Websites
Websites
Runtime: 5.4s
Share on Facebook or Twitter
On August 19, 2022 at 7:41:58 PM UTC, https://seclists.org/ was accessible when tested on AS9121 in Türkiye.

Failures

HTTP Experiment
null
DNS Experiment
null
Control
null

DNS Queries

Resolver:
195.175.120.8
Query:
IN A seclists.org
Engine:
system
Name
Class
TTL
Type
DATA
Answer IP Info
@
IN
A
45.33.49.119
AS63949 (Linode, LLC)

TCP Connections

45.33.49.119:443: succeeded

HTTP Requests

URL
GET https://seclists.org/
Response Headers
Accept-Ranges:
bytes
Content-Length:
188817
Content-Type:
text/html; charset=UTF-8
Date:
Fri, 19 Aug 2022 19:41:35 GMT
Etag:
"2e191-5e69d1fd28aa3"
Last-Modified:
Fri, 19 Aug 2022 19:30:01 GMT
Server:
Apache/2.4.6 (CentOS)
Vary:
Host
Response Body
<!DOCTYPE html>
<html lang="en">
<head>
<script async src="/site.js"></script>
<title>SecLists.Org Security Mailing List Archive</title>
<meta name="description" content="Security mailing list archive for the Nmap lists, Bugtraq, Full Disclosure, Security Basics, Pen-test, and dozens more. Search capabilities and RSS feeds with smart excerpts are available">
<META name="keywords" content="Security,Mailing Lists,nmap-dev,nmap-hackers,Bugtraq,Full Disclosure,Security Basics,Penetration Testing,Info Security News,Firewall Wizards,IDS Focus,Web App Security,Daily Dave,Honepots,MS Sec Notification,Funsec,CERT Advisories,Open Source Security,NANOG,Interesting People,RISKS,Metasploit,Wireshark,Snort">
<link rel="canonical" href="https://seclists.org/">
<script type="application/ld+json">{
"@context": "http://schema.org",
"@type": "WebSite",
"url": "https://seclists.org/",
"image": "https://seclists.org/images/sitelogo.png",
"potentialAction": {
 "@type": "SearchAction",
 "target": {
  "@type": "EntryPoint",
  "urlTemplate": "https://seclists.org/search.html?q={term}"
 },
 "query-input": "required name=term"
}}</script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="theme-color" content="#2A0D45">
<link rel="preload" as="image" href="/images/sitelogo.png" imagesizes="168px" imagesrcset="/images/sitelogo.png, /images/sitelogo-2x.png 2x">
<link rel="preload" as="image" href="/shared/images/nst-icons.svg">
<link rel="stylesheet" href="/shared/css/nst.css?v=2">
<script async src="/shared/js/nst.js?v=2"></script>
<link rel="stylesheet" href="/shared/css/nst-foot.css?v=2" media="print" onload="this.media='all'">
<link rel="stylesheet" href="/site.css">
<!--Google Analytics Code-->
<link rel="preload" href="https://www.google-analytics.com/analytics.js" as="script">
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-11009417-1', 'auto');
ga('send', 'pageview');
</script>
<!--END Google Analytics Code-->
<META NAME="ROBOTS" CONTENT="NOARCHIVE">
<link rel="shortcut icon" href="/shared/images/tiny-eyeicon.png" type="image/png">
</head>
<body><div id="nst-wrapper">

<div id="menu">
 <div class="blur">
  <header id="nst-head">

    <a id="menu-open" href="#menu" aria-label="Open menu">
     <img width="44" height="44" alt="" aria-hidden="true"
      src="/shared/images/nst-icons.svg#menu">
    </a>
    <a id="menu-close" href="#" aria-label="Close menu">
     <img width="44" height="44" alt="" aria-hidden="true"
      src="/shared/images/nst-icons.svg#close">
    </a>

   <a id="nst-logo" href="/" aria-label="Home page">
    <img alt="Home page logo" srcset="/images/sitelogo.png, /images/sitelogo-2x.png 2x" src="/images/sitelogo.png" onerror="this.onerror=null;this.srcset=this.src" height=90 width=168></a>

   <nav id="nst-gnav">
    <a class="nlink" href="https://nmap.org/">Nmap.org</a>
    <a class="nlink" href="https://npcap.com/">Npcap.com</a>
    <a class="nlink" href="https://seclists.org/">Seclists.org</a>
    <a class="nlink" href="https://sectools.org">Sectools.org</a>
    <a class="nlink" href="https://insecure.org/">Insecure.org</a>
   </nav>

   <form class="nst-search" id="nst-head-search" action="/search/">
    <input class="nst-search-q" name="q" type="search" placeholder="Site Search">
    <button class="nst-search-button" title="Search">
     <img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true"
      src="/shared/images/nst-icons.svg#search">
     </button>
   </form>

  </header>
 </div>
</div>

<main id="nst-content">
<nav id="nst-sitenav">
<a class="nlink" href="/nmap-announce/">Nmap Announce</a>
<a class="nlink" href="/nmap-dev/">Nmap Dev</a>
<a class="nlink" href="/fulldisclosure/">Full Disclosure</a>
<a class="nlink" href="/#other">Security Lists</a>
<a class="nlink" href="/#internet">Internet Issues</a>
<a class="nlink" href="/#oss">Open Source Dev</a>
</nav>
<h1 class="l-title">SecLists.Org Security Mailing List Archive</h1>

<p>Any hacker will tell you that the latest news and exploits are not
found on any web site&mdash;not even <a href="https://insecure.org">Insecure.Org</a>.  No, the cutting edge
in security research is and will continue to be the full
disclosure mailing lists such as Bugtraq.  Here we provide web
archives and RSS feeds (now including message extracts), updated in real-time, for many of our favorite lists.
Browse the individual lists below, or search them all using the Site Search box above.

