02-18

Weekly Awareness Report (WAR)

February 18, 2019

The Cyber Intelligence Report is an Open Source Intelligence AKA OSINT resource focusing on advanced persistent threatsand other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime category directed at bothbusiness and political targets. Attack vectors include system compromise, social engineering, and even traditionalespionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.

Summary

Symantec ThreatCon Low: Basic network posture

This condition applies when there is no discernible network incident activity and no maliciouscode activity with a moderate or severe risk rating. Under these conditions, only a routinesecurity posture, designed to defeat normal network threats, is warranted. Automated systemsand alerting mechanisms should be used.

Sophos: last 10 Malware* Troj/Ursnif-BT* Troj/PSDL-CA* Troj/DocDl-SCP* Troj/PDFUri-GZA* Troj/PDFUri-GYZ* Troj/PDFUri-GYY* Troj/DocDl-SCQ* Troj/TrikBot-CL* Troj/PDFUri-GYX* Troj/EncDoc-ID

Last 10 PUAs* IStartSurfInstaller* PCMega* BloodHoundAD* installcapital* HackTom* Offer Installer* webminerpool* PC Hunter* JS CoinMiner* InstallCore

Interesting News

* DDoS Attacks in Q4 2018For the third quarter in a row, the Top 10 ratings of countries by number of attacks, targets, and botnet C&C serverscontinue to fluctuate. Growth in DDoS activity is strongest where previously it was relatively low, while the once-dominantcountries have seen a decline.

* * If you are interested, we have an active FaceBook Group and YouTube Channel. As always, if you have anysuggestions, feel free to let us know. Subscribe if you would like to receive the CIR updates: CIR@informationwarfarecenter.com

Index of Sections

Article

Current News

* Packet Storm Security

* Dark Reading

* Krebs on Security

* The Hacker News

* McAfee

* Threat Post

* Naked Security

* Quick Heal - Security Simplified

Critical Infrastructure

* Security Magazine's Latest Published

Hacker Corner: Tools, Hacked Defacements, and Exploits

* Packet Storm Security Latest Published Tools

* Zone-H Latest Published Website Defacements

* Packet Storm Security Latest Published Exploits

* Exploit Database Releases

Advisories

* Secunia Chart of Vulnerabilities Identified

* US-Cert (Current Activity-Alerts-Bulletins)

* Symantec's Latest List

* Packet Storm Security's Latest List

Credits

ArticleDream Market, The Oldest Dark Market on the Darknet.

"While many great markets have risen and fallen, only Dream has stood the test of time. Founded in late 2013,Dream has become one of the most trusted markets, having no known breaches and the identity of theadministration kept completely secret, even from site staff.

Around the time of the Alphabay and Hansa takedowns in 2017, there were concerns that Dream itself wasalso compromised. These rumors were understandable given the circumstances around the takedown ofHansa- no customer wanted to take the risk that yet another small market catapulted to success would be theirdownfall. Later that year in August, site staff member OxyMonster was arrested when his laptop was searchedduring a border crossing, further perpetuating worries many users had. However, it is of course possible thatthis was a fluke or that the Hansa and AlphaBay takedowns lead to his arrest, having nothing to do with Dream.

Since that incident in August, Dream has continued operating as they always have. It is this authors belief thatDream has not been compromised by law enforcement, neither before nor after the large takedowns in 2017." -dnstats.net

Alternative Dream Market Links 14th Feb 2019, Tor required to visit.

* http://lchudifyeqm4ldjj.onion* http://jd6yhuwcivehvdt4.onion* http://t3e6ly3uoif4zcw2.onion* http://7ep7acrkunzdcw3l.onion* http://vilpaqbrnvizecjo.onion* http://igyifrhnvxq33sy5.onion* http://6qlocfg6zq2kyacl.onion* http://x3x2dwb7jasax6tq.onion* http://bkjcpa2klkkmowwq.onion* http://xytjqcfendzeby22.onion* http://nhib6cwhfsoyiugv.onion* http://k3pd243s57fttnpa.onion* http://4hvmvhnqyeorgzlb.onion* http://uhivlt5grrqjhad7.onion* http://c6ctfwncts3auk4u.onion* http://t5kqoucj5kbboheh.onion* http://yq3fmhhpvfcfr2vg.onion* http://4mtu5pl6yp3fmvny.onion* http://4buzlb3uhrjby2sb.onion* http://6khhxwj7viwe5xjm.onion* http://jirdqewsia3p2prz.onion* http://n3mvkmkqb3ry4rbb.onion* http://e2rlc42c2hah6tgj.onion* http://f6sfqkun24oteipd.onion* http://hdx7ftyfbopx3tep.onion* http://r72kzw55evvfi6cp.onion* http://ocan7onexbaad3g7.onion* http://s2c4cmjtvqvdlpw4.onion

News

Packet Storm Security

* UK Lawmakers Say Facebook Broke Rules, Should Be Regulated* Australian Political Parties Hit By State Actor Hack* Special Counsel Robert Mueller Questioned Ex-Cambridge Analytica Director* Google Earth Accidentally Reveals Secret Military Sites* GAO Gives Congress Go-Ahead For A GDPR-Like Legislation* FB Tackles Databases Leaking Over A Million User Records* Facebook May Face Multi-Billion Dollar US Fine Over Privacy Lapses* Mobile Networks Call For 5G Security Inspector* JP Morgan Is Creating A Cryptocurrency Pegged To The Dollar* Thousands Of Android Apps Permanently Record Your Online Activity For Ad Targeting* Lenovo Watch X Riddled With Security Vulnerabilities* Critical OkCupid Flaw Exposes Daters To App Takeovers* How Google Tracks Hackers* MacOS Trojan Disables Gatekeeper To Deploy Malicious Payloads* Games Of Thrones Hacker Worked With US Defector* Chinese Facial Recognition Company Discloses Locations* MalwareTech Loses Bid To Suppress Damning Statements* FBI Arrests Second Apophis Squad Hacker In The US* Major Malta Bank Suspends Operations After Cyber Attack Alert* Microsoft Patches 0-Day Vulnerabilities In IE And Exchange* Xiaomi Electric Scooter Reportedly Vulnerable To Hijacking Hack* 500px Photo Sharing Site Says It Was Hacked In 2018* Adobe Fixes 43 Critical Acrobat And Reader Flaws* 620 Million Accounts Stolen From 16 Hacked Websites Now For Sale* Researchers Hide Malware In Intel SGX Enclaves

Dark Reading

* Privacy Ops: The New Nexus for CISOs & DPOs* Staffing Shortage Makes Vulnerabilities Worse* Hackers Found Phishing for Facebook Credentials* ICS/SCADA Attackers Up Their Game* Post-Quantum Crypto Standards Aren't All About the Math* White-Hat Bug Bounty Programs Draw Inspiration from the Old West* Mozilla, Internet Society and Others Pressure Retailers to Demand Secure IoT Products* From 'O.MG' to NSA, What Hardware Implants Mean for Security* High Stress Levels Impacting CISOs Physically, Mentally* Toyota Prepping 'PASTA' for its GitHub Debut* Valentine's Emails Laced with Gandcrab Ransomware* New Professional Development Institute Aims to Combat Cybersecurity Skills Shortage* Coffee Meets Bagel Confirms Hack on Valentine's Day* Diversity Is Vital to Advance Security* How to Create a Dream Team for the New Age of Cybersecurity* Security Spills: 9 Problems Causing the Most Stress* Learn New Malware-Fighting Tools & Techniques at Black Hat Asia* 2018 Was Second-Most Active Year for Data Breaches* Windows Executable Masks Mac Malware

News

Krebs on Security

* A Deep Dive on the Recent Widespread DNS Hijacking Attacks* Bomb Threat Hoaxer Exposed by Hacked Gaming Site* Patch Tuesday, February 2019 Edition* Email Provider VFEmail Suffers 'Catastrophic' Hack* Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions* More Alleged SIM Swappers Face Justice* Crooks Continue to Exploit GoDaddy Hole* 250 Webstresser Users to Face Legal Action* Three Charged for Working With Serial Swatter* How the U.S. Govt. Shutdown Harms Security

The Hacker News

* Popular Torrent Uploader 'CracksNow' Caught Spreading Ransomware* How to Hack Facebook Accounts? Just Ask Your Targets to Open a Link* Over 92 Million New Accounts Up for Sale from More Unreported Breaches* WARNING - New Phishing Attack That Even Most Vigilant Users Could Fall For* Hacker Breaches Dozens of Sites, Puts 127 Million New Records Up for Sale* Ex-US Intelligence Agent Charged With Spying and Helping Iranian Hackers* Snapd Flaw Lets Attackers Gain Root Access On Linux Systems* Hackers Destroyed VFEmail Service - Deleted Its Entire Data and Backups* Researchers Implant "Protected" Malware On Intel SGX Enclaves* Microsoft Patch Tuesday — February 2019 Update Fixes 77 Flaws

Security Week

* Wendy's Reaches $50 Million Settlement With Banks Over Data Breach* Exploit Code Published for Recent Container Escape Vulnerability* Digital Transformation Presents Both Reward and Risk * Storage Maker QNAP Warns of Malware Targeting Its NAS Devices* Legislation Would Stiffen Penalties for Ransomware Attacks* US Facebook Fine Over Privacy Could Be in Billions: Reports* Australia Says 'State Actor' Hacked Parties, Parliament* Cryptojacking Applications Land in Microsoft Store* US Says Ex-intel Official Defected to Iran, Revealed Secrets* DHS Cyber Leader Says 2020 Security Preparations Underway* CSRF Vulnerability in Facebook Earns Researcher $25,000* Mozilla, Others Want Big Retailers to Pledge Minimum IoT Security* Facebook Taps User Data to Defend Workers From Threats* Hackers Target WordPress Sites via WP Cost Estimation Plugin* New Variant of Shlayer macOS Malware Discovered* Germany to Let NATO Use its Cyber Skills* Google Paid Out $3.4 Million for Vulnerabilities Reported in 2018* 6,500 Publicly Disclosed Data Breaches in 2018: Report* IT Asset Management Firm Axonius Raises $13 Million* Former U.S. Air Force Officer Indicted for Aiding Iranian Cyber Attacks

News

McAfee

* MWC 2019: Why 5G + Fortnite = a win-win for criminals* The Risks of Public Wi-Fi and How to Close the Security Gap* PACE - People, Alignment, Culture, and Execution* ST01: Cloud Adoption Trends with Sekhar Sarukkai and Vittorio Viarengo* How To Sidestep Popular Social Scams* The Best Ways to Catch McAfee at RSA Conference 2019* What About a Heart-To-Heart Talk with Your Loved Ones This Valentine's Day?* Kicking off 2019 with Recognition Across the McAfee Portfolio* The Exploit Model of Serverless Cloud Applications* Roses Are Red, Violets Are Blue - What Does Your Personal Data Say About You?

Threat Post

* Where's the Equifax Data? Does It Matter?* Data Breach Bonanza: Dating Apps, Equifax, Mass Credential Dumps* Eight Cryptojacking Apps Booted From Microsoft Store* Tips on How to Fight Back Against DNS Spoofing Attacks* Trickbot Malware Goes After Remote Desktop Credentials* Ultra-Sneaky Phishing Scam Swipes Facebook Credentials* Ever-Changing Emotet Evolves Again with Fresh Evasion Tactic* Threatpost Poll: Over Half of Firms Asked Struggle with Mobile Security* Coffee Meets Bagel Dating App Warns Users of Breach* Google Play Cracks Down on Malicious Apps

Naked Security

* Mega-crackers back with nearly 100 million new stolen data records* Opera integrates a cryptocurrency wallet - is this Web 3.0?* Will the EU's new copyright directive ruin the web?* Monday review - the hot 28 stories of the week* Apple fighting pirate app developers, will insist on 2FA for coders* Judge won't unseal legal docs in fight to break Messenger encryption* Should we profit from the sale of our personal data?* Chinese facial recognition database exposes 2.5m people* Photography site 500px resets 14.8 million passwords after data breach* Inside a GandCrab targeted ransomware attack on a hospital

Quick Heal - Security Simplified

* GandCrab Riding Emotet's Bus!* This Valentine fall for true love not for fake online dating apps* 28 Fake Apps removed from Google Play Store post Quick Heal Security Lab reports* 3 essential ways to strengthen your business data security* Anatova, A modular ransomware* Mongolock Ransomware deletes files and targets databases* GandCrab Ransomware along with Monero Miner and Spammer* Malspam email - Jack of all malware, master of none.* Drone Safety - Flying Tips, Policies & Regulations

