automated systemsand alerting mechanisms should be used.

Sophos: last 10 Malware* Troj/NanoCr-DD* Troj/Bladabi-TF* Troj/Agent-BBZP* Troj/Ransom-FNI* Troj/Godrop-K* Troj/Phish-FMO* Troj/DocDl-UNW* Troj/Stealer-VO* Troj/NanoCr-DC* Troj/LokiBot-DM

Last 10 PUAs* TCM Fortnite Tool* FileTour* Toggle Download Manager* QjMonkey* IStartSurfInstaller* Bitcoin Miner* OxyPumper* KuaiZip* HTran* Zdengo

Interesting News

* Sodin ransomware exploits Windows vulnerability and processor architectureWhen Sodin appeared in the first half of 2019, it immediately caught our attention for distributing itself through an OracleWeblogic vulnerability and carrying out attacks on MSP providers.

* * We are currently working on our own Cyber Forensics Linux distribution to be released at the begining of August called CSI Linux. We have an active FaceBook Group and YouTube Channel, Subscribe to both! As always, if you have anysuggestions, feel free to let us know. If you would like to receive the CIR updates by email, Subscribe at: CIR@informationwarfarecenter.com

Index of Sections

Current News

* Packet Storm Security

* Dark Reading

* Krebs on Security

* The Hacker News

* Infosecurity Magazine

* Threat Post

* Naked Security

* Quick Heal - Security Simplified

Hacker Corner: Tools, Hacked Defacements, and Exploits

* Security Conferences

* Packet Storm Security Latest Published Tools

* Zone-H Latest Published Website Defacements

* Packet Storm Security Latest Published Exploits

* Exploit Database Releases

Advisories

* Secunia Chart of Vulnerabilities Identified

* US-Cert (Current Activity-Alerts-Bulletins)

* Symantec's Latest List

* Packet Storm Security's Latest List

Credits

News

Packet Storm Security

* Hacked Forensic Firm Pays Ransom After Malware Attack* British Airways Faces Record Fine For Data Breach* FBI, ICE Plunder DMV Driver Database For Facial Recognition Scans* Fieldwork Software Database Leak Exposed Credit Card Details* On The Run In Cuba, McAfee Pushes Cryptocurrency* Warning: Free Hotel Wifi Is A Hacker's Dream* Canonical GitHub Account Hacked, Ubuntu Source Code Safe* Google Chrome To Block Heavy Ads That Use Too Many Resources* CBP Reportedly Suspends Contractor Over Cyberattack* YouTube Mystery Ban On Hacking Videos Has Content Creators Puzzled* D-Link Agrees To Overhaul Security In FTC Settlement* First-Ever Malware Strain Spotted Abusing New DoH Protocol* Russian 'Silence' Hacking Crew Turns Up The Volume* Senate Passes King Bill To Secure Energy Grid* Hackers Hijacked VR Chatrooms To Manipulate Users' Reality* Facebook Removes Accounts Used To Infect Thousands* Exposed Orvibo Database Leaks Two Billion Records* Florida Employee Fired After Paying $460,000 Bitcoin Ransom* G20 Supports Proposal To Make Cryptocurrency Exchanges Hand Over User Data* Trump Reversed Course On Huawei. What Happens Now?* Singapore Government To Run Another Bug Bounty* A Single Court-Ordered Wiretap Order In 2018 Swept Up 9.2 Million Intercepts* Equifax Exec Gets 4 Months For Insider Trading Due To Data Breach* Western Intelligence Hacked Yandex To Spy On Accounts* Iran Seizes 1,000 Bitcoin Mining Machines After Power Spike

