Critical Infrastructure

SecList ICS

• Threat Landscape for Industrial Automation Systems in H2 2018
• GreyEnergy’s overlap with Zebrocy

Security Magazine

• How to Meet the Growing Demand for Cybersecurity Professionals
• Natural Disasters Cost the U.S. $91 Billion in 2018
• Study on Electric Grid Resiliency Finds Urgent Need for Cybersecurity Investments
• Senators Introduce Legislation to Protect Electric Grid from Cyber Attack
• How to Protect Sub-Perimeters with Advanced IP Technology
• Critical Infrastructure Under Persistent Threat

• Bill Introduced to Expand Enrollment in TSA PreCheck
• Tampa International Airport Introduces Pass Allowing Non-Travelers Past Security Checkpoint
• TSA Launches Awareness Campaign for New ID Requirements
• Cargo Theft Numbers Decline
• IATA Releases 2018 Airline Safety Performance
• AAPA Says $4 Billion Needed to Protect Ports and Supply Chain Security

• Cargo Thefts Declined in Q1 2019
• Chicago Metra Launches ‘COPS’ Crime-Reporting App
• Defense Industry Companies Launch Supply Chain Cybersecurity Task Force
• Cargo Theft Numbers Decline
• AAPA Says $4 Billion Needed to Protect Ports and Supply Chain Security
• Beazley, Marsh Launch Cyber Insurance for Manufacturers

Case Studies

• When Physical Intrusions Lead to Digital Breaches
• How Unified Device Management Is Critical to BYOD Enterprises
• Security Implications of the Electric Smart Grid
• Automating Security Incident Respons
• Defense in Depth: A Layered Approach to Network Security
• How Much Would a Cyberattack Cost Your Enterprise?

• Collecting Insights and Metrics with Guard Tour Software
• Florida-based Company Protects Government Buildings with Window Film
• Simplify Connected Campus Security
• George Mason University: Migrating to Smart “One Card” Student ID
• NOVA Upgrades to Networked Power
• New Aloft Dubai Hotel Implements Advanced Surveillance System for Guest Protection

News

• Millions Of Golfers Land In Privacy Hazard After Cloud Misconfig
• Team Viewer Hit By Chinese Hackers In 2016
• Huawei Faces Break With UK Chip Giant ARM
• Google G Suite Glitch Left Some Passwords Stored In Plain Text For 14 Years
• Unsecure Chtrbox AWS Database Exposes Data On 49 Million Instagram Influencers, Accounts
• Huawei's Microchip Vulnerability Explained
• Linux Variant Of Winnti Malware Spotted In Wild
• Baltimore Ransomware Nightmare Could Last Weeks More
• Trump's U.S. Golf Association Account Got Hacked
• Instagram Hacker Forum Gets Hacked By Hackers
• Slack Bug Allows Remote File Hijacking, Malware Injection
• Over 20k Linksys Routers Leak Every Device Ever Connected
• Everything You Need To Know About GDPR
• Magecart POS Malware Found On Forbes Subscription Page
• Senate Unlikely To Vote On Election Security Despite Risk
• Hacktivist Attacks Dropped By 95% Since 2015
• US Telcos Say They Stopped Selling User Location Data, With A Few Exceptions
• ARIN Recovers 735,000 Fraudulently Obtained IPv4 Addresses
• GozNym Bank Malware Gang That Stole Millions Busted
• Cisco / WebEx Flaws Offer Up Remote Code Execution
• Hackers Interrupt Israeli Eurovision Webcast With Fake Explosions
• Plane Radio Navigation For Landing Is Insecure And Can Be Hacked
• Microsoft Warns Wormable Windows Bug Could Lead To Another WannaCry
• UK Hacking Powers Can Be Challenged In Court, Judge Rules
• WhatsApp To Refer Security Breach To U.S. Authorities

