Múltiples vulnerabilidades en productos Cisco

Fecha de publicación: 07/11/2019
Importancia: 4 - Alta

Recursos afectados: 
Cisco EPNM, versiones anteriores a 3.0.2,
Cisco Prime Infrastructure (PI),versiones anteriores a:
3.4.2,
3.5.1,
3.6.0 Update 02,
Cisco RoomOS Software, versiones anteriores a RoomOS July Drop 1 2019,
Cisco RoomOS Software, versiones anteriores a RoomOS September Drop 1 2019 con SSH habilitado,
Routeres Cisco Small Business RV Series, con versiones de firmware anteriores a la 4.2.3.10,
Cisco TC Software, versiones anteriores a 7.3.19,
Cisco TelePresence CE Software, versiones anteriores a 9.8.0,
Cisco Web Security Appliance (WSA),
Cisco Webex Meetings Online, todas las versiones de Webex Network Recording Player y Webex Player anteriores a la versión 1.3.44,
Cisco Webex Meetings Server, todas las versiones de Webex Network Recording Player anteriores a la versión 4.0MR2,
Cisco Webex Meetings sites, todas las versiones de Webex Network Recording Player y Webex Player anteriores a la versión WBS 39.5.12,
Cisco Wireless LAN Controllers, desde la versión 8.4 hasta la versión 8.9.

Descripción: 
Cisco ha publicado 12 vulnerabilidades de severidad alta que afectan a sus productos.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-58

#Linux users warned to update libarchive to beat flaw

Every now and again, a security vulnerability is discovered in a program with little fanfare, despite the fact that it’s buried in plain sight inside software lots of people depend on.

A good example is libarchive, which has a flaw discovered by Google researchers in May using the ClusterFuzz and OSSFuzz automated ‘fuzzing’ tools and fixed by libarchive’s maintainers on 12 June in version 3.4.0.

https://nakedsecurity.sophos.com/2019/11/07/linux-users-warned-to-update-libarchive-to-beat-flaw/

#QNAP Warns Users to Secure Devices Against #QSnatch #Malware

Network-attached storage (NAS) maker QNAP urges customers to secure their NAS devices against an ongoing malicious campaign that infects them with QSnatch malware capable of stealing user credentials.

https://www.bleepingcomputer.com/news/security/qnap-warns-users-to-secure-devices-against-qsnatch-malware/

¡Hola España! An AWS Region is coming to Spain!

https://www.allthingsdistributed.com/2019/10/aws-region-europe-spain.html

#Microsoft Warns of More Harmful #Windows #BlueKeep Attacks, Patch Now


The Microsoft Defender ATP Research Team says that the BlueKeep attacks detected on November 2 are connected with a coin mining campaign from September that used the same command-and-control (C2) infrastructure.

BlueKeep is an unauthenticated remote code execution vulnerability affecting Remote Desktop Services on Windows 7, Windows Server 2008, and Windows Server 2008 R2, and patched by Microsoft on May 14.

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-more-harmful-windows-bluekeep-attacks-patch-now/

#Microsoft works with researchers to detect and protect against new #RDP #exploits

On November 2, 2019, security researcher Kevin Beaumont reported that his BlueKeep honeypot experienced crashes and was likely being exploited. Microsoft security researchers collaborated with Beaumont as well as another researcher, Marcus Hutchins, to investigate and analyze the crashes and confirm that they were caused by a BlueKeep exploit module for the Metasploit penetration testing framework.

https://www.microsoft.com/security/blog/2019/11/07/the-new-cve-2019-0708-rdp-exploit-attacks-explained/

Spanish MSSP Targeted by #BitPaymer #Ransomware

https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/spanish-mssp-targeted-by-bitpaymer-ransomware/

Fake Netflix Update Request by Text

https://isc.sans.edu/diary/Fake+Netflix+Update+Request+by+Text/25504

Nvidia’s latest driver update also fixes security vulnerabilities

https://www.kitguru.net/tech-news/featured-tech-news/matthew-wilson/nvidias-latest-driver-update-also-fixes-security-vulnerabilities/

Múltiples vulnerabilidades en Squid

Fecha de publicación: 11/11/2019
Importancia: 4 - Alta

Recursos afectados: 
Las siguientes versiones de Squid:
desde la 2.x hasta la 2.7.STABLE9;
desde la 3.x hasta la 3.5.28;
desde la 4.x hasta la 4.8.