Dark Reading

* Britain Looks to Levy Record GDPR Fine Against British Airways* NIST Sets Draft Guidelines for Government AI* Broadcom Moves Forward on Symantec Acquisition* Smash-and-Grab Crime Threatens Enterprise Security * 7 Hot Cybersecurity Trends to Be Highlighted at Black Hat* UK Forensics Firm Paid Ransom in Cyberattack* Intelligent Authentication Market Grows to Meet Demand* Why Your GDPR Implementation Plan Needs CISOs & 'Legal Engineers' to Work Together* D-Link Agrees to Strengthen Device Security* US Military Warns Companies to Look Out for Iranian Outlook Exploits* New 'WannaHydra' Malware a Triple Threat to Android* Sodin Ransomware Exploits Windows Privilege Escalation Bug* More Than Half of SMB Devices Run Outdated Operating Systems* 20 Questions to Ask During a Real (or Manufactured) Security Crisis* Disarming Employee Weaponization* Black Hat Q&A: Understanding NSA's Quest to Open Source Ghidra* TA505 Group Launches New Targeted Attacks* New MacOS Malware Discovered

News

Krebs on Security

* Who's Behind the GandCrab Ransomware?* Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers* Breach at Cloud Solution Provider PCM Inc.* Tracing the Supply Chain Attack on Android* Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy* Microsoft Patch Tuesday, June 2019 Edition* LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach* Report: No 'Eternal Blue' Exploit Found in Baltimore City Ransomware* NY Investigates Exposure of 885 Million Mortgage Documents* Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors

The Hacker News

* British Airways Fined £183 Million Under GDPR Over 2018 Data Breach* Ubuntu-Maker Canonical's GitHub Account Gets Hacked* DDoS Attacker Who Ruined Gamers' Christmas Gets 27 Months in Prison* 17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device* D-Link Agrees to 10 Years of Security Audits to Settle FTC Charges* China's Border Guards Secretly Installing Spyware App on Tourists' Phones* AppTrana — Website Security Solution That Actually Works* Android July 2019 Security Update Patches 33 New Vulnerabilities* Firefox to Automatically Trust OS-Installed CA Certificates to Prevent TLS Errors* Exclusive: German Police Raid OmniRAT Developer and Seize Digital Assets

Security Week

* Iran-Linked Malware Shared by USCYBERCOM First Seen in December 2016: Kaspersky* Maryland Department of Labor Announces Data Breach* Malicious Code Planted in 'strong_password' Ruby Gem* British Airways Faces $230 Million Fine for 2018 Breach* Eurofins Scientific Paid Up in Response to Ransomware Attack: Report* Canonical GitHub Account Hijacked* Mystery of NSA Leak Lingers as Stolen Document Case Winds Up* Cryptomining Campaign Targets Linux Servers with Go Malware* EFF, OTI Respond to UK's Online Harms Legislative Proposal* Hacker Who Disrupted Sony Gaming Firm Gets Federal Prison* Magento Patches Flaws Leading to Site Takeover* Certificates Issued to Huawei Subsidiary Found in Cisco Switches* Georgia Failed to Subpoena Image of Wiped Elections Server* Multiple Chinese Groups Share the Same RTF Weaponizer* Dridex Operators Use New Trojan Downloader* SIEM Provider Exabeam Acquires SkyFormation* Broadcom in Talks to Acquire Symantec in $15 Billion Deal: Reports* Eight Arrested Over Cyberattacks Against Hong Kong Police* FTC, D-Link Reach Agreement Over Device Security* Nexus Repository Flaws Expose Thousands of Private Artifacts

News

Infosecurity Magazine

* DOE, Industry Collaborate to Defend Power Utilities* Malware Campaign Targets South Korean TV* Clinton Reportedly Backs Out of FireEye's Summit * Magecart Blitz Stuns 962 E-commerce Sites in 24 Hours* UK Firms Hit By Attacks Every 50 Seconds* AI for Fraud Detection to Triple by 2021* BA's Magecart Breach Lands it £183m GDPR Fine* UK's Eurofins Scientific Reportedly Pays Ransom* One in 10 IT Pros Would Steal Data if Leaving a Job* Golang Malware Targets Linux-Based Servers

Threat Post

* GE Aviation Passwords, Source Code Exposed in Open Jenkins Server* Rules-Based Policy Approaches Need to Go* GoBotKR Targets Pirate Torrents to Build a DDoS Botnet* Apple Patches iMessage Bug That Bricks iPhones with Out-of-Date Software* Post-Data Breach, British Airways Slapped With Record $230M Fine* Data Breach Lessons from the Trenches* WordPress Plugin WP Statistics Patches XSS Flaw* PGP Ecosystem Targeted in 'Poisoning' Attacks* Apple Transparency Report Now Includes App Store Takedown Requests* Amazon Admits Alexa Voice Recordings Saved Indefinitely