<h2 id="inseclists" class="purpleheader">Insecure.Org Lists</h2><div id="nmap-dev" class="l-abstract">
<a href="/nmap-dev/"><img src="/images/nmap-dev-logo.png" width="80" class="right" alt="nmap-dev logo"></a><p><b><a href="/nmap-dev/">Nmap Development</a></b> &mdash; Unmoderated technical development forum for debating ideas, patches, and suggestions regarding proposed changes to <a href="https://nmap.org">Nmap</A> and related projects. <a href="https://nmap.org/mailman/listinfo/dev">Subscribe to nmap-dev here</a>.<ul class="inline"><li class="first"><a href="/nmap-dev/2022/q3/index.html"><img src="/images/current-icon-16x16.png" width=16 height=16 alt="Current period icon">Current Quarter</a>
<li><a href="/nmap-dev/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/nmap-dev.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="https://nmap.org/mailman/listinfo/dev"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/nmap-dev/"><span class="show-id">nmap-dev</span>Latest Posts</a></ul>
<blockquote id="latest-nmap-dev" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q3/5">Re: ncat: Windows build difficulties</a></strong>
<em>David Fifield (Aug 15)</em><br>
It&apos;s strange that there haven&apos;t been other reports of the same problem,<br>
but the way to file a bug report is with a GitHub issue:<br>
<a  rel="nofollow" href="https://github.com/nmap/nmap/blob/d66644be63e64a94687160da005d65cbf0b51280/CONTRIBUTING.md#bug">https://github.com/nmap/nmap/blob/d66644be63e64a94687160da005d65cbf0b51280/CONTRIBUTING.md#bug</a><br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q3/4">Re: ncat: Windows build difficulties</a></strong>
<em>Adam Baxter (Aug 11)</em><br>
Interestingly, <a  rel="nofollow" href="https://github.com/microsoft/vcpkg/tree/master/ports/nmap">https://github.com/microsoft/vcpkg/tree/master/ports/nmap</a> carries a number of patches which might be <br>
useful here upstream, too.<br>
<br>
--Adam<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q3/3">Re: ncat: Windows build difficulties</a></strong>
<em>Adam Baxter (Aug 11)</em><br>
Hi David,<br>
<br>
Good catch, thanks. At the time of writing, &quot;CompileAsCpp&quot; is set in 3 places in <br>
<a  rel="nofollow" href="https://svn.nmap.org/nmap/ncat/ncat.vcxproj">https://svn.nmap.org/nmap/ncat/ncat.vcxproj</a>. What&apos;s the process to get this changed?<br>
<br>
--Adam<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q3/2">Re: ncat: Windows build difficulties</a></strong>
<em>David Fifield (Aug 11)</em><br>
I think this error occurs when trying to compile C code with a C++<br>
compiler. The pointer conversion is implicit in C but must be explicit<br>
in C++.<br>
<br>
I&apos;m not sure how the C++ compiler came to be used, though—maybe check<br>
the changes you made to the solution file.<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q3/1">ncat: Windows build difficulties</a></strong>
<em>Adam Baxter (Aug 11)</em><br>
Hi,<br>
I&apos;m attempting to build ncat statically for Windows using VS2022 and I&apos;ve run into the following issues:<br>
* applink.c missing from static build of openssl 3.0.5 - fixed by downloading <br>
<a  rel="nofollow" href="https://github.com/openssl/openssl/blob/master/ms/applink.c">https://github.com/openssl/openssl/blob/master/ms/applink.c</a> into the correct path<br>
<br>
* vcxproj/sln file not set up to build ncat for x64 - fixed by fiddling with the solution configuration. I&apos;m not sure <br>
how this was generated but I could provide a...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q3/0">Report a Bug of Zenmap</a></strong>
<em>zjjncsn via dev (Aug 10)</em><br>
????7.92(????)<br>
??????Nmap??????????Nmap??????????????????????????????????????????Nmap????????????????????????????????????????????<br>
<br>
version 7.92(Chinese)<br>
When I&apos;m in nmap output tab, it can display normally. But once I&amp;nbsp;switch to another tab and switch back, it can&apos;t <br>
display. And the output box will be gray. (Look at the video.)<br>
Sorry for my poor English.<br>
<br>
Shining&amp;nbsp;Chen<br>
zjjncsn () qq com...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q2/11">Re: Nmap uses PCRE library and scan tool report one vulnerability CVE-2022-1586 &amp; CVE-2022-1587 to PCRE2 library</a></strong>
<em>Gordon Fyodor Lyon (Jun 20)</em><br>
Hi Shivani.  Thanks for the report.  Those two vulnerabilities are in the<br>
PCRE2 (2nd generation) PCRE library.  Although we plan to upgrade to PCRE2<br>
soon, Nmap is currently still using the 1st generation PCRE which is not<br>
susceptible to these bugs.  When we do upgrade, we will be sure to use a<br>
fixed version of PCRE2.<br>
<br>
Also, Nmap version 4.6 and 5.21 are ancient and well worth upgrading for<br>
other reasons.<br>
<br>
On Mon, Jun 20, 2022 at 1:47 PM Sharma,...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q2/10">Nmap uses PCRE library and scan tool report one vulnerability CVE-2022-1586  &amp; CVE-2022-1587 to PCRE2 library</a></strong>
<em>Sharma, Shivani via dev (Jun 20)</em><br>
Hi Team,<br>
We are using Nmap 4.6 and 5.21 in our project and scan tool reports one vulnerability to Nmap which is related to PCRE2.<br>
As per vulnerabilities ,CVE-2022-1586: This involves a unicode property matching issue in JIT-compiled regular <br>
expressions. The issue occurs because the character was not fully read in case-less matching within JIT.<br>
CVE-2022-1587: This comes with PCRE2 library in the get_recurse_data_length() function of the...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q2/9">dhcp script not being seen as open?</a></strong>
<em>Mike . (Jun 20)</em><br>
was  testing with my router today i noticed this. sent out a dhcp OFFER i am assuming that is what the script is <br>
sending out, and i notice i get back OPEN/FILTERED. if i am receiving a reply back, why is nmap not seeing this, <br>
marking that as such, and calling it OPEN? it is receiving a valid packet response. am i missing something? here is the <br>
output&gt;<br>
<br>
from the nmap side of the NSE debug on<br>
<br>
NSE: Script scanning 192.168.0.1.<br>
Initiating NSE...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q2/8">PR, dhcp6, added duid types</a></strong>
<em>Christoph Barthel via dev (Jun 20)</em><br>
<a  rel="nofollow" href="https://github.com/nmap/nmap/pull/2487">https://github.com/nmap/nmap/pull/2487</a><br>
<br>
Hello dev&apos;s,<br>
<br>
I discovered an issue while using the broadcast-dhcp6-discover script. <br>
The script is using the dhcp6.lua script in which the CLIENTID parser <br>
returned for an DUID != 1. So I added, according to RFC3315, the <br>
remaining two DUIDs (DUID-LL, DUID-EN).<br>
<br>
Note: For DUID-EN the vendor based enterprise number will be skipped.<br>
<br>
<a  rel="nofollow" href="https://datatracker.ietf.org/doc/html/rfc3315#section-9.1">https://datatracker.ietf.org/doc/html/rfc3315#section-9.1</a><br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q2/7">Re: Where to report incorrect mac prefixes</a></strong>
<em>Esa Jokinen via dev (Jun 01)</em><br>
It seems my earlier reply to this has stuck somewhere. I have a pull<br>
request #2479 open on GitHub to update the nmap-mac-prefixes file,<br>
including a Python script that parses and converts the IEEE source data<br>
from the updated format.<br>
<br>
Esa Jokinen @oh2fih<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q2/6">Where to report incorrect mac prefixes</a></strong>
<em>Joey Seal (May 17)</em><br>
I occasionally encounter the wrong vendor after running an NMAP scan, where<br>
can I report this?<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q2/5">Missing ssh hostkeys when running at scale</a></strong>
<em>Loone, Sami (May 04)</em><br>
Hello nmap devs,<br>
<br>
I&apos;m writing in hope that a oneliner pull request could get a bit of attention.<br>
<br>
    <a  rel="nofollow" href="https://github.com/nmap/nmap/pull/2338">https://github.com/nmap/nmap/pull/2338</a><br>
<br>
In short, ssh hostkey scan script intermittently ends up missing some of the<br>
expected keys when running at scale. The patch is to fix nmap ssh packet<br>
encoding for multiprecision integers.<br>
<br>
I&apos;ve recently added a hacky shell script to the pull request to make it a bit<br>
easier to reproduce the issue...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q2/4">Re: Writing high-performance npcap application</a></strong>
<em>Daniel Miller (Apr 29)</em><br>
Jan,<br>
<br>
Thanks for your interest in Npcap! I&apos;ll try to answer questions inline<br>
below.<br>
<br>
On Wed, Apr 27, 2022 at 1:21 PM Jan Danielsson &lt;jan.m.danielsson () gmail com&gt;<br>
wrote:<br>
<br>
Questions can also be posted as Issues on our Github page, but the nmap-dev<br>
mailing list is also publicly archived, so it works well for this type of<br>
discussion.<br>
<br>
I believe most of the performance difference there would be because Npcap<br>
so far does not support a...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-dev/2022/q2/3">Writing high-performance npcap application</a></strong>
<em>Jan Danielsson (Apr 27)</em><br>
Hello,<br>
<br>
    [The npcap page said it was ok to use nmap mailing list for npcap <br>
related questions.  If there&apos;s a more appropriate forum, please point me <br>
to it.]<br>
<br>
    I&apos;m working on an application that requires very high transfer rates <br>
of raw ethernet packets.  As a reference, we use libpcap on unixy <br>
platforms and are able to saturate a 1Gbit/s link, with zero packet <br>
loss.  A few customers need Windows support, so we&apos;re looking...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="nmap-announce" class="l-abstract">
<a href="/nmap-announce/"><img src="/images/nmap-announce-logo.png" width="80" class="right" alt="nmap-announce logo"></a><p><b><a href="/nmap-announce/">Nmap Announce</a></b> &mdash; Moderated list for the most important new releases and announcements regarding the <a href="https://nmap.org">Nmap Security Scanner</a> and related projects. We recommend that all Nmap users <a href="https://nmap.org/mailman/listinfo/announce">subscribe to stay informed</a>.<ul class="inline"><li class="first"><a href="/nmap-announce/2021/index.html"><img src="/images/current-icon-16x16.png" width=16 height=16 alt="Current period icon">Previous Year</a>
<li><a href="/nmap-announce/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/nmap-announce.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="https://nmap.org/mailman/listinfo/announce"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/nmap-announce/"><span class="show-id">nmap-announce</span>Latest Posts</a></ul>
<blockquote id="latest-nmap-announce" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/nmap-announce/2021/4">Npcap 1.60 Release: Code Hardening, Compatibility, and Bug Fixes</a></strong>
<em>Gordon Fyodor Lyon (Dec 08)</em><br>
Hi Nmap (and Npcap) hackers!  I hope you&apos;re enjoying the start of the<br>
holidays.  For your first stocking stuffer, we&apos;re happy to release Npcap<br>
Version 1.60!  We also released (but never actually announced) Version 1.55<br>
in September.  We put out Versions 1.12 and 1.11 of the SDK too.  None of<br>
these try to wow you with major new features.  We&apos;re excited about a lot of<br>
those in the pipeline, but we focused the last few months on...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-announce/2021/3">Nmap 7.92 Defcon Release!</a></strong>
<em>Gordon Fyodor Lyon (Aug 07)</em><br>
Hi folks. Many of us can&apos;t attend Defcon in person this year due to global<br>
pandemic, but we won&apos;t let that stop our traditional Defcon Nmap release!<br>
We just posted Nmap 7.92 to <a  rel="nofollow" href="https://nmap.org/download.html">https://nmap.org/download.html</a>.  It includes<br>
dozens of performance improvements, feature enhancements, and bug fixes<br>
that we&apos;ve made over the last 10 months.<br>
<br>
The biggest improvement (at least for Windows users) is the inclusion of<br>
version 1.50 of Npcap (...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-announce/2021/2">Npcap 1.50 Release Brings Nmap &amp; Wireshark to Windows ARM devices</a></strong>
<em>Gordon Fyodor Lyon (Jun 28)</em><br>
Hi folks.  The Nmap Project is pleased to release Npcap version 1.50 at<br>
<a  rel="nofollow" href="https://npcap.org">https://npcap.org</a>.  There are many improvements in  this release, but the<br>
one we&apos;re most excited about is support for the ARM architecture!  This<br>
allows apps like Nmap and Wireshark to run for the first time on a newer<br>
generation of hardware which often includes all-day battery life and<br>
always-on LTE/5G capabilities.  Devices vary from the $349 Samsung Galaxy<br>
Book Go...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-announce/2021/1">Npcap 1.30 Released: Raw WiFi + Better Performance</a></strong>
<em>Gordon Fyodor Lyon (Apr 12)</em><br>
Hi folks. The Nmap Project is pleased to release Npcap Version 1.30 at<br>
<a  rel="nofollow" href="https://npcap.org">https://npcap.org</a>. We hope Nmap and Wireshark users will be especially<br>
happy with the raw WiFi improvements, since you tend to be particularly<br>
savvy about low-level network inspection. It turns out that some of the<br>
issues we thought were caused by lower level hardware drivers were actually<br>
bugs in our driver. Oops! But at least that means we can fix them<br>
ourselves, and we did....<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nmap-announce/2021/0">Npcap 1.20 released</a></strong>
<em>Gordon Fyodor Lyon (Mar 16)</em><br>
Nmap/Npcap Community:<br>
<br>
I&apos;m happy to report the release of version 1.20 of the Npcap Windows packet<br>
capturing/sending driver! It&apos;s the first release of 2021 and includes<br>
better capabilities for selecting timestamp methods as well as many other<br>
improvements and bug fixes. These include updating the underlying libpcap<br>
library to version 1.10 and building our installer now with NSIS 3.  More<br>
details on all this are available from the...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="fulldisclosure" class="l-abstract">
<a href="/fulldisclosure/"><img src="/images/fulldisclosure-logo.png" width="80" class="right" alt="fulldisclosure logo"></a><p><b><a href="/fulldisclosure/">Full Disclosure</a></b> &mdash; A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community.  The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip.  More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.<ul class="inline"><li class="first"><a href="/fulldisclosure/2022/Aug/index.html"><img src="/images/current-icon-16x16.png" width=16 height=16 alt="Current period icon">Current Month</a>
<li><a href="/fulldisclosure/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/fulldisclosure.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="https://nmap.org/mailman/listinfo/fulldisclosure"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/fulldisclosure/"><span class="show-id">fulldisclosure</span>Latest Posts</a></ul>
<blockquote id="latest-fulldisclosure" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/13">Re: typeorm CVE-2022-33171</a></strong>
<em>Tobias Schneider (Aug 19)</em><br>
Someone should tell Snyk about the risks of &quot;Supply Chain vulnerabilities&quot;<br>
...<br>
<br>
(and yes this is a vulnerability, nice find!)<br>
<br>
LoL&apos;ing at Maintainer.<br>
<br>
Cheers, @haxel0rd.<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/15">Trovent Security Advisory 2110-01 / Insecure data storage in	Polar Flow Android application</a></strong>
<em>Stefan Pietsch (Aug 19)</em><br>
# Trovent Security Advisory 2110-01 #<br>
#####################################<br>
<br>
Insecure data storage in Polar Flow Android application<br>
#######################################################<br>
<br>
Overview<br>
########<br>
<br>
Advisory ID: TRSA-2110-01<br>
Advisory version: 1.0<br>
Advisory status: Public<br>
Advisory URL: <a  rel="nofollow" href="https://trovent.io/security-advisory-2110-01">https://trovent.io/security-advisory-2110-01</a><br>
Affected product: Polar Flow Android mobile application (fi.polar.polarflow)<br>
Affected version: 5.7.1<br>
Vendor:...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/14">APPLE-SA-2022-08-18-1 Safari 15.6.1</a></strong>
<em>Apple Product Security via Fulldisclosure (Aug 19)</em><br>
APPLE-SA-2022-08-18-1 Safari 15.6.1<br>
<br>
Safari 15.6.1 addresses the following issues.<br>
Information about the security content is also available at<br>
<a  rel="nofollow" href="https://support.apple.com/HT213414">https://support.apple.com/HT213414</a>.<br>