Critical Infrastructure* Natural Disasters Cost the U.S. $91 Billion in 2018* Study on Electric Grid Resiliency Finds Urgent Need for Cybersecurity Investments * The Top 10 Most Unusual Items Found at TSA Checkpoints* Legislation Introduced to Strengthen Cockpit Security * NSTB Releases Most Wanted List of Safety Improvements* Study Says Manufacturers Struggle with IoT and Finding Skilled Cybersecurity Staff

Tools* IPSet List 3.7.2* GNU Privacy Guard 2.2.13* IPSet List 3.7.1* Mandos Encrypted File System Unattended Reboot Utility 1.8.3* Falco 0.14.0* SQLMAP - Automatic SQL Injection Tool 1.3.2* Lynis Auditing Tool 2.7.1* Logwatch 7.5.1* I2P 0.9.38* Flawfinder 2.0.8* Acunetix Web Application Vulnerability Report 2019* Amazon Releases New C++ Friendly Features

Zone-H Website Defacements* http://aydinciksulamabirligi.gov.tr/rx.html* http://silentvalley.gov.in/index.html* http://msmedi-chennai.gov.in* http://kejati-kalsel.go.id* http://sikomplit.semarangkota.go.id/0x.php* http://pidajk.gok.pk/po.html* http://bozyazisulamabirligi.gov.tr/rx.html* http://wapdahealthcare.gov.pk* http://www.reo18.go.th* http://jamayjalisco.gob.mx/e_s.txt* http://pa-tanjungbalai.go.id/lxpl01t403yea.php* https://pa-simalungun.go.id/lxpl01t403yea.php* http://pa-gunungsitoli.go.id/lxpl01t403yea.php* http://pa-panyabungan.go.id/lxpl01t403yea.php* http://www.pa-balige.go.id/lxpl01t403yea.php* http://www.pa-padangsidempuankota.go.id/lxpl01t403yea.php* http://backoffice.onec.go.th/ket.txt* http://baleteaklan.gov.ph/Legion.txt* http://wroc.uzs.gov.pl* http://kpu-sumbawabaratkab.go.id/k.htm

Proof of Concept (PoC) & Exploits

Packet Storm Security

* KVM VMX Preemption Timer Use-After-Free* KVM kvm_inject_page_fault Uninitialized Memory Leak* Listing Hub CMS 1.0 SQL Injection* ZuzMusic 2.1 Cross Site Scripting* JobFinder Cross Site Scripting* WeHelp 1.6 Cross Site Scripting* Find A Place CMS Directory 1.5 SQL Injection* Jinja2 2.10 Command Injection* MyBB Trash Bin 1.1.3 Cross Site Request Forgery / Cross Site Scripting* Core FTP/SFTP Server 1.2 Build 589.42 Denial Of Service* ApowerManager 3.1.7 Denial Of Service* DomainMOD 4.11.01 Cross Site Scripting* LayerBB 1.1.2 Cross Site Request Forgery* MediaMonkey 4.1.23 Denial Of Service* WordPress Booking Calendar 8.4.3 SQL Injection* exacqVision ESM 5.12.2 Privilege Escalation* Linux kvm_ioctl_create_device() Reference Flow Failure* Free IP Switcher 3.1 Denial Of Service* AirMore 1.6.1 Denial Of Service* VSCO 1.1.1.0 Denial Of Service* UniSharp Laravel File Manager 2.0.0-alpha7 Arbitrary File Upload* Navicat For Oracle 12.1.15 Denial Of Service

Exploit Database

* [webapps] UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload* [dos] Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference* [webapps] qdPM 9.1 - 'search_by_extrafields[]' SQL Injection* [webapps] Jinja2 2.10 - 'from_string' Server Side Template Injection* [dos] VSCO 1.1.1.0 - Denial of Service (PoC)* [webapps] MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery* [dos] Navicat for Oracle 12.1.15 - "Password" Denial of Service (PoC)* [dos] Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)* [dos] AirMore 1.6.1 - Denial of Service (PoC)* [dos] ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (PoC)* [webapps] LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)* [dos] MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC)* [webapps] WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection* [webapps] DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting* [webapps] DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting* [webapps] DomainMOD 4.11.01 - 'category.php CatagoryName, StakeHolder' Cross-Site Scripting* [webapps] DomainMOD 4.11.01 - 'ssl-accounts.php username' Cross-Site Scripting* [webapps] DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting* [dos] Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)* [local] exacqVision ESM 5.12.2 - Privilege Escalation* [local] runc * [webapps] PilusCart 1.4.1 - 'send' SQL Injection