Descripción: 
Se han detectado cinco vulnerabilidades en múltiples versiones del servidor proxy Squid.

Solución: 
Actualizar a la versión 4.9.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-squid-0

Adaudit - Powershell Script To Do Domain Auditing Automation

https://www.kitploit.com/2019/11/adaudit-powershell-script-to-do-domain.html

How to enable encryption in a browser with the #AWS Encryption SDK for JavaScript and Node.js

https://aws.amazon.com/es/blogs/security/how-to-enable-encryption-browser-aws-encryption-sdk-javascript-node-js/

#Adobe Patches Vulnerabilities in Design, Web Products

Adobe has patched a total of 11 vulnerabilities across its Animate, Illustrator, Media Encoder and Bridge products.

https://www.securityweek.com/adobe-patches-vulnerabilities-design-web-products

Keylogging users via #Slack themes

Back in August I found a vulnerability in Slack which allowed me to keylog slack input via custom themes. I came across this vulnerability when we were having some discussions in my work’s slack regarding using CSS to change the font to comic-sans, as seen below:

#FFFFFF;}*{FONT-FAMILY:"COMIC SANS MS

https://fletchto99.dev/2019/november/slack-vulnerability/

#Cisco Fixes High-Risk Vulnerabilities in Some Small Business RV Series #Routers

A number of Cisco Small Business RV Series Routers series were found to be vulnerable to a couple of attacks, and Cisco was quick to explain what the vulnerabilities were and that the patches were issued.

Cisco confirmed that command injection and arbitrary command execution vulnerabilities were found in routers series including RV016, RV042, RV042G, RV082, RV320, and RV325. Both vulnerabilities are considered high risk, which is the main reason for issuing patches so quickly.

https://securityboulevard.com/2019/11/cisco-fixes-high-risk-vulnerabilities-in-some-small-business-rv-series-routers/

Boletín de seguridad de Microsoft de noviembre de 2019

Fecha de publicación: 13/11/2019
Importancia: 5 - Crítica

Recursos afectados: 
Microsoft Windows,
Internet Explorer,
Microsoft Edge (Edge basado en HTML),
ChakraCore,
Microsoft Office y Microsoft Office Services y Web Apps,
Open Source Software,
Microsoft Exchange Server,
Visual Studio,
Azure Stack.

Descripción: 
La publicación de actualizaciones de seguridad de Microsoft correspondiente al mes de noviembre consta de 75 vulnerabilidades, 13 clasificadas como críticas y 62 como importantes.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/boletin-seguridad-microsoft-noviembre-2019

Debian Security Advisory

DSA-4565-1 intel-microcode -- security update

Date Reported:13 Nov 2019

https://www.debian.org/security/2019/dsa-4565

VMware Releases Security Updates

Original release date: November 12, 2019

VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisories VMSA-2019-0020 and VMSA-2019-0021 and apply the necessary updates.

https://www.us-cert.gov/ncas/current-activity/2019/11/12/vmware-releases-security-updates

Intel Releases Security Updates

Original release date: November 12, 2019

Intel has released security updates to address vulnerabilities in multiple products. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:

BMC Advisory INTEL-SA-00313

UEFI Advisory INTEL-SA-00280

SGX and TXT Advisory INTEL-SA-00220

Processor Security Advisory INTEL-SA-00240

CSME, Intel SPS, Intel TXE, Intel AMT, Intel PTT and Intel DAL Advisory INTEL-SA-00241

Graphics Driver for Windows Advisory INTEL-SA-00242

Ethernet 700 Series Controllers Advisory INTEL-SA-00255

SGX Advisory INTEL-SA-00293

Proset/Wireless Wifi Software Security Advisory INTEL-SA-00288

WIFI Drivers and Intel® PROSet/Wireless WiFi Software Extension DLL Advisory INTEL-SA-00287

For updates addressing medium severity vulnerabilities, see the Intel Security Advisories page.

https://www.us-cert.gov/ncas/current-activity/2019/11/12/intel-releases-security-updates

Adobe Releases Security Updates

Original release date: November 12, 2019

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.
Animate CC 2019 APSB19-34
Illustrator CC APSB19-36
Media Encoder APSB19-52
Bridge CC APSB19-53

https://www.us-cert.gov/ncas/current-activity/2019/11/12/adobe-releases-security-updates