<br>
WebKit<br>
Available for: macOS Big Sur and macOS Catalina<br>
Impact: Processing maliciously crafted web content may lead to<br>
arbitrary code execution. Apple is aware of a report that this issue<br>
may have been actively exploited.<br>
Description: An out-of-bounds write issue was...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/12">APPLE-SA-2022-08-17-1 iOS 15.6.1 and iPadOS 15.6.1</a></strong>
<em>Apple Product Security via Fulldisclosure (Aug 19)</em><br>
APPLE-SA-2022-08-17-1 iOS 15.6.1 and iPadOS 15.6.1<br>
<br>
iOS 15.6.1 and iPadOS 15.6.1 addresses the following issues.<br>
Information about the security content is also available at<br>
<a  rel="nofollow" href="https://support.apple.com/HT213412">https://support.apple.com/HT213412</a>.<br>
<br>
Kernel<br>
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2<br>
and later, iPad 5th generation and later, iPad mini 4 and later, and<br>
iPod touch (7th generation)<br>
Impact: An application may be able to execute arbitrary code with...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/11">APPLE-SA-2022-08-17-2 macOS Monterey 12.5.1</a></strong>
<em>Apple Product Security via Fulldisclosure (Aug 19)</em><br>
APPLE-SA-2022-08-17-2 macOS Monterey 12.5.1<br>
<br>
macOS Monterey 12.5.1 addresses the following issues.<br>
Information about the security content is also available at<br>
<a  rel="nofollow" href="https://support.apple.com/HT213413">https://support.apple.com/HT213413</a>.<br>
<br>
Kernel<br>
Available for: macOS Monterey<br>
Impact: An application may be able to execute arbitrary code with<br>
kernel privileges. Apple is aware of a report that this issue may<br>
have been actively exploited.<br>
Description: An out-of-bounds write issue was addressed...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/10">[CVE-2022-2536] Transposh &lt;= 1.0.8.1 “tp_translation” Authorization Bypass</a></strong>
<em>Julien Ahrens (RCE Security) (Aug 19)</em><br>
RCE Security Advisory<br>
<a  rel="nofollow" href="https://www.rcesecurity.com">https://www.rcesecurity.com</a><br>
<br>
1. ADVISORY INFORMATION<br>
=======================<br>
Product:        Transposh WordPress Translation<br>
Vendor URL:     <a  rel="nofollow" href="https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/">https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/</a><br>
Type:           Incorrect Authorization [CWE-863]<br>
Date found:     2022-07-23<br>
Date published: 2022-08-16<br>
CVSSv3 Score:   7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)<br>
CVE:            CVE-2022-2536<br>
<br>
2. CREDITS...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/9">Win32.Ransom.BlueSky / Arbitrary Code Execution</a></strong>
<em>malvuln (Aug 15)</em><br>
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022<br>
Original source:<br>
<a  rel="nofollow" href="https://malvuln.com/advisory/961fa85207cdc4ef86a076bbff07a409.txt">https://malvuln.com/advisory/961fa85207cdc4ef86a076bbff07a409.txt</a><br>
Contact: malvuln13 () gmail com<br>
Media: twitter.com/malvuln<br>
<br>
Threat: Win32.Ransom.BlueSky<br>
Vulnerability: Arbitrary Code Execution<br>
Description: The BlueSky ransomware looks for and executes arbitrary DLLs<br>
in its current working directory. Therefore, we can hijack a vuln DLL,<br>
execute our own code, control...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/8">Zyxel IPC 3605N &amp; 4605N / Remote shell access</a></strong>
<em>Eric Urban (Aug 15)</em><br>
Hello everyone,<br>
<br>
I have identified that the Zyxel IPC 3605N and 4605N IP based security<br>
cameras have multiple flaws. Combining these together leads to the ability<br>
for an attacker to remotely install root shell access on the device.<br>
<br>
A web server installed for UPnP purposes allows the plaintext passwords to<br>
be retrieved by anyone. This grants access to the web administration<br>
interface. From there, a tarball can be downloaded, modified with a...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/7">Re: typeorm CVE-2022-33171</a></strong>
<em>Andrii Kostenko via Fulldisclosure (Aug 15)</em><br>
I found what I think is a vulnerability in the latest typeorm 0.3.7.<br>
TypeORM v0.3 has a new findOneBy method instead of findOneById() and it is<br>
the only way to get a record by id<br>
<br>
Sending undefined as a value in this method removes this parameter from the<br>
query. This leads to the data exposure.<br>
<br>
For example:<br>
Users.findOneBy({id: req.query.id}) with /?id=12345 produces SELECT * FROM<br>
Users WHERE id=12345 LIMIT 1 while removing id from the query...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/6">CVE-2022-2590: Linux kernel privilege escalation vulnerability</a></strong>
<em>Turritopsis Dohrnii Teo En Ming (Aug 11)</em><br>
Subject: CVE-2022-2590: Linux kernel privilege escalation vulnerability<br>
<br>
Good day from Singapore,<br>
<br>
Just sharing this Linux kernel security vulnerability.<br>
<br>
Article: CVE-2022-2590: Linux kernel privilege escalation vulnerability<br>
Link: <a  rel="nofollow" href="https://securityonline.info/cve-2022-2590-linux-kernel-privilege-escalation-vulnerability/">https://securityonline.info/cve-2022-2590-linux-kernel-privilege-escalation-vulnerability/</a><br>
<br>
Regards,<br>
<br>
Mr. Turritopsis Dohrnii Teo En Ming<br>
Targeted Individual in Singapore<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/5">Backdoor.Win32.Guptachar.20 / Insecure Credential Storage</a></strong>
<em>malvuln (Aug 08)</em><br>
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022<br>
Original source:<br>
<a  rel="nofollow" href="https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt">https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt</a><br>
Contact: malvuln13 () gmail com<br>
Media: twitter.com/malvuln<br>
<br>
Threat: Backdoor.Win32.Guptachar.20<br>
Vulnerability: Insecure Credential Storage<br>
Description: The malware runs a web server on TCP port 2015 (default) and<br>
uses BASIC authentication. The credentials &quot;hacker01:imchampgr8&quot; get stored<br>
in a...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/4">Backdoor.Win32.Bushtrommel.122 / Unauthenticated Remote	Command Execution</a></strong>
<em>malvuln (Aug 04)</em><br>
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022<br>
Original source:<br>
<a  rel="nofollow" href="https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87_B.txt">https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87_B.txt</a><br>
Contact: malvuln13 () gmail com<br>
Media: twitter.com/malvuln<br>
<br>
Threat: Backdoor.Win32.Bushtrommel.122<br>
Vulnerability: Unauthenticated Remote Command Execution<br>
Description: The malware listens on TCP port 31745 and 1030. Adversaries<br>
who can reach infected hosts can run commands made available by the...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/3">Backdoor.Win32.Bushtrommel.122 / Authentication Bypass</a></strong>
<em>malvuln (Aug 04)</em><br>
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022<br>
Original source:<br>
<a  rel="nofollow" href="https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87.txt">https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87.txt</a><br>
Contact: malvuln13 () gmail com<br>
Media: twitter.com/malvuln<br>
<br>
Threat: Backdoor.Win32.Bushtrommel.122<br>
Vulnerability: Authentication Bypass<br>
Description: The malware listens on TCP port 31745 runs an ftp server on<br>
port 1030. Attackers who can reach infected systems can logon using any<br>
username/password...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/2">Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow</a></strong>
<em>malvuln (Aug 04)</em><br>
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022<br>
Original source:<br>
<a  rel="nofollow" href="https://malvuln.com/advisory/783a191e7944e1af84ec0fa96d933f30.txt">https://malvuln.com/advisory/783a191e7944e1af84ec0fa96d933f30.txt</a><br>
Contact: malvuln13 () gmail com<br>
Media: twitter.com/malvuln<br>
<br>
Threat: Backdoor.Win32.Jokerdoor<br>
Vulnerability: Remote Stack Buffer Overflow<br>
Description: The malware listens on TCP port 27374. Attackers who can reach<br>
an infected system can send a large payload and trigger a classic stack<br>
buffer overflow...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/fulldisclosure/2022/Aug/1">Backdoor.Win32.Destrukor.20 / Unauthenticated Remote Command	Execution</a></strong>
<em>malvuln (Aug 01)</em><br>
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022<br>
Original source:<br>
<a  rel="nofollow" href="https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956_B.txt">https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956_B.txt</a><br>
Contact: malvuln13 () gmail com<br>
Media: twitter.com/malvuln<br>
<br>
Threat: Backdoor.Win32.Destrukor.20<br>
Vulnerability: Unauthenticated Remote Command Execution<br>
Description: The malware listens on TCP port 6969. Third-party adversaries<br>
who can reach infected hosts can run commands made available by the...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<h2 id="other" class="purpleheader">Other Excellent Security Lists</h2><div id="bugtraq" class="l-abstract">
<a href="/bugtraq/"><img src="/images/bugtraq-logo.png" width="80" class="right" alt="bugtraq logo"></a><p><b><a href="/bugtraq/">Bugtraq</a></b> &mdash; The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!<ul class="inline"><li class="first"><a href="/bugtraq/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/bugtraq.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.securityfocus.com/archive/1/description"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/bugtraq/"><span class="show-id">bugtraq</span>Latest Posts</a></ul>
<blockquote id="latest-bugtraq" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/bugtraq/2021/Jan/3">Re: [SECURITY] [DSA 4628-1] php7.0 security update</a></strong>
<em>Timesportsall (Jan 16)</em><br>
------------------------------------------------------------------------<br>
-<br>
Debian Security Advisory DSA-4628-1 security (at) debian (dot) org [email concealed]<br>
<a  rel="nofollow" href="https://www.debian.org/security/">https://www.debian.org/security/</a> Moritz Muehlenhoff<br>
February 18, 2020 <a  rel="nofollow" href="https://www.debian.org/security/faq">https://www.debian.org/security/faq</a><br>
------------------------------------------------------------------------<br>
-<br>
<br>
Package : php7.0<br>
CVE ID : CVE-2019-11045 CVE-2019-11046 CVE-2019-11047<br>
CVE-2019-11050 CVE-2020-7059...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/bugtraq/2021/Jan/2">Re: BugTraq Shutdown</a></strong>
<em>tommypickle (Jan 16)</em><br>
All old school hackers from UPT remember and want to show respect. Thanks for everything. <br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/bugtraq/2021/Jan/1">On Second Thought...</a></strong>
<em>alias (Jan 16)</em><br>
Bugtraq has been a valuable institution within the Cyber Security community for <br>
almost 30 years. Many of our own people entered the industry by subscribing to it<br>
and learning from it. So, based on the feedback we’ve received both from the<br>
community-at-large and internally, we’ve decided to keep the Bugtraq list running.<br>
We’ll be working in the coming weeks to ensure that it can remain a valuable asset<br>
to the community for years to...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/bugtraq/2021/Jan/0">BugTraq Shutdown</a></strong>
<em>alias (Jan 15)</em><br>
2020 was quite the year, one that saw many changes. As we begin 2021, we wanted <br>
to send one last note to our friends and supporters at the SecurityFocus BugTraq<br>
mailing list. As many of you know, assets of Symantec were acquired by Broadcom<br>
in late 2019, and some of those assets were then acquired by Accenture in 2020<br>
(<a  rel="nofollow" href="https://newsroom.accenture.com/news/accenture-completes-acquisition-of-broadco">https://newsroom.accenture.com/news/accenture-completes-acquisition-of-broadco</a><br>
ms-symantec-cyber-security-...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="basics" class="l-abstract">
<a href="/basics/"><img src="/images/basics-logo.png" width="80" class="right" alt="basics logo"></a><p><b><a href="/basics/">Security Basics</a></b> &mdash; A high-volume list which permits people to ask "stupid questions" without being derided as "n00bs".  I recommend this list to network security newbies, but be sure to read Bugtraq and other lists as well.<ul class="inline"><li class="first"><a href="/basics/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/basics.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.securityfocus.com/archive/105/description"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/basics/"><span class="show-id">basics</span>Latest Posts</a></ul>
<blockquote id="latest-basics" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/basics/2019/Feb/0">CarolinaCon-15 is April 26-28, 2019 in Charlotte NC - Call For Papers/Presenters is now open</a></strong>
<em>Vic Vandal (Feb 03)</em><br>
We are pleased to announce that CarolinaCon-15 will be on April 26th-28th 2019 in Charlotte NC at the Renaissance <br>
Charlotte Suites.  All who are interested in speaking on any topic in the realm of hacking, cybersecurity, technology, <br>
science, robotics or any related field are invited to submit a proposal to present at the con.  Full disclosure that <br>
technology or physical security exploitation type submissions are most desirable for this storied...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="pen-test" class="l-abstract">
<a href="/pen-test/"><img src="/images/pen-test-logo.png" width="80" class="right" alt="pen-test logo"></a><p><b><a href="/pen-test/">Penetration Testing</a></b> &mdash; While this list is intended for "professionals", participants frequenly disclose techniques and strategies that would be useful to anyone with a practical interest in security and network auditing.<ul class="inline"><li class="first"><a href="/pen-test/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/pen-test.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.securityfocus.com/archive/101/description"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/pen-test/"><span class="show-id">pen-test</span>Latest Posts</a></ul>
<blockquote id="latest-pen-test" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/pen-test/2018/Feb/1">44CON 2018 - 12th-14th September, London (UK)</a></strong>
<em>Steve (Feb 28)</em><br>
44CON 2018 is the UK&apos;s best annual Security Conference and Training event. The conference spans 2.5 days with training <br>
on the 10th and 11th of September, a free evening event on the 12th of September, and a full two-day conference on the <br>
13th and 14th of September. The event takes place at the ILEC Conference Centre near Earls Court, London. 44CON 2018 <br>
includes catering, private bus bar and Gin O&apos;Clock breaks. Early Bird discounted...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/pen-test/2018/Feb/0">RootedCON Security Conference - 1-3 March, Madrid (Spain)</a></strong>
<em>omarbv (Feb 11)</em><br>
On the occasion of the ninth edition of RootedCON, the most important<br>
computer security conference in the country, around  2,000 hackers will<br>
meet to discuss new questions and researchs about the cybersecurity<br>
world, with its risks and threats. National and international experts<br>
have included in their agendas this mandatory appointment to discuss new<br>
vulnerabilities, viruses, and other threats, they will also talk about<br>
countermeasures in order...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="isn" class="l-abstract">
<a href="/isn/"><img src="/images/isn-logo.png" width="80" class="right" alt="isn logo"></a><p><b><a href="/isn/">Info Security News</a></b> &mdash; Carries news items (generally from mainstream sources) that relate to security.<ul class="inline"><li class="first"><a href="/isn/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/isn.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.infosecnews.org/"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/isn/"><span class="show-id">isn</span>Latest Posts</a></ul>
<blockquote id="latest-isn" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/12">Ransomware: Why one city chose to the pay the ransom after falling victim</a></strong>
<em>InfoSec News (Aug 12)</em><br>
