Figure 1. Code snippet showing the function eisl_apply_function() that is used to call the new updates in the main code.
2020年7月19日 星期日
TrendLabs: Updates on ThiefQuest, the Quickly-Evolving macOS Malware
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/updates-on-thiefquest-the-quickly-evolving-macos-malware/
Updated Debian 9: 9.13 released
---------- Forwarded message ---------
From: Laura Arjona Reina <larjona@debian.org>
Date: Jul 19, 2020 3:41AM
------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 9: 9.13 released press@debian.org
July 18th, 2020 https://www.debian.org/News/2020/20200718
------------------------------------------------------------------------
The Debian project is pleased to announce the thirteenth (and final)
update of its oldstable distribution Debian 9 (codename "stretch"). This
point release mainly adds corrections for security issues, along with a
few adjustments for serious problems. Security advisories have already
been published separately and are referenced where available.
After this point release, Debian's Security and Release Teams will no
longer be producing updates for Debian 9. Users wishing to continue to
receive security support should upgrade to Debian 10, or see
https://wiki.debian.org/LTS for details about the subset of
architectures and packages covered by the Long Term Support project.
Please note that the point release does not constitute a new version of
Debian 9 but only updates some of the packages included. There is no
need to throw away old "stretch" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.
Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.
New installation images will be available soon at the regular locations.
Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:
https://www.debian.org/mirror/list
LM: Kubuntu 20.04 LTS "Focal Fossa" (64-bit)
REF: https://www.linux-magazine.com/Issues/2020/237/This-Month-s-DVD
2020年7月16日 星期四
TrendLabs: Patch Tuesday: Fixes for ‘Wormable’ Windows DNS Server RCE, SharePoint Flaws
The patches address 18 vulnerabilities rated Critical and 105 that were rated Important in severity. A total of eight CVEs were disclosed through Trend Micro’s Zero Day Initiative (ZDI) program.
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/patch-tuesday-fixes-for-wormable-windows-dns-server-rce-sharepoint-flaws/
2020年7月15日 星期三
Plexamp: A Plex Pass Exclusive
TrendLabs: Patch Tuesday: Fixes for LNK, SMB, and SharePoint Bugs
This month’s Patch Tuesday had the highest number of entries so far in 2020 — a whopping 129, a continuation of the trend seen from the previous months. The update includes fixes for LNK, SMB, SharePoint, and Win32k vulnerabilities.
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/patch-tuesday-fixes-for-lnk-smb-and-sharepoint-bugs/
Attention NDI® Fans & Mac Users!
|
TrendLabs: New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa
Proxmox Backup Server (beta)
Proxmox Backup Server is an enterprise client-server backup software that safely backups VMs, containers, and physical hosts. It is specially optimized for the Proxmox VE platform and efficiently protects and replicates your business-critical data.
Like all of our other Proxmox solutions, the Proxmox Backup Server is fast to install and is centrally managed. With the intuitive, web-based user interface and a command line you can easily administrate all your backup and restore jobs.
Key Features
- Easy to setup and use client/server backup software
- Seamless integration into Proxmox VE
- Incremental backups
- Data deduplication
- Compression
- Authenticated encryption
- Remote Sync
- Software stack written in Rust providing high speed and memory efficiency
- License: GNU AGPL, v3
TrendLabs: New Tekya Ad Fraud Found on Google Play
MagicSoft Recorder 3.1 release
- faster network scanning for detecting NDI streams
- better buffering when capturing 4K 8 bit at rates of 50, 59.94 and 60 fps
- fixes issues for time-code and 4K ProRes recording
- additional options for naming the files (pruning separators when entities are empty)
- fixes field order when up-converting from NTSC to HD 1080 / 59.94i
REF: https://www.magicsoft.tv
TrendLabs: New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/new-mirai-variant-expands-arsenal-exploits-cve-2020-10173/
MagicSoft Playout ver 7.6
MagicSoft Recorder ver 7.6 was released having a new streaming engine.
The supported resolutions are :
SD / HD 720p / HD1080i / HD 1080p / 4K ( from 23.98 to 60 fps )
The supported streaming protocols :
- RTMP ( YouTube /Wowza /Dacast etc )
- RTMPS ( ex : FaceBook )
- UDP ( unicast and multicast using H264 with AAC, AC3 or MP2)
There is also support for CPU or nVidia acceleration.
