Critical Infrastructure

SecList ICS

• Incident Response Analyst Report 2019
• 5G technology predictions 2020

Security Magazine

• US Senate passes bill to extend CFATS
• PG&E offers personalized emergency plan tool for customers
• Protecting Industrial IoT devices
• White House Says Fewer Cybersecurity Incidents Affected Federal Networks in 2019
• Mittal Desai Named Chief Information Officer for the Federal Energy Regulatory Commission
• Consumer Brands Association Announces Critical Infrastructure Supply Chain Council

• Gregory Alvarez named Director of CBP San Juan Field Operations
• LAX offers PPE via vending machines
• Port of Baltimore receives Federal security funding
• Good Security News from Guerrilla Mask Movement
• Passengers can now text cleaning and safety questions directly to United Airlines
• CBP names Andrew Douglas as Acting Port Director for Laredo Port of Entry

• Transdev names new vice president of safety and security
• MBTA names Ronald Ester Chief Safety Officer
• Amtrak promotes new technology, safety measures
• AI-enabled customer interactions more than double since 2018
• California adopts workplace safety standards for nighttime agricultural workers
• ISACA guide outlines how to strengthen enterprise supply chain resiliency

Case Studies

• DefenTec deploys KeeperMSP to defend from cyberattacks
• EL AL Airlines: Integrating Security into CI/CD with Seeker IAST from Synopsys
• Cybersecurity at Val Verde ISD
• Safeguarding Security and Loss Prevention at Gap Inc.
• When Physical Intrusions Lead to Digital Breaches
• How Unified Device Management Is Critical to BYOD Enterprises

• Texas Window Film Company Working to Provide More Emergency Response Times in Schools
• 3M™ Window Film Adds Time, Increased Protection Against Active Shooters
• Collecting Insights and Metrics with Guard Tour Software
• Florida-based Company Protects Government Buildings with Window Film
• Simplify Connected Campus Security
• George Mason University: Migrating to Smart “One Card” Student ID

News

• CactusPete Hackers Go On European Rampage With Bisonal
• Alexa Vulnerability Is A Reminder To Delete Your Voice History
• Google Stops Responding To Data Requests From Hong Kong Govt
• Instagram Retained Deleted User Data Despite GDPR Rules
• Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment
• RedCurl Group Has Hacked Companies For Three Years
• FireEye's Bug Bounty Program Goes Public
• Trump Goes After His Own FBI Director
• Citrix Warns Of Critical Flaws In XenMobile Server
• An Overview Of Microsoft's Recent Patch Tuesday
• Adobe Tackles Code Execution Vulnerabilities In Acrobat, Reader
• 28,000 Infosec Training Records Stolen From SANS After Staffer Is Phished
• Tor Exit Nodes Hijacked To Perform SSL stripping Attacks
• Homeland Security Details New Tools For Extracting Device Data At US Borders
• NCC Group Admits Leaking Training Data Online
• Why Did The FCA Drop Its Warning About The OneCoin Scam?
• China Is Now Blocking All Encrypted HTTPS Traffic That Uses TLS 1.3 And ESNI
• FBI Says Iranian Hackers Are Attacking F5 Networking Devices
• Qualcomm Bugs Open 40 Percent Of Android Handsets To Attack
• Taiwan's Semiconductor Industry Hacked By China
• Bulgarian Police Arrest Hacker Instakilla
• Is The US About To Split The Internet?
• Hackers Dump 20GB Of Intel's Confidential Data Online
• Hackers Are Defacing Reddit With Pro-Trump Messages
• Black Hat 2020: Using Botnets To Manipulate Energy Markets For Big Profits

Exploits

• Safari Webkit For iOS 7.1.2 JIT Optimization Bug
• WordPress Sell Photo 1.0.5 Cross Site Scripting
• Android App Zygotes Improper Guarding
• Artica Proxy 4.3.0 Authentication Bypass
• vBulletin 5.x Remote Code Execution
• Microsoft Windows AppContainer Enterprise Authentication Capability Bypass
• GetSimple CMS Multi User 1.8.2 Cross Site Request Forgery
• QiHang Media Web Digital Signage 3.0.9 Remote Code Execution
• QiHang Media Web Digital Signage 3.0.9 Arbitrary File Disclosure
• QiHang Media Web Digital Signage 3.0.9 Arbitrary File Deletion
• QiHang Media Web Digital Signage 3.0.9 Credential Disclosure
• QiHang Media Web Digital Signage 3.0.9 Password Disclosure
• Car Rental Script Cross Site Scripting
• Car Rental Script SQL Injection
• Online Book Store Cross Site Scripting
• Online Book Store SQL Injection
• Online Shopping System SQL Injection
• vBulletin 5.6.2 Cross Site Scripting
• CMS Made Simple 2.2.14 Shell Upload
• Avian JVM 1.2.0 Silent Return
• Avian JVM 1.2.0 Integer Overflow
• SugarCRM SQL Injection
• SugarCRM Cross Site Scripting
• Fuel CMS 1.4.7 SQL Injection
• Travel Management System 1.0 Remote Code Execution