AdvisoriesUS-Cert Alerts & bulletins

* AA19-024A: DNS Infrastructure Hijacking Campaign* AA18-337A: SamSam Ransomware* SB19-042: Vulnerability Summary for the Week of February 4, 2019* SB19-035: Vulnerability Summary for the Week of January 28, 2019

Symantec - Latest List

* Microsoft Internet Explorer VBScript Engine CVE-2018-8174 Arbitrary Code Execution Vulnerability* Microsoft Office CVE-2018-0802 Memory Corruption Vulnerability* Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0655 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0642 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0640 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0610 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0607 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0605 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0652 Remote Memory Corruption Vulnerability* Microsoft Visual Studio CVE-2019-0728 Remote Code Execution Vulnerability* Microsoft Windows Human Interface Devices CVE-2019-0600 Local Information Disclosure Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0651 Remote Memory Corruption Vulnerability* Microsoft Office CVE-2019-0540 Security Bypass Vulnerability* Microsoft Edge CVE-2019-0650 Remote Memory Corruption Vulnerability* Microsoft Edge CVE-2019-0634 Remote Memory Corruption Vulnerability* Microsoft Windows GDI Component CVE-2019-0602 Information Disclosure Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0644 Remote Memory Corruption Vulnerability* Microsoft Windows CVE-2019-0636 Local Information Disclosure Vulnerability* Microsoft Internet Explorer CVE-2019-0676 Information Disclosure Vulnerability* Microsoft Edge CVE-2019-0645 Remote Memory Corruption Vulnerability* Microsoft Edge CVE-2019-0648 Information Disclosure Vulnerability* Microsoft Edge CVE-2019-0658 Information Disclosure Vulnerability* Microsoft Team Foundation Server CVE-2019-0743 Cross Site Scripting Vulnerability* Microsoft Edge CVE-2019-0649 Remote Privilege Escalation Vulnerability* Microsoft Team Foundation Server CVE-2019-0742 Cross Site Scripting Vulnerability

Packet Storm Security - Latest List

Slackware Security Advisory - mozilla-thunderbird UpdatesSlackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -currentto fix security issues. Debian Security Advisory 4391-1Debian Linux Security Advisory 4391-1 - Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrary code.Slackware Security Advisory - mozilla-firefox UpdatesSlackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fixsecurity issues. Red Hat Security Advisory 2019-0349-01Red Hat Security Advisory 2019-0349-01 - .NET Core is a managed-software framework. It implements asubset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versionsof .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core1.0.14, 1.1.11, 2.1.8, and 2.2.2. Issues addressed include a domain spoofing vulnerability.Red Hat Security Advisory 2019-0348-01Red Hat Security Advisory 2019-0348-01 - The flash-plugin package contains a Mozilla Firefox compatibleAdobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.142. Issuesaddressed include an information leakage vulnerability.CA Privileged Access Manager Information Disclosure / ModificationCA Technologies Support is alerting customers to a potential risk with CA Privileged Access Manager. Avulnerability exists that can allow a remote attacker to access sensitive information or modify configuration. CApublished solutions to address the vulnerabilities. CVE-2019-7392 describes a vulnerability resulting frominadequate access controls for the components jk-manager and jk-status web service allowing a remoteattacker to access the CA PAM Web-UI without authentication. Affected versions include 3.2.1 and below, 3.1.2and below, and 3.0.x releases.Red Hat Security Advisory 2019-0342-01Red Hat Security Advisory 2019-0342-01 - The redhat-virtualization-host packages provide the Red HatVirtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor.Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only thepackages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host'sresources and performing administrative tasks. Issues addressed include stack overflow vulnerabilities.Ubuntu Security Notice USN-3889-1Ubuntu Security Notice 3889-1 - A large number of security issues were discovered in the WebKitGTK+ Weband JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploita variety of issues related to web browser security, including cross-site scripting attacks, denial of serviceattacks, and arbitrary code execution.Ubuntu Security Notice USN-3890-1Ubuntu Security Notice 3890-1 - It was discovered that Django incorrectly handled formatting certain numbers.A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial ofservice.Slackware Security Advisory - lxc UpdatesSlackware Security Advisory - New lxc packages are available for Slackware 14.2 and -current to fix a securityissue. Debian Security Advisory 4390-1Debian Linux Security Advisory 4390-1 - It was discovered that Flatpak, an application deployment frameworkfor desktop apps, insufficiently restricted the execution of "apply_extra" scripts which could potentially result inprivilege escalation.Ubuntu Security Notice USN-3888-1

