Новости - Выпуск 6

Шестой подкаст освещает новости 16-22 декабря 2019 года:

1. Binary planting and arbitrary file (over)write vulnerabilities in npm, pnpm and yarn [1] [2]

2. BreakingApp – WhatsApp Crash & Data Loss Bug [3] [4]

3. Lazarus pivots to Linux attacks through Dacls Trojan [5] [6]

4. Microsoft SharePoint Server Information Disclosure Vulnerability [7] [8]

5. Privilege Escalation Flaws Found in Preinstalled Acer, ASUS Software [9] [10]

6. TP-Link Router Bug Lets Attackers Login Without Passwords [11] [12]

7. Vulnerability in Citrix Application Delivery Controller and Citrix Gateway [13] [14]

[1] - https://blog.daniel-ruf.de/critical-design-flaw-npm-pnpm-yarn/

[2] - https://xakep.ru/2019/12/16/npm-bug-2/

[3] - https://xakep.ru/2019/12/18/whatsapp-bug/

[4] - https://research.checkpoint.com/2019/breakingapp-whatsapp-crash-data-loss-bug/

[5] - https://www.zdnet.com/article/lazarus-pivots-to-linux-attacks-through-dacls-trojan/

[6] - https://threatpost.ru/lazarus-arms-up-with-dacls-trojan/35055/

[7] - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1491

[8] - https://threatpost.ru/microsoft-issues-out-of-band-update-sharepoint-bug/35059/

[9] - https://threatpost.ru/asus-acer-fix-dangerous-vulns/35062/

[10] - https://www.securityweek.com/privilege-escalation-flaws-found-preinstalled-acer-asus-software

[11] - https://www.securitylab.ru/news/503474.php

[12] - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7405

[13] - https://support.citrix.com/article/CTX267027

[14] - https://www.anti-malware.ru/news/2019-12-19-1447/31599

Канал в телеграме: tgclick.ru/voiceofsecurity/609

Новости - Выпуск 5

Пятый подкаст освещает новости 9-15 декабря 2019 года:

1. Microsoft December 2019 Security Updates [1][2][3]

2. Adobe выпустила обновления для Adobe Acrobat и Reader, Photoshop CC, ColdFusion и Brackets [4][5]

3. IPAS: SECURITY ADVISORIES FOR DECEMBER 2019 [6]

4. Уязвимость в iOS позволяет удаленно блокировать iPhone [7][8]

5. Critical Bug in WordPress Plugins Open Sites to Hacker Takeovers [9]

6. Lazarus APT Collaborates with Trickbot’s Anchor Project [10][11]

[1] - https://www.securitylab.ru/news/503314.php

[2] - https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec

[3] - https://threatpost.ru/microsoft-actively-exploited-zero-day-bug/35004/

[4] - https://www.securitylab.ru/news/503340.php

[5] - https://blogs.adobe.com/psirt/?p=1813

[6] - https://blogs.intel.com/technology/2019/12/ipas-security-advisories-for-december-2019/

[7] - https://www.securitylab.ru/news/503337.php

[8] - https://kishanbagaria.com/airdos/

[9] - https://threatpost.com/critical-bug-in-wordpress-plugins-open-sites-to-hacker-takeovers/151123/

[10] - https://threatpost.com/lazarus-collaborates-trickbots-anchor-project/151000/

[11] - https://xakep.ru/2019/12/12/trickbot-anchor/

Канал в телеграме: tgclick.ru/voiceofsecurity/609

Новости - Выпуск 4

Четвертый подкаст освещает новости 2-8 декабря 2019 года:

1. OpenBSD Multiple Authentication Vulnerabilitie [1] [2]

2. New vulnerability lets attackers sniff or hijack VPN connections [3][4]

3. The StrandHogg vulnerability [5][6]

4. Vulnerability Spotlight: Two vulnerabilities in EmbedThis GoAhead [7][8]

5. PCI Contactless Payments on COTS [9][10]

6. New Destructive Wiper “ZeroCleare” Targets Energy Sector in the Middle East [11][12][13]

7. Группировка Lazarus обзавелась собственным бесфайловым вредоносом [14] [15]

[1] - https://blog.qualys.com/laws-of-vulnerabilities/2019/12/04/openbsd-multiple-authentication-vulnerabilities

[2] - https://www.securitylab.ru/news/503146.php

[3] - https://seclists.org/oss-sec/2019/q4/122

[4] - https://www.zdnet.com/article/new-vulnerability-lets-attackers-sniff-or-hijack-vpn-connections/

[5] - https://promon.co/security-news/strandhogg/

[6] - https://xakep.ru/2019/12/03/strandhogg/

[7] - https://blog.talosintelligence.com/2019/12/vulnerability-spotlight-EmbedThis-GoAhead.html

[8] - https://xakep.ru/2019/12/05/goahead-rce-2/

[9] - https://blog.pcisecuritystandards.org/just-published-pci-contactless-payments-on-cots

