Debian: Security Advisory (DSA-4944-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-36222

ecverify in kdc/kdcpreauthec.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation...

UBUNTU-CVE-2021-36222

ecverify in kdc/kdcpreauthec.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation...

When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure

Note: In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covers the evolution of the threat, how it spreads, and how it impacts organizations. Part 2 is a deep dive on the attacker behavi...

Debian: Security Advisory (DSA-4941-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Remcos RAT delivered via Visual Basic

This blog post was authored by Erika Noerenberg Introduction Over the past months, Malwarebytes researchers have been tracking a unique malspam campaign delivering the Remcos remote access trojan RAT via financially-themed emails. Remcos is often delivered via malicious documents or archive files...

Microsoft Windows Server Information Disclosure Vulnerability (CNVD-2021-54418)

Windows Server is the brand name of a series of server operating systems released by Microsoft, including all Windows operating systems released under the brand name "Windows Server". An information disclosure vulnerability exists in the "Key Distribution Center" in Microsoft Windows Server. No...

CVE-2021-33764

Windows Key Distribution Center Information Disclosure Vulnerability...

CVE-2021-33764

Windows Key Distribution Center Information Disclosure Vulnerability...

Information disclosure

Windows Key Distribution Center Information Disclosure Vulnerability...

CVE-2021-33764

CVE-2021-33764 is a Windows Kerberos KDC information-disclosure issue affecting domain controllers. Public details describe a RFC 4556 (section 3.2.1) noncompliance that can impact PIV/smart-card scenarios. Microsoft’s out-of-band updates note a temporary mitigation using a registry key and advis...

Windows Key Distribution Center Information Disclosure Vulnerability

...

Microsoft Windows Key Distribution Center 信息泄露漏洞

Windows Server is the brand name of a series of server operating systems released by Microsoft, including all Windows operating systems released under the brand name "Windows Server". An information disclosure vulnerability exists in the "Key Distribution Center" in Microsoft Windows Server. No...

PT-2021-4837 · Microsoft · Windows Key Distribution Center +1

Name of the Vulnerable Software and Affected Versions: Windows Key Distribution Center KDC affected versions not specified Description: The issue is related to information disclosure in the Kerberos Key Distribution Center KDC service of Microsoft Windows operating systems. It allows a remote...

KLA12221 Multiple vulnerabillities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges, bypass security restrictions, obtain sensitive information, spoof user interface. Below is a complete list of...

[SECURITY] Fedora 33 Update: djvulibre-3.5.27-28.fc33

DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...

Fedora: Security Advisory for djvulibre (FEDORA-2021-7514c11a37)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2021-2154)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as...

New Mirai-Inspired Botnet Could Be Using Your KGUARD DVRs in Cyber Attacks

Cybersecurity researchers on Thursday revealed details about a new Mirai-inspired botnet called "miraiptea" that leverages an undisclosed vulnerability in digital video recorders DVR provided by KGUARD to propagate and carry out distributed denial-of-service DDoS attacks. Chinese security firm...

Weak Password Vulnerability in MX-M316N of Sharp Trading (China) Co.

Sharp Trading China Co., Ltd. is a foreign enterprise that distributes and wholesales household appliances, LCD TVs, air conditioners, cell phones, printers and other products. A weak password vulnerability exists in Sharp Trading China Co. MX-M316N, which can be exploited by attackers to obtain...