<a  rel="nofollow" href="https://www.zdnet.com/article/ransomware-why-one-city-chose-to-the-pay-the-ransom-after-falling-victim/">https://www.zdnet.com/article/ransomware-why-one-city-chose-to-the-pay-the-ransom-after-falling-victim/</a><br>
<br>
By Danny Palmer<br>
ZDNet.com<br>
August 12, 2020<br>
<br>
A US city has explained why it gave into the demands of cyber criminals <br>
and paid a ransom demand of $45,000 following a ransomware attack.<br>
<br>
Lafayette, Colorado fell victim to ransomware on July 27, which encrypted <br>
the city&apos;s computer networks and caused disruptions to phone services, <br>
email and...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/11">0-days, a failed patch, and a backdoor threat. Update Tuesday highlights</a></strong>
<em>InfoSec News (Aug 12)</em><br>
<a  rel="nofollow" href="https://arstechnica.com/information-technology/2020/08/update-tuesday-fixes-2-0days-and-botched-patch-for-a-backdoor-threat/">https://arstechnica.com/information-technology/2020/08/update-tuesday-fixes-2-0days-and-botched-patch-for-a-backdoor-threat/</a><br>
<br>
By Dan Goodin<br>
Ars Technica<br>
08/12/2020<br>
<br>
Microsoft on Tuesday patched 120 vulnerabilities, two that are notable <br>
because they’re under active attack and a third because it fixes a <br>
previous patch for a security flaw that allowed attackers to gain a <br>
backdoor that persisted even after a machine was updated.<br>
<br>
Zero-day...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/10">OCR warns hospitals of HIPAA compliance scams</a></strong>
<em>InfoSec News (Aug 12)</em><br>
<a  rel="nofollow" href="https://www.healthcareitnews.com/news/ocr-warns-hospitals-apparent-hipaa-compliance-scams">https://www.healthcareitnews.com/news/ocr-warns-hospitals-apparent-hipaa-compliance-scams</a><br>
<br>
By Mike Miliard<br>
Healthcare IT News<br>
August 11, 2020<br>
<br>
The Office for Civil Rights at the U.S. Department of Health and Human <br>
Services has warned health systems about what appears to be something of <br>
an old-fashioned and low-tech phishing attempt: fraudulent postcards, most <br>
addressed to hospital privacy officers, that warn of noncompliance with a <br>
mandatory...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/9">The Secret SIMs Used By Criminals to Spoof Any Number</a></strong>
<em>InfoSec News (Aug 12)</em><br>
<a  rel="nofollow" href="https://www.vice.com/en_us/article/n7w9pw/russian-sims-encrypted">https://www.vice.com/en_us/article/n7w9pw/russian-sims-encrypted</a><br>
<br>
By Joseph Cox<br>
Vice.com<br>
August 12, 2020<br>
<br>
The unsolicited call came from France. Or at least that&apos;s what my phone <br>
said. When I picked up, a man asked if I worked with the National Crime <br>
Agency, the UK&apos;s version of the FBI. When I explained, no, as a journalist <br>
I don&apos;t give information to the police, he said why he had contacted me.<br>
<br>
&quot;There are these special SIM...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/8">North Korean Hacking Group Attacks Israeli Defense Industry</a></strong>
<em>InfoSec News (Aug 12)</em><br>
<a  rel="nofollow" href="https://www.nytimes.com/2020/08/12/world/middleeast/north-korea-hackers-israel.html">https://www.nytimes.com/2020/08/12/world/middleeast/north-korea-hackers-israel.html</a><br>
<br>
By Ronen Bergman and Nicole Perlroth<br>
nytimes.com<br>
Aug. 12, 2020<br>
<br>
TEL AVIV -- Israel claimed Wednesday that it had thwarted a cyberattack by <br>
a North Korea-linked hacking group on its classified defense industry.<br>
<br>
The Defense Ministry said the attack was deflected “in real time” and that <br>
there was no “harm or disruption” to its computer systems.<br>
<br>
However,...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/7">FBI says an Iranian hacking group is attacking F5 networking devices</a></strong>
<em>InfoSec News (Aug 11)</em><br>
<a  rel="nofollow" href="https://www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices/">https://www.zdnet.com/article/fbi-says-an-iranian-hacking-group-is-attacking-f5-networking-devices/</a><br>
<br>
By Catalin Cimpanu<br>
Zero Day<br>
ZDNet.com<br>
August 10, 2020<br>
<br>
A group of elite hackers associated with the Iranian government has been <br>
detected attacking the US private and government sector, according to a <br>
security alert sent by the FBI last week.<br>
<br>
While the alert, called a Private Industry Notification, didn&apos;t identify <br>
the hackers by name,...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/6">Pen Test Partners: Boeing 747s receive critical software updates over 3.5&quot; floppy disks</a></strong>
<em>InfoSec News (Aug 11)</em><br>
<a  rel="nofollow" href="https://www.theregister.com/2020/08/10/boeing_747_floppy_drive_updates_walkthrough/">https://www.theregister.com/2020/08/10/boeing_747_floppy_drive_updates_walkthrough/</a><br>
<br>
By Gareth Corfield<br>
The Register<br>
08/10/2020<br>
<br>
DEF CON -- Boeing 747-400s still use floppy disks for loading critical <br>
navigation databases, Pen Test Partners has revealed to the infosec <br>
community after poking about one of the recently abandoned aircraft.<br>
<br>
The eye-catching factoid emerged during a DEF CON video interview of PTP&apos;s <br>
Alex Lomas, where the man...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/5">US Cyber Command is using unclassified networks to fight election interference</a></strong>
<em>InfoSec News (Aug 10)</em><br>
<a  rel="nofollow" href="https://www.c4isrnet.com/cyber/2020/08/10/us-cyber-command-is-using-unclassified-networks-to-fight-election-interference/">https://www.c4isrnet.com/cyber/2020/08/10/us-cyber-command-is-using-unclassified-networks-to-fight-election-interference/</a><br>
<br>
By Mark Pomerleau<br>
C4ISRNET.com<br>
08/10/2020<br>
<br>
WASHINGTON -- U.S. Cyber Command is using unclassified networks and <br>
publicly available communication platforms as it works to prevent foreign <br>
interference in the next presidential election, a CYBERCOM official has <br>
revealed.<br>
<br>
“From a CYBERCOM standpoint, one of the big changes...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/4">New England guardsmen test their skills in Cyber Yankee 2020</a></strong>
<em>InfoSec News (Aug 03)</em><br>
<a  rel="nofollow" href="https://www.c4isrnet.com/cyber/2020/08/03/new-england-guardsmen-test-their-skills-in-cyber-yankee-2020/">https://www.c4isrnet.com/cyber/2020/08/03/new-england-guardsmen-test-their-skills-in-cyber-yankee-2020/</a><br>
<br>
By Mark Pomerleau<br>
C4ISRNET.com<br>
08/03/2020<br>
<br>
Members of the National Guard from New England states concluded a two-week <br>
cyber exercise that sought to test the cyber skills of guardsmen and <br>
critical infrastructure operators.<br>
<br>
Cyber Yankee 2020, which took place July 21-31 in New Hampshire, involved <br>
more than 200 National Guard members and...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/3">Travel management company CWT hands over $4.5M following ransomware attack</a></strong>
<em>InfoSec News (Aug 03)</em><br>
<a  rel="nofollow" href="https://siliconangle.com/2020/08/02/travel-management-company-cwt-hands-4-5m-following-ransomware-attack/">https://siliconangle.com/2020/08/02/travel-management-company-cwt-hands-4-5m-following-ransomware-attack/</a><br>
<br>
By Duncan Riley<br>
SiliconAngle.com<br>
08/02/2020<br>
<br>
Business travel management company CWT Global B.V. is the latest company <br>
to pay a ransom demand following a ransomware attack.<br>
<br>
According to report Friday by Reuters, the company paid $4.5 million to <br>
those behind the ransomware after the attack knocked some 30,000 of the <br>
company’s computers...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/2">DOD, FBI, DHS release info on malware used in Chinese government-led hacking campaigns</a></strong>
<em>InfoSec News (Aug 03)</em><br>
<a  rel="nofollow" href="https://www.cyberscoop.com/taidoor-malware-report-china-cisa-dod-fbi/">https://www.cyberscoop.com/taidoor-malware-report-china-cisa-dod-fbi/</a><br>
<br>
By Shannon Vavra<br>
CYBERSCOOP<br>
August 3, 2020<br>
<br>
The U.S. government publicly put forth information Monday that exposed <br>
malware used in Chinese government hacking efforts for more than a decade.<br>
<br>
The Chinese government has been using malware, referred to as Taidoor, to <br>
target government agencies, entities in the private sector, and think <br>
tanks since 2008, according to a joint...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/1">Leaky S3 buckets have gotten so common that they&apos;re being found by the thousands now, with lots of buried secrets</a></strong>
<em>InfoSec News (Aug 03)</em><br>
<a  rel="nofollow" href="https://www.theregister.com/2020/08/03/leaky_s3_buckets/">https://www.theregister.com/2020/08/03/leaky_s3_buckets/</a><br>
<br>
By Shaun Nichols in San Francisco<br>
The Register<br>
3 Aug 2020<br>
<br>
The massive amounts of exposed data on misconfigured AWS S3 storage <br>
buckets is a catastrophic network breach just waiting to happen, say <br>
experts.<br>
<br>
The team at Truffle Security says its automated search tools were able to <br>
stumble across some 4,000 open Amazon S3 buckets that included data <br>
companies would not want public, things...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Aug/0">House Republicans introduce legislation to give states $400 million for elections</a></strong>
<em>InfoSec News (Aug 03)</em><br>
<a  rel="nofollow" href="https://thehill.com/policy/cybersecurity/510362-house-republicans-introduce-legislation-to-give-states-400-million-for">https://thehill.com/policy/cybersecurity/510362-house-republicans-introduce-legislation-to-give-states-400-million-for</a><br>
<br>
By Maggie Miller<br>
The Hill<br>
08/03/2020<br>
<br>
A group of House Republicans on Monday introduced legislation that would <br>
appropriate $400 million to states to address election challenges stemming <br>
from the COVID-19 pandemic.<br>
<br>
The Emergency Assistance for Safe Elections (EASE) Act would designate <br>
$200 million to assist with sanitizing...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Jul/78">Zoom private meeting passwords were easily crackable</a></strong>
<em>InfoSec News (Jul 30)</em><br>
<a  rel="nofollow" href="https://www.itnews.com.au/news/zoom-private-meeting-passwords-were-easily-crackable-551095">https://www.itnews.com.au/news/zoom-private-meeting-passwords-were-easily-crackable-551095</a><br>
<br>
By Juha Saarinen<br>
itnews.com.au<br>
July 31, 2020<br>
<br>
The automatically generated passwords protecting private Zoom meetings <br>
could be cracked with relative ease, allowing access to sensitive <br>
conferences, a researcher has discovered.<br>
<br>
Web site developer Tom Anthony decided on March 31 this year to see if he <br>
could crack the password for private Zoom meetings....<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/isn/2020/Jul/77">Pentagon needs access to defense companies&apos; networks to hunt cyberthreats, says commission</a></strong>
<em>InfoSec News (Jul 30)</em><br>
<a  rel="nofollow" href="https://www.c4isrnet.com/cyber/2020/07/30/pentagon-needs-access-to-defense-companies-networks-to-hunt-cyberthreats-says-commission/">https://www.c4isrnet.com/cyber/2020/07/30/pentagon-needs-access-to-defense-companies-networks-to-hunt-cyberthreats-says-commission/</a><br>
<br>
By Mark Pomerleau<br>
C4ISRNET.com<br>
July 30, 2020<br>
<br>
WASHINGTON -- The Pentagon must be able to hunt cyberthreats on the <br>
private networks of defense companies in order to strengthen national <br>
cybersecurity, according to one of the leaders of the Cyber Solarium <br>
Commission.<br>
<br>
Rep. Mike Gallagher, R-Wis., who co-chairs the...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="firewall-wizards" class="l-abstract">
<a href="/firewall-wizards/"><img src="/images/firewall-wizards-logo.png" width="80" class="right" alt="firewall-wizards logo"></a><p><b><a href="/firewall-wizards/">Firewall Wizards</a></b> &mdash; Tips and tricks for firewall administrators<ul class="inline"><li class="first"><a href="/firewall-wizards/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/firewall-wizards.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/firewall-wizards/"><span class="show-id">firewall-wizards</span>Latest Posts</a></ul>
<blockquote id="latest-firewall-wizards" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/firewall-wizards/2016/Sep/0">Revival?</a></strong>
<em>Paul Robertson (Sep 11)</em><br>
Since the last few attempts to revive the list have failed, I&apos;m going to attempt a Facebook group revival experiment.  <br>
It&apos;ll be a bit broader in scope, but I&apos;m hoping we can discuss technical security matters.  The new group is <br>
Security-Wizards on Facebook. <br>
<br>
Paul<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="focus-ids" class="l-abstract">
<a href="/focus-ids/"><img src="/images/focus-ids-logo.png" width="80" class="right" alt="focus-ids logo"></a><p><b><a href="/focus-ids/">IDS Focus</a></b> &mdash; Technical discussion about Intrusion Detection Systems.  You can also read the archives of a <a href="https://seclists.org/ids/">previous IDS list</a><ul class="inline"><li class="first"><a href="/focus-ids/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/focus-ids.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.securityfocus.com/archive/96/description"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
</ul>
</div>
<div id="webappsec" class="l-abstract">
<a href="/webappsec/"><img src="/images/webappsec-logo.png" width="80" class="right" alt="webappsec logo"></a><p><b><a href="/webappsec/">Web App Security</a></b> &mdash; Provides insights on the unique challenges which make web applications notoriously hard to secure, as well as attack methods including SQL injection, cross-site scripting (XSS), cross-site request forgery, and more.<ul class="inline"><li class="first"><a href="/webappsec/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/webappsec.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.securityfocus.com/archive/107/description"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/webappsec/"><span class="show-id">webappsec</span>Latest Posts</a></ul>
<blockquote id="latest-webappsec" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/webappsec/2018/q3/0">Faraday Beta V3.0 Released</a></strong>
<em>Francisco Amato (Jul 04)</em><br>
Faraday helps you to host your own vulnerability management platform<br>
now and streamline your team in one place.<br>
<br>
We are pleased to announce the newest version of Faraday v3.0. In this<br>
new version we have made major architecture changes to adapt our<br>
software to the new challenges of cyber security. We focused on<br>
processing large data volumes and to making it easier for the user to<br>
interact with Faraday in its environment.<br>
<br>
To install it you can...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="dailydave" class="l-abstract">
<a href="/dailydave/"><img src="/images/dailydave-logo.png" width="80" class="right" alt="dailydave logo"></a><p><b><a href="/dailydave/">Daily Dave</a></b> &mdash; This technical discussion list covers vulnerability research, exploit development, and security events/gossip.  It was started by <a href="http://www.immunitysec.com/">ImmunitySec</a> founder Dave Aitel and many security luminaries participate.  Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.<ul class="inline"><li class="first"><a href="/dailydave/2022/q3/index.html"><img src="/images/current-icon-16x16.png" width=16 height=16 alt="Current period icon">Current Quarter</a>
<li><a href="/dailydave/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/dailydave.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="https://lists.immunityinc.com/mailman/listinfo/dailydave"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/dailydave/"><span class="show-id">dailydave</span>Latest Posts</a></ul>
<blockquote id="latest-dailydave" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/dailydave/2022/q3/0">Defcon 30</a></strong>
<em>Dave Aitel via Dailydave (Aug 16)</em><br>
As you wander the halls of the inaptly named Caesar&apos;s Forum, amidst a<br>
living sea of the most neurodiverse Clan humanity has ever seen, you cannot<br>
help but stop for a second to close your eyes amidst the cacophony and<br>
mentally exclaim, &quot;Look. Look at the world we have created!&quot;<br>
<br>
Sitting in the one cafe in the Paris hotel with food, a<br>
tattooed thirty-something who has been to Defcon twice gives you advice on<br>
how to do the conference....<br>
</p>