Exploits

• Blue Prism Robotic Process Automation (RPA) Privilege Escalation
• Microsoft Windows Task Scheduler .job Import Arbitrary DACL Write
• WordPress Inkblot Theme 4.9.10 Cross Site Request Forgery
• WordPress Memphis Documents Library 3.9.19 Cross Site Request Forgery
• FreeBSD rtld execl() Privilege Escalation
• Mac OS X Feedback Assistant Race Condition
• Shopware createInstanceFromNamedArguments PHP Object Instantiation
• XNU Stale Pointer Use-After-Free
• Visual Voicemail For iPhone IMAP NAMESPACE Use-After-Free
• Darktrace Enterpise Immune System 3.0.9 / 3.0.10 Cross Site Request Forgery
• XNU stf_ioctl Bad Cast
• Microsoft Windows CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration
• JavaScriptCore LICM Uninitialized Stack Variable
• PHP PHP_INI_SYSTEM Ineffective Controls
• Slims CMS Akasia 8.3.1 SQL Injection
• Emerson Network Power Liebert Challenger 5.1E0.5 Cross Site Scripting
• phpKF 1.10 XSS / CSRF / SQL Injection
• Common Desktop Environment 2.3.0 dtprintinfo Privilege Escalation
• Huawei eSpace 1.1.11.103 Meeting Heap Overflow
• Huawei eSpace 1.1.11.103 Meeting Image File Format Handling Buffer Overflow
• Huawei eSpace 1.1.11.103 Unicode Stack Buffer Overflow
• Huawei eSpace 1.1.11.103 DLL Hijacking
• Cisco Expressway Gateway 11.5.1 Directory Traversal
• Freelance Cockpit CRM 3.3.1 SQL Injection
• Horde Webmail 5.2.22 XSS / CSRF / SQL Injection / Code Execution

• [webapps] Moodle Jmol Filter 6.1 - Directory Traversal / Cross-Site Scripting
• [remote] GetSimpleCMS - Unauthenticated Remote Code Execution (Metasploit)
• [local] Solaris 7/8/9 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)
• [local] Solaris 7/8/9 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)
• [local] Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation
• [dos] BulletProof FTP Server 2019.0.0.50 - 'Storage-Path' Denial of Service (PoC)
• [dos] BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service (PoC)
• [dos] AbsoluteTelnet 10.16 - 'License name' Denial of Service (PoC)
• [dos] docPrint Pro 8.0 - Denial of Service (PoC)
• [dos] PCL Converter 2.7 - Denial of Service (PoC)
• [dos] Encrypt PDF 2.3 - Denial of Service (PoC)
• [shellcode] Linux x86_64 - Delete File Shellcode (28 bytes)
• [webapps] eLabFTW 1.8.5 - Arbitrary File Upload / Remote Code Execution
• [dos] Huawei eSpace 1.1.11.103 - 'ContactsCtrl.dll' / 'eSpaceStatusCtrl.dll' ActiveX Heap Overflow
• [dos] Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow
• [local] Huawei eSpace 1.1.11.103 - DLL Hijacking
• [dos] Huawei eSpace Meeting 1.1.11.103 - 'cenwpoll.dll' SEH Buffer Overflow (Unicode)
• [webapps] Interspire Email Marketer 6.20 - 'surveys_submit.php' Remote Code Execution
• [local] Iperius Backup 6.1.0 - Privilege Escalation
• [dos] CEWE Photo Importer 6.4.3 - '.jpg' Denial of Service (PoC)
• [dos] CEWE Photoshow 6.4.3 - 'Password' Denial of Service (PoC)
• [dos] Sandboxie 5.30 - 'Programs Alerts' Denial of Service (PoC)
• [dos] SEL AcSELerator Architect 2.2.24 - CPU Exhaustion Denial of Service
• [dos] Axessh 4.2 - 'Log file name' Denial of Service (PoC)
• [dos] ZOC Terminal v7.23.4 - 'Shell' Denial of Service (PoC)
• [dos] ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)
• [dos] ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)
• [local] JetAudio jetCast Server 2.0 - 'Log Directory' Local SEH Alphanumeric Encoded Buffer Overflow
• [dos] WeChat for Android 7.0.4 - 'vcodec2_hls_filter' Denial of Service
• [webapps] DeepSound 1.0.4 - SQL Injection
• [local] VMware Workstation 15.1.0 - DLL Hijacking
• [webapps] Legrand BTicino Driver Manager F454 1.0.51 - Cross-Site Request Forgery / Cross-Site Scripting
• [webapps] CommSy 8.6.5 - SQL injection
• [dos] Tomabo MP4 Converter 3.25.22 - Denial of Service (PoC)
• [webapps] PasteShr 1.6 - Multiple SQL Injection
• [webapps] Schneider Electric U.Motion Builder 1.3.4 - 'track_import_export.php object_id' Unauthenticated Command Injection
• [dos] TwistedBrush Pro Studio 24.06 - '.srp' Denial of Service (PoC)
• [dos] TwistedBrush Pro Studio 24.06 - 'Script Recorder' Denial of Service (PoC)
• [dos] TwistedBrush Pro Studio 24.06 - 'Resize Image' Denial of Service (PoC)
• [dos] Selfie Studio 2.17 - 'Resize Image' Denial of Service (PoC)
• [webapps] D-Link DWL-2600AP - Multiple OS Command Injection
• [webapps] Sales ERP 8.1 - Multiple SQL Injection
• [remote] PHP-Fusion 9.03.00 - 'Edit Profile' Remote Code Execution (Metasploit)
• [webapps] OpenProject 5.0.0 - 8.3.1 - SQL Injection
• [dos] Google Chrome V8 - Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds Read/Write
• [webapps] XOOPS 2.5.9 - SQL Injection

