CVE-2020-29483

CVE-2020-29483 — Xen 4.14.x (Xenstore/Xenstored issue) Affected component: Xenstore/Xenstored communication (guest–host via shared memory page). Root cause: If a guest violates the Xenstore protocol, xenstored drops the connection by removing the guest from its internal database and sending an @r...

SUSE SLED15 / SLES15 Security Update : gcc10, nvptx-tools (SUSE-SU-2020:2947-1)

This update for gcc10, nvptx-tools fixes the following issues : This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgccs1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with '-10' suffix, you can...

MacOS Users Targeted By OceanLotus Backdoor

A macOS backdoor variant has been uncovered that relies of multi-stage payloads and various updated anti-detection techniques. Researchers linked it to the OceanLotus advanced persistent threat APT group. The Vietnam-backed OceanLotus also known as APT 32 has been around since at least 2013, and...

CVE

This is a collection of HTML files from a blog about reverse engineering and security. The files are dated from August 2019 to September 2019 and appear to be written in Chinese. The content includes various topics such as: Creating and finding SEH Structured Exception Handler in Windows Input...

TA416 APT Rebounds With New PlugX Malware Variant

The TA416 advanced persistent threat APT actor is back with a vengeance: After a month of inactivity, the group was spotted launching spear-phishing attacks with a never-before-seen Golang variant of its PlugX malware loader. TA416, which is also known as “Mustang Panda” and “RedDelta,” was spott...

Fake COVID-19 test result email drops King Engine ransomware

By Deeba Ahmed “King Engine” ransomware is a variant of Hentai OniChan ransomware which, after infecting a system, asking for a ridiculous 50 BTC as ransom. This is a post from HackRead.com Read the original post: Fake COVID-19 test result email drops King Engine ransomware...

CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT

The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense Cyber National Mission Force CNMF have identified a malware variant—referred to as ComRAT—used by the Russian-sponsored advanced persistent threat APT actor Turla. In...

TrickBot Linux Variants Active in the Wild Despite Recent Takedown

Efforts to disrupt TrickBot may have shut down most of its critical infrastructure, but the operators behind the notorious malware aren't sitting idle. According to new findings shared by cybersecurity firm Netscout, TrickBot's authors have moved portions of their code to Linux in an attempt to...

Attacker builds malware variant with leaked Mirai source code

By Sudais Asif The source code of Mirai was leaked in September 2016, on the hacking community Hackforums. This is a post from HackRead.com Read the original post: Attacker builds malware variant with leaked Mirai source code...

Out of bounds access in tensorflow-lite

Impact In TensorFlow Lite models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor:...

Segmentation fault in tensorflow-lite

Impact If a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. Patches We have patched the issue in d58c96946b and will release patch releases for all versions between 1.1...

Null pointer dereference in tensorflow-lite

Impact A crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one. The runtime assumes that these buffers are written to before a...

Segfault in Tensorflow

Impact The RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the following code sets up conditions to...

Heap buffer overflow in Tensorflow

Impact The SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed in parallel:...

Magecart’s Success Paves Way For Cybercriminal Credit Card 'Sniffer' Market

The Magecart threat group has dominated headlines for its use of malicious JavaScript code, which is injected into e-commerce websites to exfiltrate customer payment card data. But new research points to a growing industry on underground forums where so-called “sniffers” are being advertised, sol...

North Korean Malicious Cyber Activity

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have identified a malware variant—referred to as BLINDINGCAN—used by North Korean actors. CISA encourages users and administrators to review Malware Analysis Report MAR-10295134-1.v1 and CISA’s...

OSV-2020-1613 Segv on unknown address in std::__1::deque<std::__1::deque<boost::variant<libetonyek::MoveTo, libetonyek::L

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24858 Crash type: Segv on unknown address Crash state: std::1::dequestd::1::dequeboost::variantlibetonyek::MoveTo, libetonyek::L libetonyek::IWORKPath::appendCCurveTo libetonyek::IWAParser::parsePath...

Missing Linux Kernel mitigations for 'Spectre variant 1' hardware vulnerabilities

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Missing Linux Kernel mitigations for 'Spectre variant 2' hardware vulnerabilities

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack

A new research has identified four new variants of HTTP request smuggling attacks that work against various commercial off-the-shelf web servers and HTTP proxy servers. Amit Klein, VP of Security Research at SafeBreach who presented the findings today at the Black Hat security conference, said th...