 

<!-- MHonArc v2.6.19 -->
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/dailydave/2022/q2/3">The top of the whale</a></strong>
<em>Dave Aitel via Dailydave (Jun 24)</em><br>
People think that finding vulnerabilities is about finding holes in code.<br>
But at some level it&apos;s not really about that. It&apos;s about understanding that<br>
the code itself is a hole in the swirling chaos of the world and just<br>
letting a little bit of that chaos in allows you to illuminate the whole<br>
thing.<br>
<br>
Spending time in Seattle is a little bit like buying a pair of high-powered<br>
binoculars to look down the train tracks at that weird light...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/dailydave/2022/q2/2">Using microarchitecture bugs to beat authenticated pointers.</a></strong>
<em>Dave Aitel via Dailydave (Jun 11)</em><br>
If you&apos;ve walked through the Underworld long enough, you&apos;ve run into<br>
demons. Or maybe it&apos;s the other way around - by running into enough demons,<br>
you might realize you are walking through the Underworld. And by making<br>
friends with them, if you are lucky, you might realize you are a demon<br>
yourself.<br>
<br>
[image: image.png]<br>
My brother in Zeus - this is just tempting the Fates.<br>
<br>
Every so often an exploit from the Underworld is found. Maybe...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/dailydave/2022/q2/1">Computer Science</a></strong>
<em>Dave Aitel via Dailydave (May 26)</em><br>
I remember when fuzzing was just sending long strings to RPC programs, and<br>
tapping the cloaca of all Unix programs, the signal handler, to see<br>
what came out. But now, to be a hacker, you have to be a scientist.<br>
<br>
Computer science is a real thing. But most computer scientists I know can&apos;t<br>
explain how to do it because it comes out sounding like a deep dive into a<br>
dungeons and dragons campaign run by toddlers. And perhaps, the hardest<br>
thing with...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/dailydave/2022/q2/0">SBOMs and Jellyfish</a></strong>
<em>Dave Aitel via Dailydave (Apr 22)</em><br>
The most annoying thing with talking to computer scientists about anything<br>
is they will look at any problem that remotely touches software and ask you<br>
&quot;Is that the right data structure? Are you ... sure?&quot;<br>
<br>
Like, this is what happens to every programming language - it&apos;s why you get<br>
NaN or an empty list for any given arbitrary code fragment in Javascript.<br>
People had a normal data structure, say a dictionary, and were like &quot;What...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="pauldotcom" class="l-abstract">
<a href="/pauldotcom/"><img src="/images/pauldotcom-logo.png" width="80" class="right" alt="pauldotcom logo"></a><p><b><a href="/pauldotcom/">PaulDotCom</a></b> &mdash; General discussion of security news, research, vulnerabilities, and the PaulDotCom Security Weekly podcast.<ul class="inline"><li class="first"><a href="/pauldotcom/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/pauldotcom.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/pauldotcom/"><span class="show-id">pauldotcom</span>Latest Posts</a></ul>
<blockquote id="latest-pauldotcom" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/pauldotcom/2018/q4/0">BHIS Sorta Top Used Tools of 2018</a></strong>
<em>John - Black Hills Information Security (Dec 06)</em><br>
Free Webcast<br>
<br>
Hello all,<br>
<br>
For our next webcast we will cover some of the core tools we use all the time at Black Hills Information Security. <br>
However, there will be a twist. We will not talk about Nessus, Nmap, or Metasploit. Why? Because there are a ton of new <br>
(and older) tools we use that fall outside of the standard tools you see in every security book/blog out there.<br>
<br>
Basically, we are trying to be edgy and different.<br>
<br>
You may want to come...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/pauldotcom/2018/q3/2">BHIS Webcast - Tues 10/2 @ 11am MDT</a></strong>
<em>John Strand - Black Hills Information Security (Sep 26)</em><br>
Hello All,<br>
<br>
In this next webcast I want to cover what I am doing with the BHIS Systems team to create a C2/Implant/Malware test <br>
bed. Testing our C2/malware solutions is important because vendors tend to lie or over-hype their capabilities. I will <br>
cross reference some different malware specimens to the MITRE ATT&amp;CK framework and we will cover how you can use these <br>
techniques to test your defensive solutions at both the endpoint and the...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/pauldotcom/2018/q3/1">BHIS Webcast: The PenTest Pyramid of Pain 9/4 - 11am MDT</a></strong>
<em>Sierra - Black Hills Information Security (Aug 29)</em><br>
Hello!<br>
<br>
How are you all? We had a fantastic webcast last week with John Strand and Chris Brenton and we&apos;re still working <br>
through some unexpected hiccups to get the recording up and posted. The podcast version is on our blog, and the YouTube <br>
version will be posted shortly on the Active Countermeasures channel and blog as well. Thanks for all of you who <br>
ventured over to attend!<br>
<br>
Ready for another awesome BHIS webcast? Dakota is back and...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/pauldotcom/2018/q3/0">Webcast with CJ: Tues 7/24 at 11am</a></strong>
<em>Sierra - Black Hills Information Security (Jul 19)</em><br>
Our upcoming webcast will be about POLICY...<br>
<br>
Did you check out when you heard “policy”? Policy can often seem like a drudgery, but it’s also an important and <br>
potentially overlooked part of business and procedure; it’s the framework on which security is really built!<br>
<br>
CJ, our COO and Head of Sales has experience writing, assessing and implementing policies for many different kinds of <br>
companies. And if you are worried it will be dry and...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="honeypots" class="l-abstract">
<a href="/honeypots/"><img src="/images/honeypots-logo.png" width="80" class="right" alt="honeypots logo"></a><p><b><a href="/honeypots/">Honeypots</a></b> &mdash; Discussions about tracking attackers by setting up decoy honeypots or entire <a href="http://www.honeynet.org">honeynet</a> networks.<ul class="inline"><li class="first"><a href="/honeypots/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/honeypots.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.securityfocus.com/archive/119/description"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/honeypots/"><span class="show-id">honeypots</span>Latest Posts</a></ul>
<blockquote id="latest-honeypots" class="latest">
<!-- MHonArc v2.6.16 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/honeypots/2013/q1/0">Honeypot malware archives</a></strong>
<em>Matteo Cantoni (Feb 14)</em><br>
Hello everyone,<br>
<br>
I would like share with you for educational purposes and without any<br>
commercial purpose, data collected by the my homemade honeypot.<br>
Nothing new, nothing shocking, nothing sensational... but I think can<br>
be of interest to newcomers to the world of analysis of malware,<br>
botnets, etc... maybe for a thesis.<br>
<br>
The files collected are divided into zip archives, in alphabetical<br>
order, with password (which must be request via email). Some...<br>
</p>