Ubuntu Security Notice 3888-1 - It was discovered that GVfs incorrectly handled certain inputs. An attackercould possibly use this issue to access sensitive information.Ubuntu Security Notice USN-3887-1Ubuntu Security Notice 3887-1 - Chris Moberly discovered that snapd versions 2.28 through 2.37 incorrectlyvalidated and parsed the remote socket address when performing access controls on its UNIX socket. A localattacker could use this to access privileged socket APIs and obtain administrator privileges. On Ubuntusystems with snaps installed, snapd typically will have already automatically refreshed itself to snapd 2.37.1which is unaffected.Red Hat Security Advisory 2019-0324-01Red Hat Security Advisory 2019-0324-01 - The kernel packages contain the Linux kernel, the core of any Linuxoperating system. Issues addressed include a bypass vulnerability.Red Hat Security Advisory 2019-0315-01Red Hat Security Advisory 2019-0315-01 - Red Hat CloudForms Management Engine delivers the insight,control, and automation needed to address the challenges of managing virtual environments. CloudFormsManagement Engine is built on Ruby on Rails, a model-view-controller framework for web applicationdevelopment. Action Pack implements the controller and the view components. Issues addressed include across site scripting vulnerability.Debian Security Advisory 4377-2Debian Linux Security Advisory 4377-2 - The update for rssh issued as DSA 4377-1 introduced a regressionthat blocked scp of multiple files from a server using rssh. Updated packages are now available to correct thisissue.Debian Security Advisory 4389-1Debian Linux Security Advisory 4389-1 - Christian Reitter discovered that libu2f-host, a library implementing thehost-side of the U2F protocol, failed to properly check for a buffer overflow. This would allow an attacker with acustom made malicious USB device masquerading as a security key, and physical access to a computer wherePAM U2F or an application with libu2f-host integrated, to potentially execute arbitrary code on that computer.Red Hat Security Advisory 2019-0309-01Red Hat Security Advisory 2019-0309-01 - Chromium is an open-source web browser, powered by WebKit.This update upgrades Chromium to version 72.0.3626.81. Issues addressed include a buffer overflowvulnerability.Ubuntu Security Notice USN-3886-1Ubuntu Security Notice 3886-1 - It was discovered that poppler incorrectly handled certain PDF files. Anattacker could possibly use this issue to cause a denial of service.Debian Security Advisory 4388-1Debian Linux Security Advisory 4388-1 - Three vulnerabilities were discovered in the Mosquitto MQTT broker,which could result in authentication bypass.Red Hat Security Advisory 2019-0304-01Red Hat Security Advisory 2019-0304-01 - Docker is an open-source engine that automates the deployment ofany application as a lightweight, portable, self-sufficient container that runs virtually anywhere. Issuesaddressed include an overwrite vulnerability.Red Hat Security Advisory 2019-0303-01Red Hat Security Advisory 2019-0303-01 - The runC tool is a lightweight, portable implementation of the OpenContainer Format that provides container runtime. Issues addressed include an overwrite vulnerability.Debian Security Advisory 4387-1Debian Linux Security Advisory 4387-1 - Harry Sintonen from F-Secure Corporation discovered multiplevulnerabilities in OpenSSH, an implementation of the SSH protocol suite. All the vulnerabilities are in found inthe scp client implementing the SCP protocol.WebKitGTK+ / WPE WebKit Memory Corruption / Code ExecutionWebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities that can lead to code

execution. Multiple versions are affected.

https://www.informationwarfarecenter.com