[10] - https://www.securitylab.ru/news/503159.php

[11] - https://www.ibm.com/downloads/cas/OAJ4VZNJ

[12] - https://xakep.ru/2019/12/05/zerocleare/

[13] - https://threatpost.ru/new-zerocleare-wiper-targets-energy-industrial-organizations-in-the-middle-east/34973/

[14] - https://twitter.com/dineshdina04/status/1201834142704394242

[15] - https://www.securitylab.ru/news/503133.php

Канал в телеграме: tgclick.ru/voiceofsecurity/609

Новости - Выпуск 3

Третий подкаст освещает новости 25 ноября-1 декабря 2019 года:

1. Insights from one year of tracking a polymorphic threat [1][2]

2. ByePg: Defeating Patchguard Using Exception-Hooking [3] [4]

3. Уязвимость в Apache Solr позволяет выполнить сторонний код [5] [6]

4. Преступники майнят Monero на уязвимых Docker-системах [7]

5. Компания Adobe сообщила о взломе сайта Magento Marketplace [8]

[1] - https://www.securitylab.ru/news/502914.php

[2] - https://www.microsoft.com/security/blog/2019/11/26/insights-from-one-year-of-tracking-a-polymorphic-threat/

[3] - https://threatpost.ru/security-researcher-discloses-new-windows-patchguard-bypass/34907/

[4] - https://blog.can.ac/2019/10/19/byepg-defeating-patchguard-using-exception-hooking/

[5] - https://threatpost.ru/pocs-show-apache-solr-vulnerability-allows-rce/34911/

[6] - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12409

[7] - https://www.securitylab.ru/news/502852.php

[8] - https://xakep.ru/2019/11/28/magento-marketplace-hack/

Канал в телеграме: tgclick.ru/voiceofsecurity/609

Музыка: @Dust09

Второй подкаст освещает новости 18-24 ноября 2019:

1. Уязвимость в WhatsApp позволяет взломать устройство или привести к DoS [1][2]

2. Unbound vulnerability [3] [4]

3. BIND vulnerability, TCP-pipelined queries can bypass tcp-clients limit [5] [6]

4. Long-known Vulnerabilities in High-Profile Android Applications [7] [8]

5. PHOENIX: THE TALE OF THE RESURRECTED KEYLOGGER [9] [10]

6. Jetpack 7.9.1: Maintenance and Security Release [11]

7. Официальный сайт криптовалюты Monero был взломан [12] [13]

[1] - https://www.anti-malware.ru/news/2019-11-18-1447/31315

[2] - https://nvd.nist.gov/vuln/detail/CVE-2019-11931

[3] - https://security-tracker.debian.org/tracker/CVE-2019-18934

[4] - https://nvd.nist.gov/vuln/detail/CVE-2019-18934

[5] - https://kb.isc.org/docs/cve-2019-6477

[6] - https://access.redhat.com/security/cve/cve-2019-6477

[7] - https://research.checkpoint.com/2019/long-known-vulnerabilities-in-high-profile-android-applications/

[8] - https://xakep.ru/2019/11/22/android-apps-problems/

[9] - https://www.cybereason.com/blog/phoenix-the-tale-of-the-resurrected-alpha-keylogger

[10] - https://xakep.ru/2019/11/21/phoenix/

[11] - https://jetpack.com/2019/11/19/jetpack-7-9-1-maintenance-security/

[12] - https://twitter.com/monero/status/1196654342809489408

[13] - https://xakep.ru/2019/11/20/monero-hacked/

Канал в телеграме: tgclick.ru/voiceofsecurity/609

Новости - Выпуск 1

Первый подкаст освещает новости 11-17 ноября 2019:

1. Facebook bug shows camera activated in background during app use [1]

2. Вторник обновлений: Microsoft исправила 0-day уязвимость в в Internet Explorer [2]

3. IPAS: NOVEMBER 2019 INTEL PLATFORM UPDATE (IPU) [3]

4. McAfee - All Editions (MTP, AVP, MIS) - Self-Defense Bypass and Potential Usages (CVE-2019-3648) [4]

5. PureLocker: New Ransomware-as-a-Service Being Used in Targeted Attacks Against Servers [5]

6. Исследование уязвимостей в VNC [6]

7. The Road to Qualcomm TrustZone Apps Fuzzing [7]

 

[1] https://www.cnet.com/news/facebook-bug-has-camera-activated-while-people-are-using-the-app/

[2] https://xakep.ru/2019/11/13/november-patches-2/

[3] https://blogs.intel.com/technology/2019/11/ipas-november-2019-intel-platform-update-ipu/

[4] https://safebreach.com/Post/McAfee-All-Editions-MTP-AVP-MIS-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-3648

[5] https://www.intezer.com/blog-purelocker-ransomware-being-used-in-targeted-attacks-against-servers/

[6] https://ics-cert.kaspersky.ru/reports/2019/11/13/vnc-vulnerability-research/

[7] https://research.checkpoint.com/the-road-to-qualcomm-trustzone-apps-fuzzing/

Длительность 10 минут.

Канал в телеграме: https://tgclick.ru/voiceofsecurity/609