 

<!-- MHonArc v2.6.16 -->
</blockquote>
</div>
<div id="microsoft" class="l-abstract">
<a href="/microsoft/"><img src="/images/microsoft-logo.png" width="80" class="right" alt="microsoft logo"></a><p><b><a href="/microsoft/">Microsoft Sec Notification</a></b> &mdash; Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products&mdash;note how most have a prominent and often-misleading "mitigating factors" section.<ul class="inline"><li class="first"><a href="/microsoft/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/microsoft.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.microsoft.com/technet/security/bulletin/notify.mspx"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/microsoft/"><span class="show-id">microsoft</span>Latest Posts</a></ul>
<blockquote id="latest-microsoft" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q4/9">Microsoft Security Update Minor Revisions</a></strong>
<em>Microsoft (Dec 11)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Minor Revisions<br>
Issued: December 11, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following CVE has undergone a minor revision<br>
increment:<br>
<br>
* CVE-2018-8172<br>
<br>
Revision Information:<br>
=====================<br>
<br>
 - CVE-2018-8172 | Visual Studio Remote Code Execution<br>
   Vulnerability<br>
 -...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q4/8">Microsoft Security Update Minor Revisions</a></strong>
<em>Microsoft (Nov 14)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Minor Revisions<br>
Issued: November 14, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following CVEs and advisory have undergone a minor revision<br>
increment:<br>
<br>
* CVE-2018-8454<br>
* CVE-2018-8552<br>
* ADV990001<br>
  <br>
Revision Information:<br>
=====================<br>
<br>
 - CVE-2018-8454 | Windows Audio Service...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q4/7">Microsoft Security Update Minor Revisions</a></strong>
<em>Microsoft (Oct 24)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Minor Revisions<br>
Issued: October 24, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following CVE has undergone a minor revision increment:<br>
<br>
* CVE-2018-8512<br>
  <br>
Revision Information:<br>
=====================<br>
<br>
 - CVE-2018-8512 | Microsoft Edge Security Feature Bypass<br>
   Vulnerability<br>
 -...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q4/6">Microsoft Security Update Releases</a></strong>
<em>Microsoft (Oct 19)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Releases<br>
Issued: October 19, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following CVE been added to the October 2018 Security updates:<br>
<br>
* CVE-2018-8569<br>
 <br>
Revision Information:<br>
=====================<br>
<br>
 - CVE-2018-8569 | Yammer Desktop Application Remote Code Execution <br>
   Vulnerability<br>
 -...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q4/5">Microsoft Security Update Releases</a></strong>
<em>Microsoft (Oct 17)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Releases<br>
Issued: October 17, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following CVEs have undergone a major revision increment:<br>
<br>
* CVE-2010-3190<br>
<br>
 Revision Information:<br>
=====================<br>
<br>
 - CVE-2010-3190 | MFC Insecure Library Loading Vulnerability<br>
 -...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q4/4">Microsoft Security Update Minor Revisions</a></strong>
<em>Microsoft (Oct 09)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Minor Revisions<br>
Issued: October 9, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following CVE has undergone a minor revision increment:<br>
<br>
* CVE-2018-8531<br>
  <br>
Revision Information:<br>
=====================<br>
<br>
 - CVE-2018-8531 | Azure IoT Device Client SDK Memory Corruption <br>
   Vulnerability<br>
 -...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q4/3">Microsoft Security Update Releases</a></strong>
<em>Microsoft (Oct 09)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Releases<br>
Issued: October 9, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following CVE been added to the October 2018 Security updates:<br>
<br>
* CVE-2018-8292<br>
 <br>
Revision Information:<br>
=====================<br>
<br>
 - CVE-2018-8292 | .NET Core Information Disclosure Vulnerability<br>
 -...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q4/2">Microsoft Security Update Releases</a></strong>
<em>Microsoft (Oct 09)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Releases<br>
Issued: October 9, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following bulletin has undergone a major revision increment:<br>
<br>
* MS11-025<br>
 <br>
Revision Information:<br>
=====================<br>
<br>
 - <a  rel="nofollow" href="https://docs.microsoft.com/en-us/security-updates/">https://docs.microsoft.com/en-us/security-updates/</a><br>
   SecurityBulletins/2011/ms11-025:...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q4/1">Microsoft Security Update Summary for October 9, 2018</a></strong>
<em>Microsoft (Oct 09)</em><br>
********************************************************************<br>
Microsoft Security Update Summary for October 9, 2018<br>
Issued: October 9, 2018<br>
********************************************************************<br>
<br>
This summary lists security updates released for October 9, 2018.<br>
<br>
Complete information for the October 2018 security update release can<br>
Be found at<br>
&lt;<a  rel="nofollow" href="https://portal.msrc.microsoft.com/en-us/security-guidance">https://portal.msrc.microsoft.com/en-us/security-guidance</a>&gt;.<br>
<br>
Please note the...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q4/0">Microsoft Security Update Releases</a></strong>
<em>Microsoft (Oct 02)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Releases<br>
Issued: October 2, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following CVE has undergone a major revision increment:<br>
<br>
* CVE-2018-0952<br>
 <br>
Revision Information:<br>
=====================<br>
<br>
 - CVE-2018-0952 | Diagnostic Hub Standard Collector Elevation of <br>
   Privilege Vulnerability<br>
 -...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q3/23">Microsoft Security Advisory Notification</a></strong>
<em>Microsoft (Sep 12)</em><br>
********************************************************************<br>
Title: Microsoft Security Advisory Notification<br>
Issued: September 12, 2018<br>
********************************************************************<br>
<br>
Security Advisories Released or Updated on September 12, 2018<br>
===================================================================<br>
<br>
* Microsoft Security Advisory ADV180022<br>
<br>
 - Title: Windows Denial of Service Vulnerability<br>
 -...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q3/22">Microsoft Security Update Minor Revisions</a></strong>
<em>Microsoft (Sep 12)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Minor Revisions<br>
Issued: September 12, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following CVEs have undergone a minor revision increment:<br>
<br>
* CVE-2018-8421<br>
* CVE-2018-8468<br>
  <br>
Revision Information:<br>
=====================<br>
<br>
 - CVE-2018-8421 | .NET Framework Remote Code Execution <br>
   Vulnerability...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q3/21">Microsoft Security Update Summary for September 11, 2018</a></strong>
<em>Microsoft (Sep 11)</em><br>
********************************************************************<br>
Microsoft Security Update Summary for September 11, 2018<br>
Issued: September 11, 2018<br>
********************************************************************<br>
<br>
This summary lists security updates released for September 11, 2018.<br>
<br>
Complete information for the September 2018 security update release can<br>
Be found at<br>
&lt;<a  rel="nofollow" href="https://portal.msrc.microsoft.com/en-us/security-guidance">https://portal.msrc.microsoft.com/en-us/security-guidance</a>&gt;....<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q3/20">Microsoft Security Update Releases</a></strong>
<em>Microsoft (Sep 11)</em><br>
********************************************************************<br>
Title: Microsoft Security Update Releases<br>
Issued: September 11, 2018<br>
********************************************************************<br>
<br>
Summary<br>
=======<br>
<br>
The following CVE has undergone a major revision increment:<br>
<br>
* CVE-2018-8154<br>
 <br>
Revision Information:<br>
=====================<br>
<br>
 - CVE-2018-8154 | Microsoft Exchange Memory Corruption <br>
   Vulnerability<br>
 -...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/microsoft/2018/q3/19">Microsoft Security Advisory Notification</a></strong>
<em>Microsoft (Sep 11)</em><br>
********************************************************************<br>
Title: Microsoft Security Advisory Notification<br>
Issued: September 11, 2018<br>
********************************************************************<br>
<br>
Security Advisories Released or Updated on September 11, 2018<br>
===================================================================<br>
<br>
* Microsoft Security Advisory ADV180002<br>
<br>
 - Title: Guidance to mitigate speculative execution...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="funsec" class="l-abstract">
<a href="/funsec/"><img src="/images/funsec-logo.png" width="80" class="right" alt="funsec logo"></a><p><b><a href="/funsec/">Funsec</a></b> &mdash; While most security lists ban off-topic discussion, Funsec is a haven for free community discussion and enjoyment of the lighter, more humorous side of the security community<ul class="inline"><li class="first"><a href="/funsec/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/funsec.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://linuxbox.org/cgi-bin/mailman/listinfo/funsec"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/funsec/"><span class="show-id">funsec</span>Latest Posts</a></ul>
<blockquote id="latest-funsec" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/funsec/2016/q1/5">Verizon: 1.5M of Contact Records Stolen, Now on Sale</a></strong>
<em>Jeffrey Walton (Mar 26)</em><br>
<a  rel="nofollow" href="http://www.mobipicker.com/verizon-1-5m-contact-records-stolen-now-sale/:">http://www.mobipicker.com/verizon-1-5m-contact-records-stolen-now-sale/:</a><br>
<br>
    A business to business telecommunication giant,<br>
    Verizon Enterprise Solutions, a Basking Ridge,<br>
    New Jersey-based company, has been the latest<br>
    victim of a cyber crime that stole 1.5 million contact<br>
    records of the customers of Verizon...<br>
<br>
I don&apos;t quite understand this double talk. Could someone explain to me:<br>
<br>
    A spokesperson from Verizon said that...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/funsec/2016/q1/4">Statement on Lavabit Citation in Apple Case</a></strong>
<em>Jeffrey Walton (Mar 16)</em><br>
(From John Young on another list):<br>
<a  rel="nofollow" href="http://www.facebook.com/KingLadar/posts/10156714933135038">http://www.facebook.com/KingLadar/posts/10156714933135038</a><br>
<br>
As many of you already know, the government cited the Lavabit case in<br>
a footnote. The problem is their description insinuates a precedent<br>
that was never created. Obviously I was somewhat disturbed by their<br>
misrepresentation. So I decided to draft a statement. And keep in<br>
mind, these are the same people who say &quot;trust us.&quot; Click continue to<br>
read...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/funsec/2016/q1/3">The NSA&apos;s back door has given every US secret to our	enemies</a></strong>
<em>Jeffrey Walton (Feb 29)</em><br>
<a  rel="nofollow" href="http://www.businessinsider.com/john-mcafee-nsa-back-door-gives-every-us-secret-to-enemies-2016-2">http://www.businessinsider.com/john-mcafee-nsa-back-door-gives-every-us-secret-to-enemies-2016-2</a><br>
<br>
Deng Xiaoping, in 1979 - his second year as supreme leader of China -<br>
perceived a fundamental truth that has yet to be fully grasped by most<br>
Western leaders: Software, if properly weaponized, could be far more<br>
destructive than any nuclear arsenal.<br>
<br>
Under Deng’s leadership, China began one of the most ambitious and<br>
sophisticated meta- software...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/funsec/2016/q1/2">Can Spies Break Apple Crypto?</a></strong>
<em>Jeffrey Walton (Feb 27)</em><br>
Here&apos;s an interesting exchange between Cryptome and Michael Froomkin,<br>
Law Professor at University of Miami, on the All Writs Act<br>
(<a  rel="nofollow" href="http://cryptome.org/2016/02/can-spies-break-apple-crypto.htm">http://cryptome.org/2016/02/can-spies-break-apple-crypto.htm</a>):<br>
<br>
-----<br>
<br>
A. Michael Froomkin:<br>
<br>
The factual posture in the key Supreme Court precedent, New York<br>
Telephone, involved a situation where only the subject of the order<br>
was capable of providing the assistance at issue. This is the basis<br>
for Apple&apos;s...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/funsec/2016/q1/1">The FBI&apos;s iPhone Problem: Tactical vs. Strategic Thinking</a></strong>
<em>Jeffrey Walton (Feb 23)</em><br>
<a  rel="nofollow" href="http://www.technewsworld.com/story/83130.html">http://www.technewsworld.com/story/83130.html</a><br>
<br>
I&apos;m an ex-sheriff, and I&apos;ve been in and out of security jobs for much<br>
of my life, so I&apos;ve got some familiarity with the issues underlying<br>
the drama between the FBI and Apple. FBI officials -- and likely those<br>
in every other three-letter agency and their counterparts all over the<br>
world -- would like an easier way to do their jobs. Wouldn&apos;t we all?<br>
<br>
If they could put cameras in...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/funsec/2016/q1/0">Wanted: Cryptography Products for Worldwide Survey</a></strong>
<em>Jeffrey Walton (Jan 01)</em><br>
(<a  rel="nofollow" href="http://www.schneier.com/crypto-gram/archives/2015/1215.html">http://www.schneier.com/crypto-gram/archives/2015/1215.html</a>):<br>
<br>
In 1999, Lance Hoffman, David Balenson, and others published a survey<br>
of non-US cryptographic products. The point of the survey was to<br>
illustrate that there was a robust international market in these<br>
products, and that US-only export restrictions on strong encryption<br>
did nothing to prevent its adoption and everything to disadvantage US<br>
corporations. This was an important contribution...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="cert" class="l-abstract">
<a href="/cert/"><img src="/images/cert-logo.png" width="80" class="right" alt="cert logo"></a><p><b><a href="/cert/">CERT Advisories</a></b> &mdash; The <a href="http://www.cert.org/">Computer Emergency Response Team</a> has been responding to security incidents and sharing vulnerability information since the Morris Worm hit in 1986. This archive combines their technical security alerts, tips, and current activity lists.<ul class="inline"><li class="first"><a href="/cert/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/cert.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.us-cert.gov/cas/signup.html"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/cert/"><span class="show-id">cert</span>Latest Posts</a></ul>
<blockquote id="latest-cert" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/196">Mozilla Releases Security Update for Thunderbird</a></strong>
<em>US-CERT (Jul 17)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Mozilla Releases Security Update for Thunderbird [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/17/mozilla-releases-security-update-thunderbird">https://us-cert.cisa.gov/ncas/current-activity/2020/07/17/mozilla-releases-security-update-thunderbird</a> ] 07/17/2020 <br>
10:50 AM EDT <br>
Original release date: July 17, 2020<br>
<br>
Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. An attacker could exploit <br>
some of these...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/195">Microsoft Releases Security Update for Edge</a></strong>
<em>US-CERT (Jul 17)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Microsoft Releases Security Update for Edge [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/17/microsoft-releases-security-update-edge">https://us-cert.cisa.gov/ncas/current-activity/2020/07/17/microsoft-releases-security-update-edge</a> ] 07/17/2020 10:53 AM <br>
EDT <br>
Original release date: July 17, 2020<br>
<br>
Microsoft has released a security update to address a vulnerability in Edge (Chromium-based). An attacker could exploit <br>
this vulnerability to drop...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/194">AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation</a></strong>
<em>US-CERT (Jul 17)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/alerts/aa20-198a">https://us-cert.cisa.gov/ncas/alerts/aa20-198a</a> ] 07/16/2020 08:09 AM EDT <br>
Original release date: July 16, 2020<br>
<br>
Summary<br>
<br>
&quot;This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK) and Pre-ATT&amp;CK <br>
frameworks....<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/193">CISA Releases Emergency Directive on Critical Microsoft Vulnerability</a></strong>
<em>US-CERT (Jul 16)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
CISA Releases Emergency Directive on Critical Microsoft Vulnerability [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/16/cisa-releases-emergency-directive-critical-microsoft-vulnerability">https://us-cert.cisa.gov/ncas/current-activity/2020/07/16/cisa-releases-emergency-directive-critical-microsoft-vulnerability</a><br>
 ] 07/16/2020 03:28 PM EDT <br>
Original release date: July 16, 2020<br>
<br>
The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/192">Apple Releases Security Updates</a></strong>
<em>US-CERT (Jul 16)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Apple Releases Security Updates [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/16/apple-releases-security-updates">https://us-cert.cisa.gov/ncas/current-activity/2020/07/16/apple-releases-security-updates</a> ] 07/16/2020 11:17 AM EDT <br>
Original release date: July 16, 2020<br>
<br>
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of <br>
these vulnerabilities to take control of an...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/191">Malicious Activity Targeting COVID-19 Research, Vaccine Development</a></strong>
<em>US-CERT (Jul 16)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Malicious Activity Targeting COVID-19 Research, Vaccine Development [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/16/malicious-activity-targeting-covid-19-research-vaccine-development">https://us-cert.cisa.gov/ncas/current-activity/2020/07/16/malicious-activity-targeting-covid-19-research-vaccine-development</a><br>
 ] 07/16/2020 07:16 AM EDT <br>
Original release date: July 16, 2020<br>
<br>
In response to malicious activity targeting COVID-19 research and vaccine development in the United...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/190">Cisco Releases Security Updates for Multiple Products</a></strong>
<em>US-CERT (Jul 15)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Cisco Releases Security Updates for Multiple Products [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/15/cisco-releases-security-updates-multiple-products">https://us-cert.cisa.gov/ncas/current-activity/2020/07/15/cisco-releases-security-updates-multiple-products</a> ] <br>
07/15/2020 03:19 PM EDT <br>
Original release date: July 15, 2020<br>
<br>
Cisco has released security updates to address vulnerabilities affecting multiple products. An unauthenticated, remote <br>
attacker...<br>
</p>


