CVE-2018-3650

Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector...

Input validation

Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector...

CVE-2018-3650

Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector...

CVE-2018-3650

CVE-2018-3650 affects Intel® Distribution for Python (IDP) Bleach module in IDP 2018 Update 2 and earlier. The issue arises from insufficient input validation in Bleach, allowing an unprivileged user to bypass URI sanitization via a local vector, potentially leading to a Denial of Service. Intel’...

Debian: Security Advisory (DSA-4260-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SafeText - Script To Remove Homoglyphs And Zero-Width Characters To Allow For Safe Distribution Of Documents From Anonymous Sources

Tool to sanitize text to allow for safe distribution of documents from anonymous sources by removing zero-width characters and homoglpyhs. Individuals attempting to leak an email or other text file face the risk of identification through fingerprinting. Fingerprinting often occurs when the origin...

Highly Sophisticated Parasite RAT Emerges on the Dark Web

Researchers are tracking a remote access trojan RAT on underground markets that, so far, has only been attributed to one small malicious email campaign. However, the RAT, dubbed Parasite HTTP by the Proofpoint researchers that discovered it, has an impressive list of sophisticated features –...

Emotet Malware Evolves Beyond Banking to Threat Delivery Service

The Emotet trojan has been popping up in the news for years: From widespread malspam infections of banking German targets in 2014, all the way up to the costly infection of a New Hampshire town’s computer network in July. And while the tricky Emotet malware first emerged targeting banking...

Calisto Trojan for macOS

An interesting aspect of studying a particular piece of malware is tracing its evolution and observing how the creators gradually add new monetization or entrenchment techniques. Also of interest are developmental prototypes that have had limited distribution or not even occurred in the wild. We...

The return of Fantomas, or how we deciphered Cryakl

In early February this year, Belgian police seized the C&C servers of the infamous Cryakl cryptor. Soon afterwards, they handed over the private keys to our experts, who used them to update the free RakhniDecryptor tool for recovering files encrypted by the malware. The ransomware, which for year...

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Default Credentials

Summary The new IPn4Gb provides a rugged, industrial strength wireless solution using the new and ultra fast 4G LTE cellular network infrastructure. The IPn4Gb features integrated Firewall, IPSec / VPN & GRE Tunneling, IP/MAC Access Control Lists. The IPn4Gb can transport critical data to and fro...

Debian: Security Advisory (DSA-4246-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-6559

Improper bounds checking of the obuf variable in the linkntoa function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications. According to analysis by...

[SECURITY] Fedora 28 Update: jetty-9.4.11-2.v20180605.fc28

Jetty is a 100% Java HTTP Server and Servlet Container. This means that you do not need to configure and run a separate web server like Apache in ord er to use Java, servlets and JSPs to generate dynamic content. Jetty is a fully featured web server for static and dynamic content. Unlike separate...

Debian: Security Advisory (DSA-4244-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Threat Outbreak Alert RuleID33141: Email Messages Distributing Malicious Software on July 10, 2018

Medium Alert ID: 58408 First Published: 2018 July 10 14:50 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33141 may contain the following files: Name | Siz...

Insufficient Input Validation in Bleach module in Intel® Distribution for Python (IDP) version IDP 2018 Update 2 potentially allows an unprivileged user to bypass URI sanitization and cause a Denial of Service via local vector

Summary: Insufficient Input Validation in Bleach module in Intel® Distribution for Python IDP version IDP 2018 Update 2 potentially allows an unprivileged user to bypass URI sanitization and cause a Denial of Service via local vector. Description: A vulnerable version of the Mozilla Bleach librar...

Threat Outbreak Alert RuleID33122: Email Messages Distributing Malicious Software on July 5, 2018

Medium Alert ID: 58376 First Published: 2018 July 5 16:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33122 may contain the following files: Name | Size...

Threat Outbreak Alert RuleID33103: Email Messages Distributing Malicious Software on July 4, 2018

Medium Alert ID: 58356 First Published: 2018 July 5 15:43 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33103 may contain the following files: Name | Size...

Threat Outbreak Alert RuleID33088: Email Messages Distributing Malicious Software on July 4, 2018

Medium Alert ID: 58361 First Published: 2018 July 5 15:43 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33088 may contain the following files: Name | Size...