Last 20 Website Defacements - Zone-h

• http://rsud.kedirikab.go.id
• http://zpparbhani.gov.in/rx.html
• http://rajfed.gov.in/rx.html
• http://pn-sukabumikota.go.id/hh.html
• http://mbb.gov.in/rx.html
• http://highereducationmanipur.gov.in/rx.html
• http://imc.mn.gov.in/rx.html
• http://ifcdmanipur.gov.in/rx.html
• http://deco.sorocaba.ufscar.br
• http://deco.sor.ufscar.br
• http://novo.matao.sp.gov.br
• http://www.matao.sp.gov.br
• https://transparencia.bomjesus.rn.gov.br
• https://licitacoes.bomjesus.rn.gov.br
• https://e-sic.bomjesus.rn.gov.br
• http://www.skp.moe.go.th
• http://deps.sorocaba.ufscar.br
• http://deps.sor.ufscar.br
• http://dfqm.sorocaba.ufscar.br
• http://dfqm.sor.ufscar.br

Advisories

• Ubuntu Security Notice USN-3992-1 Wed, 22 May 2019 14:40:07 GMT
  Ubuntu Security Notice 3992-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
• Ubuntu Security Notice USN-3993-1 Wed, 22 May 2019 14:39:56 GMT
  Ubuntu Security Notice 3993-1 - Wenchao Li discovered that curl incorrectly handled memory in the curl_url_set function. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. It was discovered that curl incorrectly handled memory when receiving data from a TFTP server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
• Slackware Security Advisory - mozilla-firefox Updates Wed, 22 May 2019 14:39:49 GMT
  Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
• Ubuntu Security Notice USN-3566-2 Wed, 22 May 2019 14:39:42 GMT
  Ubuntu Security Notice 3566-2 - USN-3566-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or possibly cause a crash, resulting in a denial of service. Various other issues were also addressed.
• Red Hat Security Advisory 2019-1260-01 Wed, 22 May 2019 14:39:35 GMT
  Red Hat Security Advisory 2019-1260-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an information leakage vulnerability.
• Red Hat Security Advisory 2019-1259-01 Wed, 22 May 2019 14:39:27 GMT
  Red Hat Security Advisory 2019-1259-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that address security vulnerabilities is now available. The updated version is .NET Core Runtime 2.1.11 and SDK 2.1.507. Issues addressed include a denial of service vulnerability.
• JSC DFG Incorrect Decision On Behavior Tue, 21 May 2019 23:44:11 GMT
  JSC DFG's doesGC() is incorrect about the HasIndexedProperty operation's behavior on StringObjects.
• Revive Adserver Weak PRNG Cryptography Tue, 21 May 2019 23:28:05 GMT
  Revive Adserver versions prior to 4.2.1 make use of a cryptographically weak pseudo-random number generator.
• WebKitGTK+ / WPE WebKit Code Execution Tue, 21 May 2019 23:07:14 GMT
  WebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities and various other issues that can lead to code execution. Multiple versions are affected.
• Ubuntu Security Notice USN-3991-1 Tue, 21 May 2019 23:06:42 GMT
  Ubuntu Security Notice 3991-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.