<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/189">Oracle Releases July 2020 Security Bulletin</a></strong>
<em>US-CERT (Jul 14)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Oracle Releases July 2020 Security Bulletin [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/oracle-releases-july-2020-security-bulletin">https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/oracle-releases-july-2020-security-bulletin</a> ] 07/14/2020 <br>
05:21 PM EDT <br>
Original release date: July 14, 2020<br>
<br>
Oracle has released its Critical Patch Update for July 2020 to address 433 vulnerabilities across multiple products. A <br>
remote attacker could...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/188">Google Releases Security Updates for Chrome</a></strong>
<em>US-CERT (Jul 14)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Google Releases Security Updates for Chrome [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/google-releases-security-updates-chrome-0">https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/google-releases-security-updates-chrome-0</a> ] 07/14/2020 04:51 <br>
PM EDT <br>
Original release date: July 14, 2020<br>
<br>
Google has released Chrome version 84.0.4147.89 for Windows, Mac, and Linux. This version addresses vulnerabilities <br>
that an attacker could exploit...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/187">Google Releases Security Updates for Chrome</a></strong>
<em>US-CERT (Jul 14)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Google Releases Security Updates for Chrome [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/google-releases-security-updates-chrome">https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/google-releases-security-updates-chrome</a> ] 07/14/2020 02:45 PM <br>
EDT <br>
Original release date: July 14, 2020<br>
<br>
Google has released Chrome version 84.0.4147.89 for Windows, Mac, and Linux. This version addresses vulnerabilities <br>
that an attacker could exploit to...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/186">Microsoft Releases July 2020 Security Updates</a></strong>
<em>US-CERT (Jul 14)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Microsoft Releases July 2020 Security Updates [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/microsoft-releases-july-2020-security-updates">https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/microsoft-releases-july-2020-security-updates</a> ] 07/14/2020 <br>
02:13 PM EDT <br>
Original release date: July 14, 2020<br>
<br>
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could <br>
exploit some of these...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/185">Microsoft Addresses &apos;Wormable&apos; RCE Vulnerability in Windows DNS Server</a></strong>
<em>US-CERT (Jul 14)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Microsoft Addresses &apos;Wormable&apos; RCE Vulnerability in Windows DNS Server [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/microsoft-addresses-wormable-rce-vulnerability-windows-dns-server">https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/microsoft-addresses-wormable-rce-vulnerability-windows-dns-server</a><br>
 ] 07/14/2020 02:14 PM EDT <br>
Original release date: July 14, 2020<br>
<br>
Microsoft has released a security update to address a remote code execution (RCE)...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/184">Adobe Releases Security Updates for Multiple Products</a></strong>
<em>US-CERT (Jul 14)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Adobe Releases Security Updates for Multiple Products [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/adobe-releases-security-updates-multiple-products">https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/adobe-releases-security-updates-multiple-products</a> ] <br>
07/14/2020 01:18 PM EDT <br>
Original release date: July 14, 2020<br>
<br>
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit <br>
some of...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/183">Apache Releases Security Advisories for Apache Tomcat</a></strong>
<em>US-CERT (Jul 14)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
Apache Releases Security Advisories for Apache Tomcat [ <br>
<a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/apache-releases-security-advisories-apache-tomcat">https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/apache-releases-security-advisories-apache-tomcat</a> ] <br>
07/14/2020 11:33 AM EDT <br>
Original release date: July 14, 2020<br>
<br>
The Apache Software Foundation has released security advisories to address multiple vulnerabilities in Apache Tomcat. <br>
An attacker...<br>
</p>
<p class="excerpt">
<strong><a href="http://seclists.org/cert/2020/182">AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java</a></strong>
<em>US-CERT (Jul 13)</em><br>
Cybersecurity and Infrastructure Security Agency Logo<br>
<br>
National Cyber Awareness System:<br>
<br>
AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java [ <a  rel="nofollow" href="https://us-cert.cisa.gov/ncas/alerts/aa20-195a">https://us-cert.cisa.gov/ncas/alerts/aa20-195a</a> ] <br>
07/13/2020 07:07 PM EDT <br>
Original release date: July 13, 2020<br>
<br>
Summary<br>
<br>
On July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287 [ <br>
<a  rel="nofollow" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6287">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6287</a> ],...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="oss-sec" class="l-abstract">
<a href="/oss-sec/"><img src="/images/oss-sec-logo.png" width="80" class="right" alt="oss-sec logo"></a><p><b><a href="/oss-sec/">Open Source Security</a></b> &mdash; Discussion of security flaws, concepts, and practices in the Open Source community<ul class="inline"><li class="first"><a href="/oss-sec/2022/q3/index.html"><img src="/images/current-icon-16x16.png" width=16 height=16 alt="Current period icon">Current Quarter</a>
<li><a href="/oss-sec/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/oss-sec.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://oss-security.openwall.org/wiki/mailing-lists/oss-security"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/oss-sec/"><span class="show-id">oss-sec</span>Latest Posts</a></ul>
<blockquote id="latest-oss-sec" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/136">Re: Linux kernel: stack-out-of-bounds in profile_pc</a></strong>
<em>Greg KH (Aug 18)</em><br>
It would have been helpful to notify the developers and maintainers of<br>
this code that there is an issue.  They will not see a random email on<br>
the oss-security mailing list as they are not subscribed here.<br>
<br>
To find who is responsible for this code, use the get_maintainers.pl<br>
script in the kernel tree.  The output for it for this problem is:<br>
<br>
$ ./scripts/get_maintainer.pl arch/x86/kernel/time.c<br>
Thomas Gleixner &lt;tglx () linutronix de&gt;...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/135">Linux kernel: stack-out-of-bounds in profile_pc</a></strong>
<em>黄 晓 (Aug 18)</em><br>
Hello:<br>
      <br>
      I found a bug through the syzkaller fuzz tool, you need to set CONFIG_KASAN=y, the crash information is displayed <br>
as out-of-bounds reading, I am weak and unable to analyze the harm of this bug.<br>
The bug program cannot be reproduced stably and needs to be run multiple times.<br>
<br>
Kernel version: 5.18.14<br>
gcc version: 9.4.0<br>
<br>
[   49.449543] ==================================================================<br>
[...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/134">CVE-2022-35278: Apache ActiveMQ Artemis: HTML Injection in ActiveMQ Artemis Web Console</a></strong>
<em>Justin Bertram (Aug 18)</em><br>
Description:<br>
<br>
An attacker could show malicious content and/or redirect users to a<br>
malicious URL in the web console by using HTML in the name of an address or<br>
queue.<br>
<br>
Mitigation:<br>
<br>
Upgrade to Apache ActiveMQ Artemis 2.24.0.<br>
<br>
Credit:<br>
<br>
Apache ActiveMQ would like to thank Yash Pandya (Digital14), Rajatkumar<br>
Karmarkar (Digital14), and Likhith Cheekatipalle (Digital14) for reporting<br>
this issue.<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/133">Re: CVE-2022-2585 - Linux kernel POSIX CPU timer UAF</a></strong>
<em>Thadeu Lima de Souza Cascardo (Aug 18)</em><br>
This has been merged as commit e362359ace6f87c201531872486ff295df306d13.<br>
<br>
The PoC should be built with the name poc as that is what it tries to exec.<br>
<br>
#define _GNU_SOURCE<br>
#include &lt;sched.h&gt;<br>
#include &lt;time.h&gt;<br>
#include &lt;unistd.h&gt;<br>
#include &lt;sys/wait.h&gt;<br>
#include &lt;stdlib.h&gt;<br>
#include &lt;string.h&gt;<br>
#include &lt;sys/mman.h&gt;<br>
<br>
static int timer_uaf(void *d)<br>
{<br>
        timer_t tid;<br>
        struct itimerspec its;...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/132">Re: CVE-2022-2588 - Linux kernel cls_route UAF</a></strong>
<em>Thadeu Lima de Souza Cascardo (Aug 18)</em><br>
This has been merged as commit 9ad36309e2719a884f946678e0296be10f0bb4c1.<br>
<br>
And here is the PoC.<br>
<br>
#define _GNU_SOURCE<br>
#include &lt;sched.h&gt;<br>
#include &lt;sys/socket.h&gt;<br>
#include &lt;linux/netlink.h&gt;<br>
#include &lt;unistd.h&gt;<br>
#include &lt;stdio.h&gt;<br>
#include &lt;sys/wait.h&gt;<br>
#include &lt;stdlib.h&gt;<br>
#include &lt;string.h&gt;<br>
#include &lt;linux/pkt_sched.h&gt;<br>
<br>
#include &lt;sys/types.h&gt;<br>
#include &lt;sys/ipc.h&gt;<br>
#include...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/131">Re: CVE-2022-2586 - Linux kernel nf_tables cross-table reference UAF</a></strong>
<em>Thadeu Lima de Souza Cascardo (Aug 18)</em><br>
These have been merged as commits:<br>
<br>
470ee20e069a6d05ae549f7d0ef2bdbcee6a81b2<br>
95f466d22364a33d183509629d0879885b4f547e<br>
36d5b2913219ac853908b0f1c664345e04313856<br>
<br>
And here is the PoC. It should be linked to libmnl and libnftnl.<br>
<br>
#include &lt;netdb.h&gt;<br>
#include &lt;linux/netfilter.h&gt;<br>
#include &lt;linux/netfilter/nf_tables.h&gt;<br>
#include &lt;libnftnl/table.h&gt;<br>
#include &lt;libnftnl/set.h&gt;<br>
#include &lt;libnftnl/object.h&gt;<br>
#include...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/130">Landlock news #2</a></strong>
<em>Mickaël Salaün (Aug 17)</em><br>
Hi,<br>
<br>
Here is the second Landlock newsletter! It&apos;s been a while and there is<br>
some news to catch up.<br>
<br>
Official website: <a  rel="nofollow" href="https://landlock.io">https://landlock.io</a><br>
Previews newsletter:<br>
<a  rel="nofollow" href="https://lore.kernel.org/landlock/2df4887a-1710-bba2-f49c-cd5b785bb565">https://lore.kernel.org/landlock/2df4887a-1710-bba2-f49c-cd5b785bb565</a> () digikod net/<br>
<br>
Kernel<br>
------<br>
<br>
### Linux distributions<br>
<br>
Landlock is now supported by default in major Linux distributions:<br>
* Alpine Linux<br>
* Arch Linux<br>
* chromeOS (including for Linux 5.10)<br>
* Debian Sid<br>
* Fedora 35<br>
*...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/129">CVE-2022-38362: Apache Airflow Docker Provider &lt;3.0 RCE vulnerability in example dag</a></strong>
<em>Ash Berlin-Taylor (Aug 16)</em><br>
Description:<br>
<br>
Apache Airflow Docker&apos;s Provider shipped with an example DAG that was <br>
vulnerable to (authenticated) remote code exploit of code on the <br>
Airflow worker host.<br>
<br>
Mitigation:<br>
<br>
Disable loading of example DAGs or upgrade the <br>
apache-airflow-providers-docker to 3.0.0 or above<br>
<br>
Credit:<br>
<br>
Thanks to Kai Zhao of 3H Secruity Team for reporting this<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/128">Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions</a></strong>
<em>David Hildenbrand (Aug 15)</em><br>
Hi,<br>
<br>
attached is the reproducer. When run without arguments, it will test<br>
with a memfd that is sealed for writes.<br>
<br>
upstream, 5.18-stable and 5.19-stable are still to be fixed. The fix is<br>
on its way upstream and us already in -next, so I suppose it should all<br>
be fixed fairly soonish.<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/127">Multiple DNS Cache poisoning vulnerabilities in dproxy and drpoxy-nexgen (CVE-2022-33988, CVE-2022-33989, CVE-2022-33990, CVE-2022-33991)</a></strong>
<em>Philipp Jeitner (SIT) (Aug 13)</em><br>
We hereby disclose the discovery of multiple DNS Cache poisoning <br>
vulnerabilities in the dproxy(-nexgen) DNS forwarder. dproxy is a <br>
caching DNS forwarder/proxy which is unmaintained since about 2004, yet <br>
it is still used in some residential router firmwares. Because the <br>
project is unmaintained, there are no patches available for the <br>
described issues.<br>
<br>
Our findings are published in our 2022 paper &quot;XDRI Attacks - and - How <br>
to Enhance...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/126">Fixed DNS UDP port in totd DNS forwarder (CVE-2022-34294)</a></strong>
<em>Philipp Jeitner (SIT) (Aug 13)</em><br>
We hereby disclose the discovery of a DNS Cache poisoning vulnerability <br>
in totd DNS forwarder. totd is a non-caching DNS forwarder/proxy which <br>
has not been further developed for a long time, yet it is still used in <br>
some residential router firmwares. Because the projects age, there are <br>
no patches available for the described issues.<br>
<br>
Our findings are published in our 2022 paper &quot;XDRI Attacks - and - How <br>
to Enhance Resilience of...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/125">Multiple DNS Cache poisoning vulnerabilities in dnrd DNS forwarder (CVE-2022-33993, CVE-2022-33992)</a></strong>
<em>Philipp Jeitner (SIT) (Aug 13)</em><br>
We hereby disclose the discovery of multiple DNS Cache poisoning <br>
vulnerabilities in the dnrd DNS forwarder. dnrd is a caching DNS <br>
forwarder/proxy which is unmaintained since about 2007, yet it is still <br>
used in some residential router firmwares. Because the project is <br>
unmaintained, there are no patches available for the described issues.<br>
<br>
Our findings are published in our 2022 paper &quot;XDRI Attacks - and - How <br>
to Enhance Resilience of...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/124">CVE-2022-37401: Apache OpenOffice Weak Master Keys</a></strong>
<em>Carl B. Marcum (Aug 12)</em><br>
Severity: important<br>
<br>
Description:<br>
<br>
Apache OpenOffice supports the storage of passwords for web connections in the user&apos;s configuration database. The <br>
stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master <br>
key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulnerable to <br>
a brute force attack if an attacker has access to the...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/123">CVE-2022-37400: Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password</a></strong>
<em>Carl B. Marcum (Aug 12)</em><br>
Severity: important<br>
<br>
Description:<br>
<br>
Apache OpenOffice supports the storage of passwords for web connections in the user&apos;s configuration database. The <br>
stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the <br>
required initialization vector for encryption was always the same which weakens the security of the encryption making <br>
them vulnerable if an attacker has access to the...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/oss-sec/2022/q3/122">Re: [Exim-Security] [oss-security] Exim &lt; 4.95 heap overflow</a></strong>
<em>Roxana Bradescu (Aug 12)</em><br>
Thank you for the clarification and we sincerely appreciate all the efforts the Exim project team!<br>
<br>
—<br>
Regards, Roxana<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="securecoding" class="l-abstract">
<a href="/securecoding/"><img src="/images/securecoding-logo.png" width="80" class="right" alt="securecoding logo"></a><p><b><a href="/securecoding/">Secure Coding</a></b> &mdash; The Secure Coding list (SC-L) is an open forum for the discussion on developing secure applications. It is moderated by the authors of <a href="http://www.amazon.com/dp/0596002424?tag=secbks-20">Secure Coding: Principles and Practices</a>.<ul class="inline"><li class="first"><a href="/securecoding/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/securecoding.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.securecoding.org/list/"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/securecoding/"><span class="show-id">securecoding</span>Latest Posts</a></ul>
<blockquote id="latest-securecoding" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="http://seclists.org/securecoding/2016/q3/0">Silver Bullet 123: Yanek Korff</a></strong>
<em>Gary McGraw (Jul 06)</em><br>
hi sc-l,<br>
<br>
The latest installment of Silver Bullet was posted this morning.  Silver Bullet episode 123 features a conversation <br>
with Yanek Korff.  Yanek worked for many years at Cigital as a system administrator back in the early days.  He then <br>
moved on to operational security work at AOL and running managed security services at Mandiant.   <br>
<br>
We talk about managing technical people in this episode.  We also discuss operational security.  Have a...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="educause" class="l-abstract">
