Linux Malware Using SHC Compiler Installs CoinMiner and DDoS Bots

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new strain of Linux malware, developed using the Shc compiler, has been found to install a CoinMiner on infected systems. It is believed that this malware is being spread through dictionary attacks on...

EulerOS Virtualization 3.0.2.6 : libsepol (EulerOS-SA-2023-1065)

According to the versions of the libsepol packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and...

EulerOS Virtualization 3.0.2.6 : binutils (EulerOS-SA-2023-1092)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reorderi...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2022-2821)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

laZzzy - Shellcode Loader, Developed Using Different Open-Source Libraries, That Demonstrates Different Execution Techniques

laZzzy is a shellcode loader that demonstrates different execution techniques commonly employed by malware. laZzzy was developed using different open-source header-only libraries. Features Direct syscalls and native Nt functions not all functions but most Import Address Table IAT evasion Encrypte...

Codecepticon - .NET Application That Allows You To Obfuscate C#, VBA/VB6 (Macros), And PowerShell Source Code

Codecepticon is a .NET application that allows you to obfuscate C, VBA/VB6 macros, and PowerShell source code, and is developed for offensive security engagements such as Red/Purple Teams. What separates Codecepticon from other obfuscators is that it targets the source code rather than the compil...

Amazon Linux 2022 : gcc (ALAS2022-2022-222)

The version of gcc installed on the remote host is prior to 11.3.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-222 advisory. - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering...

USN-5770-1: GCC vulnerability

Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially crafted input. This could potentially lead to less randomness in random number generation...

USN-5770-1 gcc-5, gccgo-6 vulnerability

Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially crafted input. This could potentially lead to less randomness in random number generation...

Ubuntu 16.04 ESM : GCC vulnerability (USN-5770-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5770-1 advisory. Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially...

[SECURITY] Fedora 36 Update: capnproto-0.9.2-1.fc36

Cap=EF=BF=BD=EF=BF=BD=EF=BF=BDn Proto is an insanely fast data interchange fo rmat and capability-based RPC system. Think JSON, except binary. Or think Protocol Buffers, except faster. In fact, in benchmarks, Cap=EF=BF=BD=EF=BF=BD=EF=BF=BDn Proto is INFINITY TIMES faster than Protocol Buffers. Th...

Rocky Linux 8 : ruby:3.0 (RLSA-2022:6450)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6450 advisory. - A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user...

gcc: uncontrolled recursion in libiberty/rust-demangle.c

A flaw was discovered in the GNU libiberty library within the demanglepath function in rust-demangle.c, as distributed in the GNU Compiler Collection GCC. This flaw allows a crafted symbol to cause stack memory to be exhausted, leading to a crash...

llvm-toolset bug fix and enhancement update

An update is available for llvm-toolset. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...

Low: mingw-gcc security and bug fix update

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: gcc: uncontrolled recursion in libiberty/rust-demangle.c CVE-2021-46195 For more details about the security issues, including the impact, a CVSS score,...

Fedora: Security Advisory for mingw-gcc (FEDORA-2022-c9a1fd5370)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for pypy3.8 (FEDORA-2022-20116fb6aa)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 37 Update: pypy3.9-7.3.9-4.3.9.fc37

PyPy's implementation of Python 3.9, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

[SECURITY] Fedora 36 Update: mingw-gcc-11.2.1-6.fc36

MinGW Windows cross-compiler GCC for C...

Deserialization Of Untrusted Data

org.drools:drools-compiler is vulnerable to deserialization of untrusted data. The vulnerability exists due to lack of serialization in multiple functions in CompositeKnowledgeBuilderImpl.java and KnowledgeBuilderImpl.java which allows an attacker to execute arbitrary malicious code on the system...