• Red Hat Security Advisory 2019-1258-01 Tue, 21 May 2019 23:06:15 GMT
  Red Hat Security Advisory 2019-1258-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL.
• Ubuntu Security Notice USN-3989-1 Tue, 21 May 2019 23:06:08 GMT
  Ubuntu Security Notice 3989-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.
• Ubuntu Security Notice USN-3990-1 Tue, 21 May 2019 23:05:56 GMT
  Ubuntu Security Notice 3990-1 - It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. Various other issues were also addressed.
• JavaScriptCore AIR Optimization Incorrectly Removes Assignment To Register Tue, 21 May 2019 22:22:22 GMT
  JavaScriptCore AIR optimization incorrectly removes assignment to register.
• Red Hat Security Advisory 2019-1245-01 Mon, 20 May 2019 16:39:06 GMT
  Red Hat Security Advisory 2019-1245-01 - An update is now available for Red Hat Quay 3. Issues addressed include a man-in-the-middle vulnerability.
• Ubuntu Security Notice USN-3985-2 Fri, 17 May 2019 13:13:13 GMT
  Ubuntu Security Notice 3985-2 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
• Red Hat Security Advisory 2019-1243-01 Thu, 16 May 2019 23:06:42 GMT
  Red Hat Security Advisory 2019-1243-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 74.0.3729.131. Issues addressed include an out of bounds access vulnerability.
• Ubuntu Security Notice USN-3988-1 Thu, 16 May 2019 23:06:29 GMT
  Ubuntu Security Notice 3988-1 - It was discovered that MediaInfo contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause MediaInfo to crash, resulting in a denial of service.
• Ubuntu Security Notice USN-3986-1 Thu, 16 May 2019 23:05:59 GMT
  Ubuntu Security Notice 3986-1 - It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.
• Red Hat Security Advisory 2019-1238-01 Thu, 16 May 2019 23:05:45 GMT
  Red Hat Security Advisory 2019-1238-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35. Issues addressed include a buffer overflow vulnerability.
• Red Hat Security Advisory 2019-1237-01 Thu, 16 May 2019 23:05:38 GMT
  Red Hat Security Advisory 2019-1237-01 - The rh-python35-python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Issues addressed include an information leakage vulnerability.
• Slackware Security Advisory - rdesktop Updates Thu, 16 May 2019 23:05:31 GMT
  Slackware Security Advisory - New rdesktop packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
• Red Hat Security Advisory 2019-1236-01 Thu, 16 May 2019 23:05:23 GMT
  Red Hat Security Advisory 2019-1236-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.16, 1.1.13, 2.1.11, and 2.2.5. Issues addressed include a denial of service vulnerability.
• Ubuntu Security Notice USN-3985-1 Thu, 16 May 2019 23:04:15 GMT
  Ubuntu Security Notice 3985-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
• Red Hat Security Advisory 2019-1235-01 Wed, 15 May 2019 18:44:00 GMT
  Red Hat Security Advisory 2019-1235-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.