Naked Security

* Researchers hack VR worlds* Privacy and security risks as Sign In with Apple tweaks Open ID protocol* ISPs call Mozilla 'Internet Villain' for promoting DNS privacy* New Year's eve gaming DDoSer lulz himself into a 27-month sentence* Monday review - the hot 23 stories of the week* 5 tips to stay secure on social media* OpenPGP experts targeted by long-feared 'poisoning' attack* Bitcoin eats as much energy as Switzerland* Mannequin Challenge videos teach computers to see* Deepfake revenge porn now a crime in Virginia

Quick Heal - Security Simplified

* Ransomware As A Tool - LockerGoga* Beware! Email attachments can make you victim of spear phishing attacks* The website I visited behaves weirdly. I wonder if I'm hacked?* Beware! The padlock icon and HTTPS are no more indicators of safe website* What makes Quick Heal's Next Generation Suite of Features a SMART choice to protect your privacy?* APT-27 like Newcore RAT, Virut exploiting MySQL for targeted attacks on enterprise* CVE-2019-11815: Experts discovered a privilege escalation vulnerability in the Linux Kernel* Quick Heal supports the Windows 10 May 2019 Update* What is Emotet?

Security Conferences* Free 6 Month Speaking Plan* Free 6 Month Speaking Plan* Free 6 Month Speaking Plan Questionnaire* How To Speak At DEF CON* Join Our LinkedIn Group

Tools & Techniques* I2P 0.9.41* GRR 3.3.0.4* Scapy Packet Manipulation Tool 2.4.3rc2* SQLMAP - Automatic SQL Injection Tool 1.3.7* GRR 3.3.0.3* GNUnet P2P Framework 0.11.5* Lynis Auditing Tool 2.7.5* Flawfinder 2.0.10* Falco 0.15.3* Falco 0.15.2* FBChecker : Facebook Mass Account Checker* WESNG : Next Generation Windows Exploit Suggester* Slackor : A Golang Implant That Uses Slack As A Command & Control Server* MASC : A Web Malware Scanner* DSSS - Damn Small SQLi Scanner* GoldenEye : GoldenEye Layer 7 (KeepAlive+NoCache) DoS Test Tool* Hash Identifier : Software To Identify The Different Types Of Hashes Used To Encrypt Data & EspeciallyPasswords* The Secret IG Growth Hacks You Haven't Heard Before* MIG : Distributed & Real Time Digital Forensics At The Speed Of The Cloud* Icebox : Virtual Machine Introspection, Tracing & Debugging

Latest Zone-H Website Defacements* http://mca-m.gov.mw//images/jdownloads/screenshots/def.gif* https://apekesah.batam.go.id/images/1562591594855.jpeg* https://sanroque.northernsamar.gov.ph/id.txt* http://pt-yogyakarta.go.id/perpustakaan/repository/dx.txt* https://wappingersfallsny.gov/nervo.html* http://kpu-bolmutkab.go.id/-.htm* http://kpu-minahasakab.go.id/-.htm* http://kejari-bandungkota.go.id* http://tribunaladministrativodelquindio.gov.co/kk.php* http://pocklington.gov.uk/ds.html* http://sipp.pa-bondowoso.go.id/exz.txt* http://pa-bondowoso.go.id/exz.txt* http://nilesocial.gov.sd* http://nilekhiar.gov.sd* https://nileatbara.gov.sd* http://ircc.gov.sd* http://pravobranilastvofbih.gov.ba* http://ysaf.gov.sd

