03-11

Weekly Awareness Report (WAR)

March 11, 2019

The Cyber Intelligence Report is an Open Source Intelligence AKA OSINT resource focusing on advanced persistent threatsand other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime category directed at bothbusiness and political targets. Attack vectors include system compromise, social engineering, and even traditionalespionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.

Summary

Symantec ThreatCon Low: Basic network posture

This condition applies when there is no discernible network incident activity and no maliciouscode activity with a moderate or severe risk rating. Under these conditions, only a routinesecurity posture, designed to defeat normal network threats, is warranted. Automated systemsand alerting mechanisms should be used.

Sophos: last 10 Malware* Troj/VB-KDE* Troj/Ransom-FGY* Troj/PDFUri-HBJ* JS/Dwnldr-XPA* JS/Dwnldr-XOZ* Troj/DocDl-SJF* Troj/PDFUri-HBI* HPmal/RnsmADS-A* Troj/VB-KDD* Troj/PDFDwn-QZ

Last 10 PUAs* SurfBuyer* Bundlore* Network Scanner* FutureXGame* AdvancedMacCleaner* WebSniff* PassShow* KuaiZip* RawDisk Driver* Adposhel

Interesting News

* Financial Cyberthreats in 2018The presented report continues the series of Kaspersky Lab reports that provide an overview of how the financial threatlandscape has evolved over the years. It covers the common phishing threats that users encounter, along withWindows-based and Android-based financial malware.

* * If you are interested, we have an active FaceBook Group and YouTube Channel. As always, if you have anysuggestions, feel free to let us know. Subscribe if you would like to receive the CIR updates: CIR@informationwarfarecenter.com

Index of Sections

Current News

* Packet Storm Security

* Dark Reading

* Krebs on Security

* The Hacker News

* McAfee

* Threat Post

* Naked Security

* Quick Heal - Security Simplified

Critical Infrastructure

* Security Magazine's Latest Published

Hacker Corner: Tools, Hacked Defacements, and Exploits

* Packet Storm Security Latest Published Tools

* Zone-H Latest Published Website Defacements

* Packet Storm Security Latest Published Exploits

* Exploit Database Releases

Advisories

* Secunia Chart of Vulnerabilities Identified

* US-Cert (Current Activity-Alerts-Bulletins)

* Symantec's Latest List

* Packet Storm Security's Latest List

Credits

News

Packet Storm Security

* US Seeks To Allay Fears Over Killer Robots* RBS Trials Biometric Fingerprint Bank Card* Reminder: We're Still Bad At Securing Industrial Controllers* Protests In Russia Target Internet Iron Curtain Legislation* Buffer Overflow Found In British Airways Entertainment Systems* 809 Million Records Exposed By Email Marketing Giant* Security Holes Found In Big Brand Car Alarms* Equifax Neglected Cybersecurity Prior To Breach, Senate Finds* FB Messenger Bug Revealed Who You Had Conversations With* A Serious Windows Zeroday Is Being Actively Exploited In The Wild* RSA Conference 2019: The Sky's The Limit For Satellite Hacks* Sonic Hit By $5 Million Suit Over 2017 Data Breach* Coinbase CEO Regrets HackingTeam Hires* Former Security Officials To Trump: Stop Trying To Undermine Climate Science* Zuckerberg Says Facebook Is Pivoting To Privacy After Controversies* Democrats Are Trying To Put Net Neutrality Back In The FCC* Nexus Switch Owners Told To Disable POAP Feature* Intel's Latest Spoiler: A Spectre-Style Hardware Exploit That Leaks Private Data* 18 Percent Of Americans Admit To Having Their Identity Stolen* Adi Shamir Couldn't Get US Visa To Attend RSA Conference Named For Him* Czech Cyber Watchdog Says Its Huawei Warning Took U.S. By Surprise* Chinese Hackers Fish For Naval Secrets* Mystery As Quadriga Crypto-Cash Goes Missing* Controversial NSA Phone Data Collection Program Shut Down?* WordPress Accounted For 90 Percent Of All Hacked CMS Sites In 2018

Dark Reading

* Georgia's Jackson County Pays $400K to Ransomware Attackers* IT Security Administrators Aren't Invincible* Tina Fey, RSAC, and Parallels Between Improv and Cyber* Citrix Hacked by 'International Cybercriminals'* Shifting Attacks Put Increasing ID Fraud Burden on Consumers* DHS: No Investigation Planned for Electrical Grid Incursions* Ultrasound Machine Diagnosed with Major Security Gaps* Sign Up Now for Practical, Hands-On Training at Black Hat Asia* Companies Having Trouble Translating Security to Mobile Devices* Phishing Attacks Evolve as Detection & Response Capabilities Improve * How China & Russia Use Social Media to Sway the West* Twitter, Facebook, NSA Discuss Fight Against Misinformation* Debunking 5 Myths About Zero Trust Security* Deep Instinct Touts Predictive Aspects of Deep Learning* 4 Ways At-Work Apps Are Vulnerable to Attack* Regular User Awareness Training Still the Best Security Tactic* Raytheon IIS Seizes the Moment with Cybersecurity as a Service * eSentire: Boost Security with Managed Detection & Orchestrated Response* AT&T Cybersecurity Ensures Companies SOAR with Security Strategy

News

Krebs on Security

* Insert Skimmer + Camera Cover PIN Stealer* MyEquifax.com Bypasses Credit Freeze PIN* Hackers Sell Access to Bait-and-Switch Empire* Booter Boss Interviewed in 2014 Pleads Guilty* Crypto Mining Service Coinhive to Call it Quits* Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison* Payroll Provider Gives Extortionists a Payday* New Breed of Fuel Pump Skimmer? Not Really* A Deep Dive on the Recent Widespread DNS Hijacking Attacks* Bomb Threat Hoaxer Exposed by Hacked Gaming Site

The Hacker News

* BEWARE - New 'Creative' Phishing Attack You Really Should Pay Attention To* AWS Certification Training Courses - Get 2019 Bundle @ 96% OFF* Severe Flaw Disclosed In StackStorm DevOps Automation Software* Citrix Data Breach - Iranian Hackers Stole 6TB of Sensitive Data* New Google Chrome Zero-Day Vulnerability Found Actively Exploited in the Wild* NSA Releases GHIDRA 9.0 — Free, Powerful Reverse Engineering Tool* Google Launches Backstory — A New Cyber Security Tool for Businesses* Researchers Link 'Sharpshooter' Cyber Attacks to North Korean Hackers* Google Discloses Unpatched 'High-Severity' Flaw in Apple macOS Kernel* Hackers Favorite CoinHive Cryptocurrency Mining Service Shutting Down

Security Week

* Mark Zuckerberg Describes a New Privacy-Centric Facebook* Google Launches New Cloud Security Services* Many Vulnerabilities Discovered in Moxa Industrial Switches* Attack on Software Giant Citrix Attributed to Iranian Hackers* Venezuela's Maduro Says Cyber Attack Prevented Power Restoration * Flaws in Smart Alarms Exposed Millions of Cars to Dangerous Hacking* How China Exploits Social Media to Influence American Public* Slack, GitHub Abused by New SLUB Backdoor in Targeted Attacks* Google Discloses Actively Exploited Windows Vulnerability* Zerodium Offers $500,000 for VMware ESXi, Microsoft Hyper-V Exploits* Man Admits to Hacking Minnesota Databases Over Cop Acquittal* Study Finds Rampant Sale of SSL/TLS Certificates on Dark Web* Four Steps to Begin Better Managing Your Digital Risk* Organizations Not Positioned for Success in Tackling Cyber Demands: Deloitte* Hungarian Judge OKs Extradition of Portuguese Hacker* Cisco Patches Two Dozen Serious Flaws in Nexus Switches* Several Industrial Automation Products Affected by WibuKey DRM Flaws* Iranian Hackers Caused Losses in Hundreds of Millions: Report* China's Huawei Sues US Over Federal Ban on Its Products* Cybersecurity Startup PolySwarm Launches Malware Detection Marketplace

News

McAfee

* How to Make Sure Spring Break Doesn't Wreck Your Digital Rep* 809 Million Records Left Exposed: How Users Can Protect Their Data* Don't Let Thunderclap Flaws Strike Your Device* How To Secure Your Smart Home* How to Steer Clear of Tax Season Scams* McAfee Employees Strike Their #BalanceForBetter Pose This International Women's Day* Let's Discuss Cybersecurity as a Career Option This International Women's Day* McAfee Protects Against Suspicious Email Attachments* Alleged 'Momo Challenge' Reminds Parents to Monitor Online Content* JAVA-VBS Joint Exercise Delivers RAT

Threat Post

* Facebook Alleges Two Ukrainians Scraped Data From 63K Profiles* RSA Conference 2019: The Expanding Automation Platform Attack Surface* RSA Conference 2019: Operational Technology Widens Supply Chain Attack Surfaces* Citrix Falls Prey to Password-Spraying Attack* RSA Conference 2019: Emotet Takes Aim at Latin America* RSAC 2019: The Dark Side of Machine Learning* RSA Conference 2019 Recap* RSA Conference 2018: Firms Continue to Fail at IoT Security* RSA Conference 2019: Ultrasound Hacked in Two Clicks* RSAC 2019: For Domestic Abuse, IoT Devices Pose New Threat

Naked Security

* US Army clarifies its killer robot plans* Booking a restaurant? Let Google's Duplex AI make the call for you* FTC says taxpayer voice phishing scams are up nearly 20x* Monday review - the hot 25 stories of the week* Five female technoheroes you might never have heard of…* Serious Security: When randomness isn't - and why it matters* Firefox picks up advertiser-dodging tech from Tor* Zuck says Facebook is becoming more "privacy focused”* Windows Calculator is going open source* Developer-only iPhones help reveal Apple's secret security sauce

Quick Heal - Security Simplified

* Essential cyber safety tips every woman should follow* Quick Heal Threat Report - Cryptojacking rising but Ransomware still #1 threat for consumers* GandCrab Riding Emotet's Bus!* This Valentine fall for true love not for fake online dating apps* 28 Fake Apps removed from Google Play Store post Quick Heal Security Lab reports* 3 essential ways to strengthen your business data security* Anatova, A modular ransomware* Mongolock Ransomware deletes files and targets databases* GandCrab Ransomware along with Monero Miner and Spammer

Critical Infrastructure* Natural Disasters Cost the U.S. $91 Billion in 2018* Study on Electric Grid Resiliency Finds Urgent Need for Cybersecurity Investments * IATA Releases 2018 Airline Safety Performance* AAPA Says $4 Billion Needed to Protect Ports and Supply Chain Security* AAPA Says $4 Billion Needed to Protect Ports and Supply Chain Security* Beazley, Marsh Launch Cyber Insurance for Manufacturers

Tools* Suricata IDPE 4.1.3* Lynis Auditing Tool 2.7.2* Stegano 0.9.1* AIDE 0.16.1* SQLMAP - Automatic SQL Injection Tool 1.3.3* Wireshark Analyzer 3.0.0* Wireshark Analyzer 2.6.7* OpenSSL Toolkit 1.1.1b* Faraday 3.6.0* TOR Virtual Network Tunneling Tool 0.3.5.8* Five Little-Known Ways to Increase Security in Today's Risky Environment* Acunetix Web Application Vulnerability Report 2019

Zone-H Website DefacementsUnfortunately, at the time of this report, the resource was not availible.You can access this resourse here:http://www.zone-h.org/rss/specialdefacements

Proof of Concept (PoC) & Exploits

Packet Storm Security

* Oracle Weblogic Server Deserialization Remote Command Execution* Kados R10 GreenBee SQL Injection* OrientDB 3.0.17 GA Community Edition XSS / CSRF* QNAP TS-431 QTS Remote Command Execution* Anyburn 4.x x86 Buffer Overflow* Sparkasse Cross Site Scripting* phpBB 3.2.3 Remote Code Execution* FreeBSD Intel SYSRET Privilege Escalation* Android su Privilege Escalation* ClearOS 7 Community Edition Cross Site Scripting* Imperva SecureSphere 13.x PWS Command Injection* Drupal RESTful Web Services unserialize() Remote Code Execution* Linux Virtual Address 0 Mappable Via Privilege write()* Android getpidcon() ACL Bypass* Android Binder Use-After-Free* RealTerm Serial Terminal 2.0.0.70 Echo Port Buffer Overflow* Sagemcom Router Insufficient Default PSK Entropy* Babel 0.4.1 Open Redirection* WordPress WP-Image-News-Slider 3.3 Cross Site Request Forgery / Shell Upload* OpenDocMan 1.3.4 SQL Injection* vBulletin 4.2.5 Member Map 1.1.2 Open Redirection* vBulletin 4.2.5 vBSuper_PM 1.2.3 Lite Open Redirection

Exploit Database

* [local] NetSetMan 4.7.1 - Local Buffer Overflow (SEH Unicode)* [dos] Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer Leak* [webapps] Flexpaper PHP Publish Service 2.3.6 - Remote Code Execution* [webapps] PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution* [webapps] OpenKM 6.3.2 * [webapps] Liferay CE Portal * [shellcode] Linux/x86 - Polymorphic execve(/bin/sh) Shellcode (63 bytes)* [shellcode] Linux/x86 - MMX-XOR Encoder / Decoder execve(/bin/sh) Shellcode (44 bytes)* [local] Sony Playstation 4 (PS4) * [papers] Flexpaper * [webapps] DirectAdmin 1.55 - 'CMD_ACCOUNT_ADMIN' Cross-Site Request Forgery* [shellcode] Linux/x86 - INSERTION Encoder / Decoder execve(/bin/sh) Shellcode (88 bytes)* [webapps] McAfee ePO 5.9.1 - Registered Executable Local Access Bypass* [webapps] OrientDB 3.0.17 GA Community Edition - Cross-Site Request Forgery / Cross-Site Scripting* [remote] OpenSSH SCP Client - Write Arbitrary Files* [papers] File transfer skills in the red team post penetration test* [remote] TeamCity * [remote] Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)* [webapps] phpBB 3.2.3 - Remote Code Execution* [webapps] WordPress Core 5.0 - Remote Code Execution* [remote] Drupal

AdvisoriesUS-Cert Alerts & bulletins

* AA19-024A: DNS Infrastructure Hijacking Campaign* AA18-337A: SamSam Ransomware* SB19-063: Vulnerability Summary for the Week of February 25, 2019* SB19-056: Vulnerability Summary for the Week of February 18, 2019

Symantec - Latest List

* WinRAR Multiple Security Vulnerabilities* Microsoft Windows Kernel CVE-2019-0663 Local Information Disclosure Vulnerability* Microsoft .NET Framework and Visual Studio CVE-2019-0657 Spoofing Vulnerability* Microsoft Windows Device Guard CVE-2019-0632 Local Security Bypass Vulnerability* Microsoft Windows Device Guard CVE-2019-0631 Local Security Bypass Vulnerability* Microsoft Windows Device Guard CVE-2019-0627 Local Security Bypass Vulnerability* Microsoft Internet Explorer VBScript Engine CVE-2018-8174 Arbitrary Code Execution Vulnerability* Microsoft Office CVE-2018-0802 Memory Corruption Vulnerability* Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0655 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0642 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0640 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0610 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0607 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0605 Remote Memory Corruption Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0652 Remote Memory Corruption Vulnerability* Microsoft Visual Studio CVE-2019-0728 Remote Code Execution Vulnerability* Microsoft Windows Human Interface Devices CVE-2019-0600 Local Information Disclosure Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0651 Remote Memory Corruption Vulnerability* Microsoft Office CVE-2019-0540 Security Bypass Vulnerability* Microsoft Edge CVE-2019-0650 Remote Memory Corruption Vulnerability* Microsoft Edge CVE-2019-0634 Remote Memory Corruption Vulnerability* Microsoft Windows GDI Component CVE-2019-0602 Information Disclosure Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-0644 Remote Memory Corruption Vulnerability* Microsoft Windows CVE-2019-0636 Local Information Disclosure Vulnerability* Microsoft Internet Explorer CVE-2019-0676 Information Disclosure Vulnerability

Packet Storm Security - Latest List

Red Hat Security Advisory 2019-0474-01Red Hat Security Advisory 2019-0474-01 - IBM Java SE version 7 Release 1 includes the IBM Java RuntimeEnvironment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version7R1 SR4-FP40. Issues addressed include a buffer overflow vulnerability.Red Hat Security Advisory 2019-0473-01Red Hat Security Advisory 2019-0473-01 - IBM Java SE version 7 Release 1 includes the IBM Java RuntimeEnvironment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version7R1 SR4-FP40. Issues addressed include a buffer overflow vulnerability.Red Hat Security Advisory 2019-0472-01Red Hat Security Advisory 2019-0472-01 - IBM Java SE version 8 includes the IBM Java Runtime Environmentand the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP30.Issues addressed include a buffer overflow vulnerability.Ubuntu Security Notice USN-3903-2Ubuntu Security Notice 3903-2 - USN-3903-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. Thisupdate provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 forUbuntu 18.04 LTS. Jason Wang discovered that the vhost net driver in the Linux kernel contained an out ofbounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service orpossibly execute arbitrary code in the host kernel. Various other issues were also addressed.Red Hat Security Advisory 2019-0469-01Red Hat Security Advisory 2019-0469-01 - IBM Java SE version 8 includes the IBM Java Runtime Environmentand the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP30.Issues addressed include a buffer overflow vulnerability.Ubuntu Security Notice USN-3903-1Ubuntu Security Notice 3903-1 - Jason Wang discovered that the vhost net driver in the Linux kernel containedan out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial ofservice or possibly execute arbitrary code in the host kernel. Jann Horn discovered that the userfaultdimplementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could usethis possibly to modify files. Various other issues were also addressed.Ubuntu Security Notice USN-3902-1Ubuntu Security Notice 3902-1 - It was discovered that the PHP XML-RPC module incorrectly handleddecoding XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in adenial of service. It was discovered that the PHP PHAR module incorrectly handled certain filenames. A remoteattacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. It was discoveredthat PHP incorrectly parsed certain DNS responses. A remote attacker could possibly use this issue to causePHP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issueswere also addressed.Debian Security Advisory 4402-1Debian Linux Security Advisory 4402-1 - It was discovered that insufficient restrictions in the connectionhandling of Mumble, a low latency encrypted VoIP client, could result in denial of service.Ubuntu Security Notice USN-3901-2Ubuntu Security Notice 3901-2 - USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS.This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the userfaultd implementation in the Linux kernel did notproperly restrict access to certain ioctls. A local attacker could use this possibly to modify files. Various otherissues were also addressed.Ubuntu Security Notice USN-3901-1Ubuntu Security Notice 3901-1 - Jann Horn discovered that the userfaultd implementation in the Linux kerneldid not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. It was