REF: https://www.magicsoft.tv/news.html
2020年7月6日 星期一
TrendLabs: Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers
Figure 5. Malicious files dropped
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/backdoor-devil-shadow-botnet-hidden-in-fake-zoom-installers/
[USN-4410-1] Net-SNMP vulnerability
---------- Forwarded message ---------
From: Paulo Flabiano Smorigo <pfsmorigo@canonical.com>
Date: Jul 3, 2020 7:00AM
A double-free bug was discovered in snmpd server. An authenticated user could
potentially cause a DoS by sending a crafted request to the server.
(CVE-2019-20892)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
libsnmp-base 5.8+dfsg-2ubuntu2.1
libsnmp-perl 5.8+dfsg-2ubuntu2.1
libsnmp35 5.8+dfsg-2ubuntu2.1
snmpd 5.8+dfsg-2ubuntu2.1
After a standard system update you need to restart snmpd to make
all the necessary changes.
References:
https://usn.ubuntu.com/4410-1
CVE-2019-20892
TrendLabs: Barcode Reader Apps on Google Play Found Using New Ad Fraud Technique
Figure 1. Malicious code disguised using Facebook’s name
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/barcode-reader-apps-on-google-play-found-using-new-ad-fraud-technique/
[USN-4409-1] Samba vulnerabilities
---------- Forwarded message ---------
From: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Date: Jul 2, 2020 11:14PM
Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries.
A remote attacker could use this issue to cause Samba to crash, resulting
in a denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10730)
Douglas Bagnall discovered that Samba incorrectly handled certain queries.
A remote attacker could possibly use this issue to cause a denial of service.
(CVE-2020-10745)
Andrei Popa discovered that Samba incorrectly handled certain LDAP queries.
A remote attacker could use this issue to cause Samba to crash, resulting
in a denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS.
(CVE-2020-10760)
References:
https://usn.ubuntu.com/4409-1
CVE-2020-10730, CVE-2020-10745, CVE-2020-10760
2020年7月1日 星期三
Cloudflare During the Coronavirus Emergency
---------- Forwarded message ---------
From: Matthew Prince
Date: Mar 13, 2020 8:13AM
We know that organizations and individuals around the world depend on Cloudflare and our network. I wanted to send you a personal note to let you know how Cloudflare is dealing with the Coronavirus emergency.
First, the health and safety of our employees and customers is our top priority. We have implemented a number of sensible policies to this end, including encouraging many employees to work from home. This, however, hasn't slowed our operations. Our network operations center (NOC), security operations center (SOC), and customer support teams will remain fully operational and can do their jobs entirely remote as needed.
...
From: Matthew Prince
Date: Mar 13, 2020 8:13AM
We know that organizations and individuals around the world depend on Cloudflare and our network. I wanted to send you a personal note to let you know how Cloudflare is dealing with the Coronavirus emergency.
First, the health and safety of our employees and customers is our top priority. We have implemented a number of sensible policies to this end, including encouraging many employees to work from home. This, however, hasn't slowed our operations. Our network operations center (NOC), security operations center (SOC), and customer support teams will remain fully operational and can do their jobs entirely remote as needed.
...
TrendLas: Netwalker Fileless Ransomware Injected via Reflective Loading
Figure 1. Overview of the PowerShell script’s behavior
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/netwalker-fileless-ransomware-injected-via-reflective-loading/
Plex: Snap, Crackle, Watch
Not sure where to start? No problem. Check out our latest blog The Watch List for guidance on your quest for movie knowledge from our resident expert. |
TrendLabs: April Patch Tuesday: Fixes for Font-Related, Microsoft SharePoint, Windows Components Vulnerabilities
Microsoft fixed 113 vulnerabilities in this month’s Patch Tuesday, just two shy of last month’s 115. This continues the streak of longer-than-usual list of patches that began in January. In fact, compared to the same period in 2019, Microsoft fixed 44% more vulnerabilities between January to April of this year.
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/april-patch-tuesday-fixes-for-font-related-microsoft-sharepoint-windows-components-vulnerabilities/
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/april-patch-tuesday-fixes-for-font-related-microsoft-sharepoint-windows-components-vulnerabilities/
訂閱:
文章 (Atom)