* http://munimegantoni.gob.pe/rx.html

Proof of Concept (PoC) & Exploits

Packet Storm Security

* WordPress Like Button 1.6.0 Authentication Bypass* Huawei HG530 Cross Site Request Forgery* Karenderia CMS 5.3 SQL Injection* Microsoft Exchange 2003 base64-MIME Remote Code Execution* Karenderia CMS 5.1 Local File Inclusion* iPhone iMessage Malformed Message Bricking* WolfVision Cynap 1.18g / 1.28j Hardcoded Credential* Karenderia CMS 5.1 Content Injection* Microsoft File Checksum Verifier 2.05 DLL Hijacking* BKS EBK Ethernet-Buskoppler Pro Shell Upload* Hawtio 2.5.0 Server Side Request Forgery* Symantec DLP 15.5 MP1 Cross Site Scripting* Apache Tomcat CGIServlet enableCmdLineArguments Remote Code Execution* Serv-U FTP Server prepareinstallation Privilege Escalation* Centreon 19.04 Remote Code Execution* Packet Storm New Exploits For June, 2019* FaceSentry Access Control System 6.4.8 Cleartext Password Storage* REDDOXX Appliance Information Disclosure* FaceSentry Access Control System 6.4.8 Authentication Credential Disclosure* SquirrelMail 1.4.22 Cross Site Scripting* FaceSentry Access Control System 6.4.8 Reflected Cross Site Scripting* FaceSentry Access Control System 6.4.8 Remote SSH Root Access

Exploit Database

* [webapps] WordPress Plugin Like Button 1.6.0 - Authentication Bypass* [webapps] Karenderia Multiple Restaurant System 5.3 - SQL Injection* [remote] Microsoft Exchange 2003 - base64-MIME Remote Code Execution* [webapps] Karenderia Multiple Restaurant System 5.3 - Local File Inclusion* [remote] Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit)* [local] Serv-U FTP Server - prepareinstallation Privilege Escalation (Metasploit)* [webapps] Symantec DLP 15.5 MP1 - Cross-Site Scripting* [local] Mac OS X TimeMachine - 'tmdiagnose' Command Injection Privilege Escalation (Metasploit)* [webapps] Centreon 19.04 - Remote Code Execution* [remote] FaceSentry Access Control System 6.4.8 - Remote SSH Root* [webapps] FaceSentry Access Control System 6.4.8 - Remote Root Exploit* [webapps] FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery* [webapps] FaceSentry Access Control System 6.4.8 - Remote Command Injection* [webapps] CyberPanel 1.8.4 - Cross-Site Request Forgery* [webapps] Sahi pro 8.x - Directory Traversal* [webapps] SAP Crystal Reports - Information Disclosure* [webapps] ZoneMinder 1.32.3 - Cross-Site Scripting* [webapps] PowerPanel Business Edition - Cross-Site Scripting

AdvisoriesUS-Cert Alerts & bulletins

* AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability* AA19-122A: New Exploits for Unsecure SAP Systems

Symantec - Latest List

* Microsoft Internet Explorer CVE-2019-0995 Security Bypass Vulnerability* Microsoft Windows Remote Desktop Services CVE-2019-0708 Remote Code Execution Vulnerability* Microsoft Windows CVE-2019-1064 Local Privilege Escalation Vulnerability* Microsoft Windows Shell CVE-2019-1053 Local Privilege Escalation Vulnerability* Microsoft Windows Installer CVE-2019-0973 DLL Loading Local Privilege Escalation Vulnerability* Microsoft Windows Hyper-V CVE-2019-0711 Denial of Service Vulnerability* Microsoft Windows Hyper-V CVE-2019-0710 Denial of Service Vulnerability* Microsoft Windows Hyper-V CVE-2019-0713 Remote Denial of Service Vulnerability* Microsoft Windows Audio Service CVE-2019-1007 Local Privilege Escalation Vulnerability* Microsoft Windows Audio Service CVE-2019-1028 Local Privilege Escalation Vulnerability* Microsoft Windows Audio Service CVE-2019-1027 Local Privilege Escalation Vulnerability* Microsoft Windows Audio Service CVE-2019-1026 Local Privilege Escalation Vulnerability* Microsoft Windows Audio Service CVE-2019-1022 Local Privilege Escalation Vulnerability* Microsoft Windows Audio Service CVE-2019-1021 Local Privilege Escalation Vulnerability* Microsoft Windows Hyper-V CVE-2019-0709 Remote Code Execution Vulnerability* Microsoft Windows Hyper-V CVE-2019-0722 Remote Code Execution Vulnerability* Microsoft Windows GDI Component CVE-2019-0977 Information Disclosure Vulnerability* Microsoft Windows GDI Component CVE-2019-0968 Information Disclosure Vulnerability* Microsoft Windows GDI Component CVE-2019-1050 Information Disclosure Vulnerability* Microsoft Windows Hyper-V CVE-2019-0620 Remote Code Execution Vulnerability* Microsoft Windows GDI Component CVE-2019-1049 Information Disclosure Vulnerability* Microsoft Windows GDI Component CVE-2019-1048 Information Disclosure Vulnerability* Microsoft Windows GDI Component CVE-2019-1047 Information Disclosure Vulnerability* Microsoft Windows GDI Component CVE-2019-1046 Information Disclosure Vulnerability* Microsoft Windows GDI Component CVE-2019-1016 Information Disclosure Vulnerability* Microsoft Windows GDI Component CVE-2019-1015 Information Disclosure Vulnerability

