Schneider Electric Easergy T300 安全漏洞

Easergy T300 is a new generation of intelligent terminals for distribution network automation, adhering to the design concepts of "modularity, flexibility, and application orientation", which can be widely used in medium-voltage distribution network management, fault location, isolation, and...

UBUNTU-CVE-2020-1971

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...

CVE-2020-1971

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...

Vulnerability in OpenSSL - EDIPARTYNAME NULL pointer de-reference

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...

The chronicles of Emotet

More than six years have passed since the banking Trojan Emotet was first detected. During this time it has repeatedly mutated, changed direction, acquired partners, picked up modules, and generally been the cause of high-profile incidents and multimillion-dollar losses. The malware is still in...

Hackers Targeting Companies Involved in Covid-19 Vaccine Distribution

A global spear-phishing campaign has been targeting organizations associated with the distribution of COVID-19 vaccines since September 2020, according to new research. Attributing the operation to a nation-state actor, IBM Security X-Force researchers said the attacks took aim at the vaccine col...

Hackers Targeting Companies Involved in Covid-19 Vaccine Distribution

A global spear-phishing campaign has been targeting organizations associated with the distribution of COVID-19 vaccines since September 2020, according to new research. Attributing the operation to a nation-state actor, IBM Security X-Force researchers said the attacks took aim at the vaccine col...

Fedora: Security Advisory for php-pear (FEDORA-2020-5271a896ff)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Hackers Are Targeting the Covid-19 Vaccine ‘Cold Chain’

As vaccines await US approval, a sophisticated global phishing campaign has tried to harvest credentials from companies involved in their distribution...

[SECURITY] Fedora 33 Update: php-pear-1.10.12-4.fc33

PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...

[SECURITY] Fedora 32 Update: php-pear-1.10.12-4.fc32

PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...

Multiple Schneider Electric Product Security Feature Issue Vulnerabilities

Schneider Electric Acti9 Smartlink SI D is a smart interface unit that realizes data communication between Acti9 electrical devices and Modbus devices. Schneider Electric Acti9 Smartlink SI D is an intelligent interface unit that enables data communication between Acti9 electrical devices and...

firefox security update

78.5.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.5.0-1 - Update to 78.5.0 build1...

Zeroshell command injection vulnerability

Zeroshell is a small open source Linux distribution for servers and embedded systems designed to provide web services. a command injection vulnerability exists in the /cgi-bin/kerbynet StartSessionSubmit parameter in Zeroshell 3.9.3. An attacker could execute system commands via shell...

Debian: Security Advisory (DSA-4798-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4796-1 : thunderbird - security update

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4796. The text itself is...

Evolution of Emotet: From Banking Trojan to Malware Distributor

Emotet is one of the most dangerous and widespread malware threats active today. Ever since its discovery in 2014—when Emotet was a standard credential stealer and banking Trojan, the malware has evolved into a modular, polymorphic platform for distributing other kinds of computer viruses. Being...

Kerberos KDC の脆弱性 (CVE-2020-17049) に対応するためのガイダンス

マイクロソフトは、2020 年 11 月 10 日 米国時間 に、Kerberos KDC Key Distribution Center に対する脆弱性情報 CVE-2020-17049 を公...

Debian DSA-4790-1 : thunderbird - security update

A use-after-free was found in Thunderbird, which could potentially result in the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4790. The text itself is...

NICER Protocol Deep Dive: Internet Exposure of MySQL

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...