125 matches found
Threat Source newsletter (Oct. 15, 2020)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. In our latest entry into our election security series, we’re turning our attention to the professionals who are responsible for securing our elections. After months of research, we’ve compiled a series of recommendations for local,...
Threat Source newsletter for Oct. 8, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We’ve been writing and talking about election security a ton lately. And as the U.S. presidential election draws closer, we decided it was time to summarize some things. So, we released this blog post with our formal recommendatio...
zeek -- Vulnerability due to memory leak
Jon Siwek of Corelight reports: This release fixes the following security issue: A memory leak in multipart MIME code has potential for remote exploitation and cause for Denial of Service via resource exhaustion...
Threat Source newsletter for June 25, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We recently decided to replace our use of the terms "blacklist" and "whitelist" with "block list" and "allow list.” Even though these terms are commonly in use in the security industry, we will not go along with casually assigning...
Threat Source newsletter for May 28, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We need to start things off by wishing a Happy Birthday to Beers with Talos! The first episode was released on May 12, 2017. To celebrat...
kernel security and bug fix update
4.18.0-193.1.22.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-193.1.22 - net netlabel: cope with NULL catmap Paolo Abeni 1827249...
Threat Source newsletter for May 7, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. With all of us working from home, Beers with Talos episodes are coming out faster than ever. This week, we have an actual episode with...
Threat Source newsletter for April 16, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. It’s what — week 5 of this quarantine in the U.S.? Week 6? We’ve lost count. And so did the Beers with Talos guys. But lucky for you, th...
Vulnerability Spotlight: Information disclosure vulnerability in Microsoft Media Foundation
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation contains an information disclosure vulnerability that could allow an attacker to eventually remotely execute code on the victim machine. Media Foundation is a COM-based multimedia...
Threat Source newsletter (April 2, 2020)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. As long as COVID-19 is in the headlines which is going to be a long time actors are going to try and capitalize. We fully expect to see ...
CVE-2020-10948
Jon Hedley AlienForm2 typically installed as af.cgi or alienform.cgi 2.0.2 is vulnerable to Remote Command Execution via eval injection, a different issue than CVE-2002-0934. An unauthenticated, remote attacker can exploit this via a series of crafted requests...
Design/Logic Flaw
Jon Hedley AlienForm2 typically installed as af.cgi or alienform.cgi 2.0.2 is vulnerable to Remote Command Execution via eval injection, a different issue than CVE-2002-0934. An unauthenticated, remote attacker can exploit this via a series of crafted requests...
CVE-2020-10948
The CVE-2020-10948 entry concerns Jon Hedley’s AlienForm2 (AlienForm CGI, typically af.cgi or alienform.cgi) v2.0.2, which is vulnerable to Remote Command Execution via eval injection. The vulnerability is unauthenticated and exploitable by remote attackers through crafted requests; this is descr...
Threat Source newsletter (March 12, 2020)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Obviously, COVID-19 is dominating headlines everywhere, and for good reason. We hope everyone out there is staying safe and healthy and...
Threat Source newsletter (March 5, 2020)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Sure, all anyone wants to talk about is coronavirus. But what about cyber security? We’ve still got cool stuff, like this huge write-up ...
Threat Source newsletter (Feb. 27, 2020)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We know we’ve kept you waiting for a while, but the new Snort Resources page is finally here. We’ve got new and improved documentation,...
Threat Source newsletter (Jan. 9, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We’re back after a long break for the holidays. And 2020 is already off to a fast start as tensions continue to rise in the Middle East...
CVE-2008-5083
In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON...
CVE-2008-5083
CVE-2008-5083 affects Red Hat JBoss ON (JBoss ON) 2.1.x prior to 2.1.2 SP1. The issue allows an authenticated user to obtain unauthorized security information about private resources managed by JBoss ON, due to an information disclosure vulnerability in the product’s access controls. The provided...
CVE-2008-5083
In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON...