For anyone who has the misfortune of dealing with interoperability between Windows and Linux: a significant Samba security update was just released. https://www.cisa.gov/uscert/ncas/current-activity/2022/02/01/samba-releases-security-updates

CVE IDs:

CVE-2021-44141
CVE-2021-44142
CVE-2022-0336

www.cisa.gov

Samba Releases Security Updates | CISA

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following…

⚠️ Microsoft Exchange Server - GENERAL ADVISORY - UPDATE IMMEDIATELY!Several new flaws (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) have been reported and Microsoft issued an emergency fix. It is reported that the vulnerabilities are actively being exploited.Affected: Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019.

More Information (Advisory/Updates): https://yt.gl/exchangeexp

(severity: ? very high)

#alert #vulnerability #severityhigh #exchange #CVE-2021-26855 #CVE-2021-26857 #CVE-2021-26858 #CVE-2021-27065.

➡️ Feel free to discuss this issue in @itsectalk and do your colleagues a favor and forward them this critical vulnerability.

Microsoft On the Issues

New nation-state cyberattacks - Microsoft On the Issues

Today, we’re sharing information about a state-sponsored threat actor identified by the Microsoft Threat Intelligence Center (MSTIC) that we are calling Hafnium. Hafnium operates from China, and this is the first time we’re discussing its activity. It is…

⚠️ "Barcode Scanner" app on Android turned evil! Removed from playstore but not from your devices. It had over 10 million installs so there is a good chance that you know someone that has it. Please let them know.

App Name: Barcode Scanner
MD5: A922F91BAF324FA07B3C40846EBBFE30
Package Name: com.qrcodescanner.barcodescanner

Severity: ?High

Additional informationhttps://yt.gl/barcodeevil

#alert #severityHigh #maliciousupdate #barcodescanner #android

➡️ Please forward to your friends and family that could be using this app. Thanks for the report that was sent in.

⚠️Buffer overflow in sudo (linux utility) - ❗️ affects most distributions/versions - CVE-2021-3156While a local user is required to exploit this vulnerability, even the account 'nobody' can exploit this vulnerability. An unprivileged user can gain root privileges on affected hosts!

Check if you are affected!To check if you are affected, run sudoedit \-s / as non-root user. If the response is sudoedit: your system is vulnerable.

The following "sudo" versions are vulnerable All legacy versions from 1.8.2 to 1.8.31p2
All stable versions from 1.9.0 to 1.9.5p1

Severity: ?High

Additional informationhttps://yt.gl/sudobufferoverflow

#alert #severityHigh #vulnerability #linux #sudo

? Feel free to discuss this issue in @itsectalk ? Please vote if this information was helpful to you.

Qualys Security Blog

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) | Qualys Security Blog

Update Feb 3, 2021: It has been reported that macOS, AIX, and Solaris are also vulnerable to CVE-2021-3156, and that others may also still be vulnerable. Qualys has not independently verified the…

⚠️SonicWall VPN Portal Critical Flaw
Tripwire VERT has identified a stack-based buffer overflow in SonicWall Network Security Appliance (NSA).
A fix is available.

SonicWall has indicated that the following versions are vulnerable:
SonicOS 6.5.4.7-79n and earlier
SonicOS 6.5.1.11-4n and earlier
SonicOS 6.0.5.3-93o and earlier
SonicOSv 6.5.4.4-44v-21-794 and earlier
* SonicOS 7.0.0.0-1

(Severity: ?high)

Additional information:
https://www.tripwire.com/state-of-security/vert/sonicwall-vpn-portal-critical-flaw-cve-2020-5135/

#alert #severityHigh #vulnerability #firewall #sonicwall
#CVE2020-5135

The State of Security

SonicWall VPN Portal Critical Flaw (CVE-2020-5135)

Tripwire VERT has identified a stack-based buffer overflow in SonicWall Network Security Appliance (CVE-2020-5135). Craig Young has the details.

⚠️ iPhones/iPads Mail app vulnerable

"The flaws could eventually let remote hackers secretly take complete control over Apple devices just by sending an email to any targeted individual with his email account logged-in to the vulnerable app."

Severity: ? High
More Information: https://yt.gl/tjqz8

#alert #severityhigh #vulnerability #apple #mailapp

? Spread the news, forward the message to your mobile management admins.
❓ Questions? Feedback? Want to discuss? Join us at @itsectalk

This channel is not dead, but we need your help. If you find something that might be interesting for broadcasting, please let us know in @itsectalk - thanks! ?

⚠ Two unauthenticated RCE vulns in Microsoft Remote Desktop. Exploitation likely, says Microsoft. Affects Win 10, Win 7, Win 8.1, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2.

Updates are available and they should be applied immediately, especially for those systems acessible through the internet.

Severity: ? High
More Information: https://yt.gl/20191181 and https://yt.gl/20191182

#alert #vulnberability #severityhigh #microsoft #remotedesktopservice #terminalservice #update

✉ Join the discussion over at our Telegram group @itsectalk and forward this to your enterprise administrator.

⚠️ Logitech "Unifying" (wireless RX), several vulnerabilities.
Affected are all products (keyboards, mice, presenters) that carry the "Unifying" logo.

Updates are available for some vulns, but applying the updates is not straight forward, please check the more information link.

Severity: ? High
More Information: https://yt.gl/logitechunifying

#alert #severityhigh #vulnerability #hardware #logitech #unifying

? Spread the news, forward the message to your enterprise admins.
❓ Questions? Feedback? Want to discuss? Join us at @itsectalk

⚠️ Linux/FreeBSD Denial of Service attacks possible. Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels.

- CVE-2019-11477: SACK Panic (Linux >= 2.6.29)
- 3 more CVEs

Severity: ? High
More Information: https://yt.gl/sackpanic

#alert #severityhigh #vulnerability #linux #freebsd #networking #kernel

? Spread the news, forward the message to your sysadmins.
❓ Questions? Feedback? Want to discuss? Join us at @itsectalk