Race condition

A vulnerability has been found in the implementation of the Label Distribution Protocol LDP protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service DoS attack on route updates and in turn...

Building the Azure IoT Edge Security Daemon in Rust

Azure IoT Edge is an open source, cross platform software project from the Azure IoT team at Microsoft that seeks to solve the problem of managing distribution of compute to the edge of your on-premise network from the cloud. This post explains some of the rationale behind our choice of Rust as t...

[SECURITY] [DSA 4534-1] golang-1.11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4534-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 27, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4532-1] spip security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4532-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 25, 2019 https://www.debian.org/security/faq -...

Threat landscape for smart buildings

The Kaspersky Industrial Cybersecurity Conference 2019 takes place this week in Sochi, the seventh such conference dedicated to the problems of industrial cybersecurity. Among other things, the conference will address the security of automation systems in buildings — industrial versions of the no...

[SECURITY] Fedora 29 Update: python34-3.4.10-3.fc29

Python 3.4 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.4, see other distributions that support it, such as CentOS or RHEL with Software...

PsiXBot Adds PornModule, Google DNS Service to Its Arsenal

The PsiXBot malware has made a few changes in recent weeks, including implementing Google’s DNS over HTTPS DoH and adding the blackmail-ready “PornModule” to its bag of tricks. PsiXBot is a multi-use Windows malware that has a range of capabilities, including keylogging, stealing passwords and...

krb5: Reachable assertion in the KDC using S4U2Self requests

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...

Moderate: Red Hat Bug Fix Advisory: krb5 bug fix update

Updated krb5 packages that fix one bug are now available for Red Hat Enterprise Linux 7. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients an...

[SECURITY] [DSA 4512-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4512-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 02, 2019 https://www.debian.org/security/faq -...

Input validation

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service DoS condition on an affected system. The vulnerability is due to insufficient validation of TCP packets...

RAT Ratatouille: Backdooring PCs with leaked RATs

By Edmund Brumaghin and Holger Unterbrink. Executive summary Orcus RAT and RevengeRAT are two of the most popular remote access trojans RATs in use across the threat landscape. Since its emergence in 2016, various adversaries used RevengeRAT to attack organizations and individuals around the worl...

[SECURITY] [DSA 4508-1] h2o security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4508-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 24, 2019 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4503-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4502-1 : ffmpeg - security update

Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

CVE-2019-15224

The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions =1.6.14 are unaffected...

CVE-2019-15135

The handshake protocol in Object Management Group OMG DDS Security 1.1 sends cleartext information about all of the capabilities of a participant including capabilities inapplicable to the current session, which makes it easier for attackers to discover potentially sensitive reachability...

CVE-2019-15137

The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings instead of the permission expressions themselves, which can lead to unintended connections between participants in a Data Distribution Service DDS network...

CVE-2019-15135

The handshake protocol in Object Management Group OMG DDS Security 1.1 sends cleartext information about all of the capabilities of a participant including capabilities inapplicable to the current session, which makes it easier for attackers to discover potentially sensitive reachability...

CVE-2019-15137

The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings instead of the permission expressions themselves, which can lead to unintended connections between participants in a Data Distribution Service DDS network...