• [webapps] GetSimple CMS Plugin Multi User 1.8.2 - Cross-Site Request Forgery (Add Admin)
• [webapps] Artica Proxy 4.3.0 - Authentication Bypass
• [webapps] vBulletin 5.6.2 - 'widget_tabbedContainer_tab_panel' Remote Code Execution
• [webapps] CMS Made Simple 2.2.14 - Authenticated Arbitrary File Upload
• [webapps] Fuel CMS 1.4.7 - 'col' SQL Injection (Authenticated)
• [local] BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path
• [webapps] ManageEngine ADSelfService Build prior to 6003 - Remote Code Execution (Unauthenticated)
• [webapps] Warehouse Inventory System 1.0 - Cross-Site Request Forgery (Change Admin Password)
• [webapps] Daily Expenses Management System 1.0 - 'item' SQL Injection
• [webapps] All-Dynamics Digital Signage System 2.0.2 - Cross-Site Request Forgery (Add Admin)
• [local] CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path
• [webapps] Victor CMS 1.0 - 'Search' SQL Injection
• [webapps] Stock Management System 1.0 - Authentication Bypass
• [dos] QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service (PoC)
• [dos] ACTi NVR3 Standard or Professional Server 3.0.12.42 - Denial of Service (PoC)
• [webapps] Daily Expenses Management System 1.0 - 'username' SQL Injection
• [dos] RTSP for iOS 1.0 - 'IP Address' Denial of Service (PoC)
• [dos] Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service (PoC)
• [webapps] Pi-hole 4.3.2 - Remote Code Execution (Authenticated)
• [webapps] Online Shopping Alphaware 1.0 - Authentication Bypass
• [webapps] Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting
• [webapps] Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion
• [webapps] Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion
• [webapps] eGroupWare 1.14 - 'spellchecker.php' Remote Command Execution
• [local] docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)
• [webapps] Rails 5.0.1 - Remote Code Execution
• [webapps] Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting
• [webapps] pfSense 2.4.4-p3 - Cross-Site Request Forgery
• [webapps] Socket.io-file 2.0.31 - Arbitrary File Upload
• [webapps] Sickbeard 0.1 - Cross-Site Request Forgery (Disable Authentication)
• [webapps] F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion
• [webapps] Webtareas 2.1p - Arbitrary File Upload (Authenticated)
• [webapps] Bio Star 2.8.2 - Local File Inclusion
• [webapps] PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting
• [webapps] Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated)
• [webapps] elaniin CMS - Authentication Bypass
• [webapps] Online Course Registration 1.0 - Unauthenticated Remote Code Execution
• [webapps] LibreHealth 2.0.0 - Authenticated Remote Code Execution
• [webapps] Bludit 3.9.2 - Directory Traversal
• [webapps] WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)
• [webapps] WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
• [dos] Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)
• [local] Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter)
• [local] Port Forwarding Wizard 4.8.0 - Buffer Overflow (SEH)
• [webapps] UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery (Add Admin)
• [webapps] INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution

Last 20 Website Defacements - Zone-h

• http://sbep.gos.pk
• https://www.sindhinvestment.gos.pk
• https://idb.dbkl.gov.my
• http://nic.eg/R4BIA.htm
• http://domain.eg/R4BIA.htm
• http://domain.com.eg/r4bia.htm
• http://www.egregistry.eg/r4bia.htm
• http://egdns.net.eg/r4bia.htm
• http://egdns.org.eg/r4bia.htm
• http://eg-dns.eg/r4bia.htm
• http://domain.net.eg/r4bia.htm
• http://egdns.eg/r4bia.htm
• http://domains.com.eg/r4bia.htm
• http://egdomain.org.eg/r4bia.htm
• http://nic.org.eg/25Jan.htm
• http://egdomain.net.eg/r4bia.htm
• http://domains.net.eg/r4bia.htm
• http://dzs.gov.mk/shiraoka.htm
• http://www.pa-bondowoso.go.id/ea.txt
• http://elatihan.johor.gov.my