Packet Storm Security - Latest List

Debian Security Advisory 4476-1Debian Linux Security Advisory 4476-1 - Three security issues were found in Django, a Python webdevelopment framework, which could result in denial of service, incomplete sanitization of clickable links ormissing redirects of HTTP requests to HTTPS.Red Hat Security Advisory 2019-1699-01Red Hat Security Advisory 2019-1699-01 - The redhat-virtualization-host packages provide the Red HatVirtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor.Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only thepackages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host'sresources and performing administrative tasks. Issues addressed include a denial of service vulnerability.Red Hat Security Advisory 2019-1696-01Red Hat Security Advisory 2019-1696-01 - Mozilla Firefox is an open-source web browser, designed forstandards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR.Issues addressed include type confusion and sandbox escape vulnerabilities.Ubuntu Security Notice USN-4046-1Ubuntu Security Notice 4046-1 - It was discovered that Irssi incorrectly handled certain disconnections. Anattacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue onlyaffected Ubuntu 18.04 LTS. It was discovered that Irssi incorrectly handled certain requests. An attacker couldpossibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were alsoaddressed.Ubuntu Security Notice USN-4038-4Ubuntu Security Notice 4038-4 - USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regressioncausing bzip2 to incorrect raises CRC errors for some files. This update provides the corresponding update forUbuntu 12.04 ESM and 14.04 ESM. It was discovered that bzip2 incorrectly handled certain files. An attackercould possibly use this issue to execute arbitrary code. Various other issues were also addressed.Ubuntu Security Notice USN-4038-3Ubuntu Security Notice 4038-3 - USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regressioncausing bzip2 to incorrect raises CRC errors for some files. It was discovered that bzip2 incorrectly handledcertain files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were alsoaddressed.FreeBSD Security Advisory - FreeBSD-SA-19:10.ufsFreeBSD Security Advisory - A bug causes up to three bytes of kernel stack memory to be written to disk asuninitialized directory entry padding. This data can be viewed by any user with read access to the directory.Additionally, a malicious user with write access to a directory can cause up to 254 bytes of kernel stackmemory to be exposed. Some amount of the kernel stack is disclosed and written out to the filesystem.FreeBSD Security Advisory - FreeBSD-SA-19:11.cd_ioctlFreeBSD Security Advisory - To implement one particular ioctl, the Linux emulation code used a specialinterface present in the cd(4) driver which allows it to copy subchannel information directly to a kernel address.This interface was erroneously made accessible to userland, allowing users with read access to a cd(4) deviceto arbitrarily overwrite kernel memory when some media is present in the device. A user in the operator groupcan make use of this interface to gain root privileges on a system with a cd(4) device when some media ispresent in the device. Red Hat Security Advisory 2019-1636-01Red Hat Security Advisory 2019-1636-01 - This advisory contains the jenkins-2-plugins RPM packages for RedHat OpenShift Container Platform 4.1.4. Various issues have been addressed including a file read vulnerability.FreeBSD Security Advisory - FreeBSD-SA-19:09.iconvFreeBSD Security Advisory - With certain inputs, iconv may write beyond the end of the output buffer.Depending on the way in which iconv is used, an attacker may be able to create a denial of service, provoke