discovered that the crypto subsystem of the Linux kernel leaked uninitialized memory to user space in somesituations. A local attacker could use this to expose sensitive information. Various other issues were alsoaddressed.Red Hat Security Advisory 2019-0464-01Red Hat Security Advisory 2019-0464-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 JavaRuntime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include amemory disclosure vulnerability.Red Hat Security Advisory 2019-0462-01Red Hat Security Advisory 2019-0462-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 JavaRuntime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include amemory disclosure vulnerability.Red Hat Security Advisory 2019-0457-01Red Hat Security Advisory 2019-0457-01 - The redhat-virtualization-host packages provide the Red HatVirtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor.Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only thepackages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host'sresources and performing administrative tasks. Issues addressed include an off-by-one error.Red Hat Security Advisory 2019-0458-01Red Hat Security Advisory 2019-0458-01 - The VDSM service is required by a Virtualization Manager tomanage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well asvirtual machine creation, other host administration tasks, statistics gathering, and log collection. Issuesaddressed include a privilege escalation vulnerability.Red Hat Security Advisory 2019-0461-01Red Hat Security Advisory 2019-0461-01 - The RHV-M Virtual Appliance automates the process of installingand configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA filefrom the Customer Portal. Issues addressed include an input validation vulnerability.Ubuntu Security Notice USN-3885-2Ubuntu Security Notice 3885-2 - USN-3885-1 fixed vulnerabilities in OpenSSH. It was discovered that the fix forCVE-2019-6111 turned out to be incomplete. This update fixes the problem. Harry Sintonen discoveredmultiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to anuntrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directorypermissions, and spoof client output. Various other issues were also addressed.Red Hat Security Advisory 2019-0451-01Red Hat Security Advisory 2019-0451-01 - Red Hat JBoss Web Server is a fully integrated and certified set ofcomponents for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBossHTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Thisrelease of Red Hat JBoss Web Server 5.0 Service Pack 2 serves as a replacement for Red Hat JBoss WebServer 5.0 Service Pack 1, and includes bug fixes, which are documented in the Release Notes documentlinked to in the References. Issues addressed include insecure defaults in the CORS filter.Red Hat Security Advisory 2019-0450-01Red Hat Security Advisory 2019-0450-01 - Red Hat JBoss Web Server is a fully integrated and certified set ofcomponents for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBossHTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Thisrelease of Red Hat JBoss Web Server 5.0 Service Pack 2 serves as a replacement for Red Hat JBoss WebServer 5.0 Service Pack 1, and includes bug fixes, which are documented in the Release Notes documentlinked to in the References. Issues addressed include insecure defaults in the CORS filter.Red Hat Security Advisory 2019-0447-01Red Hat Security Advisory 2019-0447-01 - In accordance with the Red Hat Enterprise Linux Errata SupportPolicy, Extended Update Support for Red Hat Enterprise Linux 7.4 will be retired as of August 31, 2019, and

active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages,including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 7.4 EUSafter August 31, 2019.Red Hat Security Advisory 2019-0442-01Red Hat Security Advisory 2019-0442-01 - In accordance with the Red Hat Enterprise Linux Errata SupportPolicy, Advanced Mission Critical for Red Hat Enterprise Linux 6.4 will be retired as of February 28, 2019, andactive support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages,including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.4 AMCafter February 28, 2019.Slackware Security Advisory - python UpdatesSlackware Security Advisory - New python packages are available for Slackware 14.0, 14.1, 14.2, and -currentto fix security issues. Debian Security Advisory 4387-2Debian Linux Security Advisory 4387-2 - It was found that a security update (DSA-4387-1) of OpenSSH, animplementation of the SSH protocol suite, was incomplete. This update did not completely fix CVE-2019-6111,an arbitrary file overwrite vulnerability in the scp client implementing the SCP protocol.Slackware Security Advisory - infozip UpdatesSlackware Security Advisory - New infozip packages are available for Slackware 14.0, 14.1, 14.2, and -currentto fix security issues. RSA Authentication Manager 8.4 Insecure Credential ManagementRSA Authentication Manager versions 8.4 and below contain a vulnerability associated with insecure credentialmanagement.

https://www.informationwarfarecenter.com