This Week in Security News: 5G Security and Tax Scams

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about cybersecurity and data concerns in 5G. Also, learn about cybercriminal threats during tax season. Read on: Securing Enterprises...

April 9, 2019—KB4493464 (OS Build 17134.706)

April 9, 2019—KB4493464 OS Build 17134.706 Reminder: March 12th and April 9th will be the last two Delta updates for Windows 10, version 1803. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please...

April 9, 2019—KB4493448 (Security-only update)

April 9, 2019—KB4493448 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against Spectre Variant 2 CVE-2017-5715 and Meltdown CVE-2017-5754 for VIA-based computers. These protections are enabled by default fo...

April 9, 2019—KB4493467 (Security-only update)

April 9, 2019—KB4493467 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against Spectre Variant 2 CVE-2017-5715 and Meltdown CVE-2017-5754 for VIA-based computers. These protections are enabled by default fo...

SUSE SLES11 Security Update : various KMPs (SUSE-SU-2019:13999-1) (Spectre)

This update rebuilds missing kernel modules KMP to use 'retpolines' mitigations for Spectre Variant 2 CVE-2017-5715. Rebuilt KMP packages : cluster-network drbd gfs2 iscsitarget ocfs2 ofed oracleasm Note that Tenable Network Security has extracted the preceding description block directly from the...

SUSE-SU-2019:13999-1 Security update for various KMPs

This update rebuilds missing kernel modules KMP to use 'retpolines' mitigations for Spectre Variant 2 CVE-2017-5715. Rebuilt KMP packages: - cluster-network - drbd - gfs2 - iscsitarget - ocfs2 - ofed - oracleasm...

[SECURITY] [DLA 1731-1] linux security update

Package : linux Version : 3.16.64-1 CVE ID : CVE-2016-10741 CVE-2017-5753 CVE-2017-13305 CVE-2018-3639 CVE-2018-5848 CVE-2018-5953 CVE-2018-12896 CVE-2018-13053 CVE-2018-16862 CVE-2018-16884 CVE-2018-17972 CVE-2018-18281 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169...

CVE-2018-16563

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.35, Firmware variant MODBUS TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet module All versions, Firmware variant IEC104 for EN100 Ethernet module A...

Design/Logic Flaw

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.35, Firmware variant MODBUS TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet module All versions, Firmware variant IEC104 for EN100 Ethernet module A...

CVE-2018-16563

Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays are affected by CVE-2018-16563 due to improper input validation. Specially crafted packets sent to TCP port 102 can cause a denial-of-service, requiring a manual restart to restore EN100 module functionality. Exploitation requires ...

Mirai Variant Adds Dozen New Exploits to Target Enterprise IoT Devices

Security researchers have uncovered a new variant of the infamous Mirai Internet of Things botnet, this time targeting embedded devices intended for use within business environments in an attempt to gain control over larger bandwidth to carry out devastating DDoS attacks. Although the original...

Mirai Variant Adds Dozen New Exploits to Target Enterprise IoT Devices

Security researchers have uncovered a new variant of the infamous Mirai Internet of Things botnet, this time targeting embedded devices intended for use within business environments in an attempt to gain control over larger bandwidth to carry out devastating DDoS attacks. Although the original...

Mirai Variant Goes After Enterprise Systems

Researchers have discovered a new variant of the infamous Mirai IoT botnet, which has been sniffing out and targeting vulnerabilities in enterprise wireless presentation and display systems since January. Palo Alto Network’s Unit 42 researchers said that the newest variant of Mirai is notably...

Debian DLA-1715-1 : linux-4.9 security update (Spectre)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-18249 A race condition was discovered in the disk space allocator of F2FS. A user with access to an F2FS volume could use this to cause a deni...

Debian: Security Advisory (DLA-1715-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Trickbot Malware Goes After Remote Desktop Credentials

The banking trojan known as Trickbot has resurfaced, with an updated info-stealing module that allows it to harvest remote desktop application credentials. According to Trend Micro’s Noel Anthony Llimos and Carl Maverick Pascual, a new variant has recently come on the scene, and is being spread v...

Security Bulletin: IBM Security Guardium is affected by a Foreshadow Spectre Variant vulnerability

Summary IBM Security Guardium has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2018-3646 DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4531)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4531 advisory. - x86/bugs: Fix the AMD SSBD usage of the SPECCTRL MSR Tom Lendacky Orabug: 28870524 CVE-2018-3639 - x86/bugs: Add AMD's SPECCTRL MSR usage Konrad...

Analyzing a new stealer written in Golang

Golang Go is a relatively new programming language, and it is not common to find malware written in it. However, new variants written in Go are slowly emerging, presenting a challenge to malware analysts. Applications written in this language are bulky and look much different under a debugger fro...

Security Bulletin: Multiple Foreshadow Spectre Variant vulnerabilities affect IBM OS Image for Red Hat Linux Systems in IBM PureApplication System (CVE-2018-3615 CVE-2018-3620 CVE-2018-3646)

Summary There are multiple vulnerabilities that affect the IBM OS Image for Red Hat Linux Systems in IBM PureApplication System. IBM has released Version 2.2.5.3 for IBM PureApplication System, in response to CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646. The products that are identified for th...