incorrect program behavior, or induce a remote code execution. iconv is a libc library function and the nature ofpossible attacks will depend on the way in which iconv is used by applications or daemons.Google ChromeOS SafeSetID LSM Transitive TrustGoogle ChromeOS SafeSetID LSM suffers from privilege escalation vulnerabilities.Red Hat Security Advisory 2019-1669-01Red Hat Security Advisory 2019-1669-01 - Nodes managed by Ironic may use the ironic-inspector auxiliaryservice to discover hardware properties. Hardware introspection or hardware properties discovery is a processof getting hardware parameters required for scheduling from a bare metal node, given its power managementcredentials. Issues addressed include a remote SQL injection vulnerability.Ubuntu Security Notice USN-4044-1Ubuntu Security Notice 4044-1 - znc could be made to crash or run programs as an administrator if it opened aspecially crafted file.Ubuntu Security Notice USN-4045-1Ubuntu Security Notice 4045-1 - A type confusion bug was discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could exploit this by causing a denialof service, or executing arbitrary code. It was discovered that a sandboxed child process could open arbitraryweb content in the parent process via the Prompt:Open IPC message. When combined with anothervulnerability, an attacker could potentially exploit this to execute arbitrary code. Various other issues were alsoaddressed.Red Hat Security Advisory 2019-1661-01Red Hat Security Advisory 2019-1661-01 - Spacewalk is an Open Source systems management solution thatprovides system provisioning, configuration and patching capabilities. An insecure computation issue wasaddressed.Red Hat Security Advisory 2019-1663-01Red Hat Security Advisory 2019-1663-01 - Spacewalk is an Open Source systems management solution thatprovides system provisioning, configuration and patching capabilities. Issues addressed include a traversalvulnerability.Red Hat Security Advisory 2019-1667-01Red Hat Security Advisory 2019-1667-01 - KVM is a full virtualization solution for Linux on a variety ofarchitectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machinesthat use KVM in environments managed by Red Hat products. Issues addressed include a buffer overflowvulnerability.Red Hat Security Advisory 2019-1683-01Red Hat Security Advisory 2019-1683-01 - openstack-tripleo-common contains the python library for codecommon to the Red Hat OpenStack Platform director CLI and GUI. An issue existed whereopenstack-tripleo-common allowed running new amphorae based on arbitrary images.Red Hat Security Advisory 2019-1652-01Red Hat Security Advisory 2019-1652-01 - The libssh2 packages provide a library that implements the SSH2protocol. Issues addressed include an out of bounds write vulnerability.Red Hat Security Advisory 2019-1650-01Red Hat Security Advisory 2019-1650-01 - Kernel-based Virtual Machine is a full virtualization solution for Linuxon a variety of architectures. The qemu-kvm packages provide the user-space component for running virtualmachines that use KVM. Issues addressed include an information leakage vulnerability.Debian Security Advisory 4475-1Debian Linux Security Advisory 4475-1 - Joran Dirk Greef discovered that overly long nonces used withChaCha20-Poly1305 were incorrectly processed and could result in nonce reuse. This doesn't affectOpenSSL-internal uses of ChaCha20-Poly1305 such as TLS.Debian Security Advisory 4474-1Debian Linux Security Advisory 4474-1 - A sandbox escape was found in the Mozilla Firefox web browser,

which could potentially result in the execution of arbitrary code if combined with additional vulnerabilities.Ubuntu Security Notice USN-4043-1Ubuntu Security Notice 4043-1 - It was discovered that Django incorrectly handled certain inputs. An attackercould possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu18.10 and Ubuntu 19.04. Gavin Wahl discovered that Django incorrectly handled certain requests. An attackercould possibly use this issue to bypass credentials and access administrator interface. Various other issueswere also addressed.Slackware Security Advisory - irssi UpdatesSlackware Security Advisory - New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current tofix a security issue.

https://www.informationwarfarecenter.com