Advisories

• Ubuntu Security Notice USN-4459-1 Fri, 14 Aug 2020 21:19:47 GMT
  Ubuntu Security Notice 4459-1 - It was discovered that Salt allows remote attackers to determine which files exist on the server. An attacker could use that to extract sensitive information. It was discovered that Salt has a vulnerability that allows an user to bypass authentication. An attacker could use that to extract sensitive information, execute arbitrary code or crash the server. It was discovered that Salt is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host. Various other issues were also addressed.
• Mikrotik RouterOS NULL Pointer Dereference / Reachable Assertion Failure Fri, 14 Aug 2020 21:15:51 GMT
  Mikrotik RouterOS suffers from null pointer dereference and reachable assertion failure vulnerabilities.
• WebKit On iOS PAC / JIT Hardening Bypass Fri, 14 Aug 2020 16:09:44 GMT
  A PAC and JIT hardening bypass exists in WebKit on iOS.
• Ubuntu Security Notice USN-4458-1 Thu, 13 Aug 2020 16:53:22 GMT
  Ubuntu Security Notice 4458-1 - Fabrice Perez discovered that the Apache mod_rewrite module incorrectly handled certain redirects. A remote attacker could possibly use this issue to perform redirects to an unexpected URL. Chamal De Silva discovered that the Apache mod_proxy_ftp module incorrectly handled memory when proxying to a malicious FTP server. A remote attacker could possibly use this issue to obtain sensitive information. Various other issues were also addressed.
• Ubuntu Security Notice USN-4457-1 Wed, 12 Aug 2020 15:54:52 GMT
  Ubuntu Security Notice 4457-1 - Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen.
• Ubuntu Security Notice USN-4456-1 Wed, 12 Aug 2020 15:54:46 GMT
  Ubuntu Security Notice 4456-1 - It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. It was discovered that Dovecot incorrectly handled memory when using NTLM. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. It was discovered that the Dovecot RPA mechanism incorrectly handled zero-length messages. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.
• Red Hat Security Advisory 2020-3433-01 Wed, 12 Aug 2020 15:54:40 GMT
  Red Hat Security Advisory 2020-3433-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
• Red Hat Security Advisory 2020-3432-01 Wed, 12 Aug 2020 15:54:33 GMT
  Red Hat Security Advisory 2020-3432-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
• Gentoo Linux Security Advisory 202008-07 Wed, 12 Aug 2020 15:54:26 GMT
  Gentoo Linux Security Advisory 202008-7 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 84.0.4147.125 are affected.
• Red Hat Security Advisory 2020-3414-01 Wed, 12 Aug 2020 15:54:20 GMT
  Red Hat Security Advisory 2020-3414-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
• Red Hat Security Advisory 2020-3425-01 Tue, 11 Aug 2020 21:16:56 GMT
  Red Hat Security Advisory 2020-3425-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
• Red Hat Security Advisory 2020-3422-01 Tue, 11 Aug 2020 21:16:48 GMT
  Red Hat Security Advisory 2020-3422-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.107 and .NET Core Runtime 3.1.7. Security Fixes: .NET Core: ASP.NET Core Resource Consumption Denial of Service. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2020-3421-01 Tue, 11 Aug 2020 21:16:42 GMT
  Red Hat Security Advisory 2020-3421-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.107 and .NET Core Runtime 3.1.7. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2020-3406-01 Tue, 11 Aug 2020 15:39:07 GMT
  Red Hat Security Advisory 2020-3406-01 - Library and utility to launch and manage containers using YAML based configuration data. openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools, which can be used to help deploy OpenStack.
• Red Hat Security Advisory 2020-3410-01 Tue, 11 Aug 2020 15:38:34 GMT
  Red Hat Security Advisory 2020-3410-01 - Library and utility to launch and manage containers using YAML based configuration data. openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools, which can be used to help deploy OpenStack.
• Red Hat Security Advisory 2020-3389-01 Tue, 11 Aug 2020 15:38:27 GMT
  Red Hat Security Advisory 2020-3389-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer overflow vulnerability.
• Ubuntu Security Notice USN-4454-2 Mon, 10 Aug 2020 22:47:30 GMT
  Ubuntu Security Notice 4454-2 - USN-4454-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. Various other issues were also addressed.
• Ubuntu Security Notice USN-4455-1 Mon, 10 Aug 2020 22:47:16 GMT
  Ubuntu Security Notice 4455-1 - It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information.
• Red Hat Security Advisory 2020-3387-01 Mon, 10 Aug 2020 22:47:09 GMT
  Red Hat Security Advisory 2020-3387-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP70. Issues addressed include bypass and information leakage vulnerabilities.
• Red Hat Security Advisory 2020-3388-01 Mon, 10 Aug 2020 22:47:01 GMT
  Red Hat Security Advisory 2020-3388-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP70. Issues addressed include bypass and information leakage vulnerabilities.
• Ubuntu Security Notice USN-4454-1 Mon, 10 Aug 2020 22:46:54 GMT
  Ubuntu Security Notice 4454-1 - Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.
• Red Hat Security Advisory 2020-3386-01 Mon, 10 Aug 2020 19:02:07 GMT
  Red Hat Security Advisory 2020-3386-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6-FP15. Issues addressed include bypass and information leakage vulnerabilities.
• Red Hat Security Advisory 2020-3385-01 Mon, 10 Aug 2020 14:27:27 GMT
  Red Hat Security Advisory 2020-3385-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include a buffer overflow vulnerability.
• Red Hat Security Advisory 2020-3383-01 Mon, 10 Aug 2020 14:27:20 GMT
  Red Hat Security Advisory 2020-3383-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2020-3382-01 Mon, 10 Aug 2020 14:27:13 GMT
  Red Hat Security Advisory 2020-3382-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages. Issues addressed include a denial of service vulnerability.