<a href="/educause/"><img src="/images/educause-logo.png" width="80" class="right" alt="educause logo"></a><p><b><a href="/educause/">Educause Security Discussion</a></b> &mdash; Securing networks and computers in an academic environment.<ul class="inline"><li class="first"><a href="/educause/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/educause.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.educause.edu/groups/security"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/educause/"><span class="show-id">educause</span>Latest Posts</a></ul>
<blockquote id="latest-educause" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/educause/2021/q4/0">Covid Test Kit Singapore</a></strong>
<em>Covid Test Kit Singapore (Oct 01)</em><br>
Covid Test Kit<br>
<br>
Order test kit for your company now! Stay Safe! Free Delivery in Singapore<br>
<br>
Easy to use<br>
<br>
HSA Approved<br>
<br>
Click on the link below to open the message in a browser:<br>
<a  rel="nofollow" href="https://www.covidtestkit.info/so/b3Nmx3jmr/c?w=X7fgda-LWUeRP6mC6I6qXRUzGOxDt64oN8eoV7oJkUE.eyJ1IjoiaHR0cHM6Ly93d3cuY292aWR0ZXN0a2l0LmluZm8vc28vYjNObXgzam1yP2xhbmd1YWdlVGFnPWVuIiwibSI6Im1haWwiLCJjIjoiOGE5YzNiMGMtMjYwMC00ODQ3LTgzMGItMTVmN2U4NzA3YzVjIn0">https://www.covidtestkit.info/so/b3Nmx3jmr/c?w=X7fgda-LWUeRP6mC6I6qXRUzGOxDt64oN8eoV7oJkUE.eyJ1IjoiaHR0cHM6Ly93d3cuY292aWR0ZXN0a2l0LmluZm8vc28vYjNObXgzam1yP2xhbmd1YWdlVGFnPWVuIiwibSI6Im1haWwiLCJjIjoiOGE5YzNiMGMtMjYwMC00ODQ3LTgzMGItMTVmN2U4NzA3YzVjIn0</a><br>
<br>
You&apos;ve received...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<h2 id="internet" class="purpleheader">Internet Issues and Infrastructure</h2><div id="nanog" class="l-abstract">
<a href="/nanog/"><img src="/images/nanog-logo.png" width="80" class="right" alt="nanog logo"></a><p><b><a href="/nanog/">NANOG</a></b> &mdash; The <a href="http://www.nanog.org/">North American Network Operators' Group</a> discusses fundamental Internet infrastructure issues such as routing, IP address allocation, and containing malicious activity.<ul class="inline"><li class="first"><a href="/nanog/2022/Aug/index.html"><img src="/images/current-icon-16x16.png" width=16 height=16 alt="Current period icon">Current Month</a>
<li><a href="/nanog/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/nanog.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.nanog.org/mailinglist/"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/nanog/"><span class="show-id">nanog</span>Latest Posts</a></ul>
<blockquote id="latest-nanog" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/215">Weekly Global IPv4 Routing Table Report</a></strong>
<em>Routing Table Analysis Role Account (Aug 19)</em><br>
This is an automated weekly mailing describing the state of the Global<br>
IPv4 Routing Table as seen from APNIC&apos;s router in Japan.<br>
<br>
The posting is sent to APOPS, NANOG, AfNOG, SANOG, PacNOG, SAFNOG<br>
TZNOG, MENOG, BJNOG, SDNOG, CMNOG, LACNOG and the RIPE Routing WG.<br>
<br>
Daily listings are sent to bgp-stats () lists apnic net.<br>
<br>
For historical data, please see <a  rel="nofollow" href="https://thyme.apnic.net">https://thyme.apnic.net</a>.<br>
<br>
If you have any comments please contact Philip Smith &lt;pfsinoz...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/214">Re: cogent and henet not peering</a></strong>
<em>VOLKAN KIRIK (Aug 19)</em><br>
for example he.net upstream = 300 gbps average<br>
<br>
downstream = 200 gbps average (monthly, 95th)<br>
<br>
then they should pay 6 cent per megabit of 100 gbps.<br>
<br>
would be fair enough.. lets see if they are really giving back to the <br>
community.<br>
<br>
why did they stop bgp tunnels? lots of RD networks moved to CH free upstream<br>
<br>
USA&apos;s loss. He.net&apos;s loss. they are nothing at my eyes. but whatever<br>
<br>
if they want to bake cake again, they need to convince...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/213">Re: cogent and henet not peering</a></strong>
<em>VOLKAN KIRIK (Aug 19)</em><br>
the more uploading side pays each month for the excess amount.<br>
<br>
as content networks are supposed to pay expenses.<br>
<br>
what do you think?<br>
<br>
19.08.2022 18:28 tarihinde Mike Hammett yazdı:<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/212">Re: cogent and henet not peering</a></strong>
<em>Mike Hammett (Aug 19)</em><br>
The problem them becomes *who* pays? When do the tables turn as to who pays? <br>
<br>
The alpha gets paid and the beta does the paying? <br>
<br>
The network with more POPs gets paid? <br>
<br>
The network with more downstream ASes gets paid? <br>
<br>
Is it the same for IPv4 as it is for IPv6? <br>
<br>
----- <br>
Mike Hammett <br>
Intelligent Computing Solutions <br>
<br>
Midwest Internet Exchange <br>
<br>
The Brothers WISP <br>
<br>
----- Original Message -----<br>
<br>
From: &quot;VOLKAN KIRIK&quot; &lt;volkirik ()...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/211">Re: cogent and henet not peering</a></strong>
<em>VOLKAN KIRIK (Aug 19)</em><br>
this is 50/50 situation. nobody has to peer for free.<br>
<br>
but everyone can.<br>
<br>
lets just say above 1:1 ratio he.net pays their own ip transit price to <br>
cogent for paid peering excess amount and both sides monitor traffic<br>
<br>
we can solve this issue by becoming middlemen worldwide...<br>
<br>
both operators are cheap and they could all compete in quality.<br>
<br>
level3 pays comcast reasonable (cheap) price (under NDA maybe?). why <br>
wouldnt mleber?<br>
<br>
but to make it fair,...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/210">Re: cogent and henet not peering</a></strong>
<em>Rubens Kuhl (Aug 19)</em><br>
OTOH, knowing that Cogent loves splitting the global Internet is one<br>
good reason to not contract their services.<br>
I think they sell traffic to their private Intranet. Which is huge,<br>
but doesn&apos;t encompass the whole Internet.<br>
<br>
Rubens<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/209">Re: cogent and henet not peering</a></strong>
<em>VOLKAN KIRIK (Aug 19)</em><br>
alternatively you can do this every 5 minutes..<br>
<br>
you could write a script to get 5 minute average for both downstream and <br>
upstream<br>
<br>
and then equalize by rate-limiting with 5 minute delay. it would be <br>
nearly instant and absolutely fair for both sides.<br>
<br>
19.08.2022 18:03 tarihinde VOLKAN KIRIK yazdı:<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/208">cogent and henet not peering</a></strong>
<em>VOLKAN KIRIK (Aug 19)</em><br>
lets just say cogent gives 400GE in each pop they have in common with <br>
he.net for free.<br>
<br>
*BUT* they will rate-limit he.net links *to* previous month&apos;s 95th <br>
percentile upload or download (which is minimum) rate (*each month*)<br>
<br>
to make ratio 1:1... to make downstream and upstream traffics fair...<br>
<br>
okay?<br>
<br>
fine?<br>
<br>
come on people,<br>
<br>
segmentation is bad.<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/207">SAFNOG-7: 10 Days to Go! Register Now to Attend</a></strong>
<em>Mark Tinka (Aug 19)</em><br>
Hello all.<br>
<br>
With 10 days to go to the 7th edition of SAFNOG, we are delighted, and <br>
excited, to welcome you all to sunny and vibrant Cape Town, where we can <br>
all see each other after 2 years of social distancing.<br>
<br>
We have put together a very exciting program that covers a number of <br>
new, trending, thoughtful, operational and technical topics from within <br>
our community. Here are some key highlights:<br>
<br>
  * The arrival of the new Equiano cable...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/206">Fwd: RFC 9288 on Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers</a></strong>
<em>Fernando Gont (Aug 18)</em><br>
Hi,<br>
<br>
FYI. RFC 9288, &quot;Recommendations on the Filtering of IPv6 Packets <br>
Containing IPv6 Extension Headers at Transit Routers&quot; (available at: <br>
<a  rel="nofollow" href="https://www.rfc-editor.org/rfc/rfc9288">https://www.rfc-editor.org/rfc/rfc9288</a>)<br>
<br>
FWIW, IMO most of the value is in the analysis of what <br>
protocols/features use what EHs, and what would break (if anything) if <br>
packets with EHs are dropped.<br>
<br>
These other two are useful for context:<br>
<br>
* RFC 9098, &quot;Operational Implications of IPv6 Packets...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/205">Re: Zayo/as6461 will now drop invalid prefixes from our peers.</a></strong>
<em>J. Hellenthal via NANOG (Aug 18)</em><br>
Week or so ?<br>
<br>
Care to clarify to be a &quot;little bit more exact&quot; on the start date at least ...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/204">Re: Zayo/as6461 will now drop invalid prefixes from our peers.</a></strong>
<em>Ca By (Aug 18)</em><br>
On Thu, Aug 18, 2022 at 10:58 AM Rob Robertson &lt;rob.robertson () zayo com&gt;<br>
wrote:<br>
<br>
This is excellent. Thank you!<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/203">Zayo/as6461 will now drop invalid prefixes from our peers.</a></strong>
<em>Rob Robertson (Aug 18)</em><br>
The Zayo/as6461 network will shortly start dropping all RPKI-invalid route<br>
announcements that we receive from our peers. This should be rolled<br>
out over our network in the next week or so.<br>
<br>
While we will still continue to accept existing invalid route announcements<br>
from our customers for now, we will be working with our customers to reduce<br>
and/or eliminate invalid announcements.<br>
<br>
Thank you,<br>
<br>
;rob<br>
<br>
Rob Robertson<br>
Network Architect | *Zay**o** Group*<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/202">VIDEO | Howard U Shares Experience of N85 via NANOG College Immersion Program + More</a></strong>
<em>Nanog News (Aug 18)</em><br>
*VIDEO | **Howard University Shares Experience of N85 via NCI Program*<br>
*Educating + Empowering the Next Gen. of Networking Pros*<br>
<br>
A Howard University professor and his students had the opportunity to<br>
attend NANOG 85 through our NANOG College Immersion (NCI) program sponsored<br>
by AWS.<br>
<br>
We asked them about their experience attending the international conference<br>
from the unique perspective of minorities in tech early in their careers.<br>
<br>
*Hear what...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/nanog/2022/Aug/201">Fwd: Reminder: Call for Papers: IAB workshop on Management Techniques in Encrypted Networks (M-TEN)</a></strong>
<em>Warren Kumari (Aug 18)</em><br>
Hi there all,<br>
<br>
The IAB is organizing a workshop on Management Techniques in Encrypted<br>
Networks (M-TEN).<br>
<br>
This seemed sufficiently on-topic and relevant (and the IAB is looking for<br>
operator input) that I decided it was worth sharing with the list.<br>
<br>
Please see below for details,<br>
W<br>
<br>
---------- Forwarded message ----------<br>
From: IAB Executive Administrative Manager &lt;execd () iab org&gt;<br>
Date: Monday, August 15 2022 at 11:40 AM EDT<br>
Subject:...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
</blockquote>
</div>
<div id="interesting-people" class="l-abstract">
<a href="/interesting-people/"><img src="/images/interesting-people-logo.png" width="80" class="right" alt="interesting-people logo"></a><p><b><a href="/interesting-people/">Interesting People</a></b> &mdash; David Farber moderates this list for discussion involving internet governance, infrastructure, and any other topics he finds fascinating<ul class="inline"><li class="first"><a href="/interesting-people/2022/Aug/index.html"><img src="/images/current-icon-16x16.png" width=16 height=16 alt="Current period icon">Current Month</a>
<li><a href="/interesting-people/"><img src="/images/archive-icon-16x16.png" width=16 height=16 alt="Archive icon">Archived Posts</a>
<li><a href="/rss/interesting-people.rss"><img src="/images/feed-icon-16x16.png" width=16 height=16 alt="RSS icon">RSS Feed</a>
<li><a href="http://www.listbox.com/subscribe/?list_id=247"><img src="/images/about-icon-16x16.png" width=16 height=16 alt="About icon">About List</a>
<li><a class="showbutton" href="/interesting-people/"><span class="show-id">interesting-people</span>Latest Posts</a></ul>
<blockquote id="latest-interesting-people" class="latest">
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/interesting-people/2022/Aug/7">INVITATION TO ATTEND A SEMINAR ON PROJECT MONITORING, EVALUATION, ACCOUNTABILITY AND LEARNING (PMEAL) ON 5TH TO 16TH SEPTEMBER 2022</a></strong>
<em>Skills for Africa Training Institute (Aug 18)</em><br>
&lt;<a  rel="nofollow" href="https://133IK.trk.elasticemail.com/tracking/click?d=4RSOGeS5HI6KFJixQpykUH7SBDSj0A2EdHdcqqEk-KMkPvEcib-XG5qoTWw7Oc4ngrquig-5NwFZpD0qx_2tBq3OEOIYllXK75ABh_Z6I63cDfYqiOmiLZqXkFzJuVGuWYDxY61jWq8UWmx9zrRZ51w1">https://133IK.trk.elasticemail.com/tracking/click?d=4RSOGeS5HI6KFJixQpykUH7SBDSj0A2EdHdcqqEk-KMkPvEcib-XG5qoTWw7Oc4ngrquig-5NwFZpD0qx_2tBq3OEOIYllXK75ABh_Z6I63cDfYqiOmiLZqXkFzJuVGuWYDxY61jWq8UWmx9zrRZ51w1</a>&gt;<br>
SEMINAR <br>
ON PROJECT MONITORING, EVALUATION, ACCOUNTABILITY AND LEARNING (PMEAL) ON 5TH TO <br>
16TH SEPTEMBER 2022<br>
<br>
&lt;...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/interesting-people/2022/Aug/6">Parque Centenario, AMENITIES - SUM - SOLARIUM - PISCINA - PARRILLA</a></strong>
<em>Marisa (Aug 17)</em><br>
        <br>
<br>
&amp;nbsp;...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/interesting-people/2022/Aug/5">INVITATION TO ATTEND A TRAINING COURSE ON INFORMATION SECURITY AND DATA MANAGEMENT</a></strong>
<em>Data-Afrique consultancy (Aug 16)</em><br>
 <br>
<br>
&lt;<a  rel="nofollow" href="http://tracking.data-afriqueconsultancy.or.ke/tracking/click?d=oDah7l8kg8fRX4v_Dq9CJ8fKCK7MLa9PexMMw99FlDBkezJxBTHpoNb4sbb-8aNhjiZtjKOo_b2fPG0PDDHlcL5ubJHrn8RRGx8_pndnQkUa17S2QMuN4KQPBkTkEmYBAeKJwGEGcFXHsC2NSTpI7i_RozSVJYQwgCTDmEPwffKimq_Hl9KefHJ7KaXiNIJV4cp_m0TbDM6mwUcWxY1UPhRn8JAt_hit-hlxqHrasa6qxsIjhvQg7JzMxxOxnw5pbenhWOWy4ePLHQfSK5carigY3j5RjZ8x-0bcNICJyPnEMO2920bMSxMjecmnxvYqYA2">http://tracking.data-afriqueconsultancy.or.ke/tracking/click?d=oDah7l8kg8fRX4v_Dq9CJ8fKCK7MLa9PexMMw99FlDBkezJxBTHpoNb4sbb-8aNhjiZtjKOo_b2fPG0PDDHlcL5ubJHrn8RRGx8_pndnQkUa17S2QMuN4KQPBkTkEmYBAeKJwGEGcFXHsC2NSTpI7i_RozSVJYQwgCTDmEPwffKimq_Hl9KefHJ7KaXiNIJV4cp_m0TbDM6mwUcWxY1UPhRn8JAt_hit-hlxqHrasa6qxsIjhvQg7JzMxxOxnw5pbenhWOWy4ePLHQfSK5carigY3j5RjZ8x-0bcNICJyPnEMO2920bMSxMjecmnxvYqYA2</a>&gt;<br>
TRAINING COURSE ON INFORMATION SECURITY AND DATA...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/interesting-people/2022/Aug/4">Highland Park Country Club, Alquiler y Venta</a></strong>
<em>Marisa (Aug 11)</em><br>
        <br>
<br>
&amp;nbsp;<br>
<br>
Venta o Alquiler<br>
<br>
La Capitana Real Estate de Marisa G. Snatman<br>
Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA<br>
3 De Febrero 820 2°D (CABA 1426),&amp;nbsp; Ruta Nacional N 8 KM.52 (Pilar)<br>
<br>
&amp;nbsp;<br>
<br>
Haga click aquí para reenviar este email a otra persona<br>
<br>
&amp;nbsp;<br>
<br>
Para remover su direcci&amp;oacute;n de esta lista haga &lt;a <br>
href=&quot;...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/interesting-people/2022/Aug/3">Saavedra, 2 ambientes a estrenar con pronta entrega</a></strong>
<em>La Capitana (Aug 08)</em><br>
        <br>
<br>
&amp;nbsp;...<br>
</p>
<p class="excerpt">
<strong><a href="https://seclists.org/interesting-people/2022/Aug/2">INVITATION TO ATTEND A STRATEGIC CRISIS MANAGEMENT AND CORPORATE RISK REDUCTION SEMINAR ON 12TH TO 16TH SEPTEMBER, 2022</a></strong>
<em>Skills for Africa Training Institute (Aug 08)</em><br>
&lt;<a  rel="nofollow" href="https://133IK.trk.elasticemail.com/tracking/click?d=4RSOGeS5HI6KFJixQpykUH7SBDSj0A2EdHdcqqEk-KOxadRR1gJhVuU0KfhL1AoUZ6vORawaIwja2jO38SU8PVrY5NbQIVSLhcm-8tccg0_cq3qH14xJs8AnDxeV9wvuvtzvX22hDLpWMfM2AAN5uZo1">https://133IK.trk.elasticemail.com/tracking/click?d=4RSOGeS5HI6KFJixQpykUH7SBDSj0A2EdHdcqqEk-KOxadRR1gJhVuU0KfhL1AoUZ6vORawaIwja2jO38SU8PVrY5NbQIVSLhcm-8tccg0_cq3qH14xJs8AnDxeV9wvuvtzvX22hDLpWMfM2AAN5uZo1</a>&gt;<br>
STRATEGIC CRISIS MANAGEMENT AND CORPORATE RISK REDUCTION SEMINAR ON <br>
12THTO 16TH SEPTEMBER, 2022<br>
<br>
&lt;...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/interesting-people/2022/Aug/1">ml15.gpserver4.com - Competitive Based Strategy - Pricing USD 100 pm</a></strong>
<em>Sourabh (Aug 05)</em><br>
Dear Team,<br>
<br>
Hope you are doing well.<br>
<br>
 It is my pleasure to let you know that we are offering SEO services for<br>
only *$100/pm*, we can include 5 to 10 best keywords in the work process.<br>
The audit report and the scope of work are defined below, please review and<br>
let me know your thoughts to discuss further.<br>
<br>
*Let me analyze the technical factors first, please review the<br>
below-specified issues.*<br>
<br>
*On-page Factors*<br>
<br>
*Factors*<br>
<br>
*Analysis  *<br>
<br>
*Action*...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/interesting-people/2022/Aug/0">Proyectos, Cañitas, Belgrano, Palermo, Vte. Lopez, Caballito, etc</a></strong>
<em>Marisa (Aug 03)</em><br>
        <br>
<br>
Converti tus Pesos en Dolares <br>
<br>
Mas Oportunidades para vos haciendo click aqui<br>
<br>
&amp;nbsp;<br>
<br>
La Capitana Real Estate de Marisa G. Snatman<br>
<br>
Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA<br>
<br>
3 De Febrero 820 2°D (CABA 1426),&amp;nbsp; Ruta Nacional N 8 KM.52 (Pilar)<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
Para remover su direcci&amp;oacute;n de esta lista haga &lt;a...<br>
</p>

 

<!-- MHonArc v2.6.19 -->
<!-- MHonArc v2.6.19 -->

 

<p class="excerpt">
<strong><a href="https://seclists.org/interesting-people/2022/Jul/7">Emprendimientos, Palermo, Belgrano, Nuñez, Saavedra, Caballito, Parque Centenario, etc</a></strong>
<em>Marisa (Jul 27)</em><br>
        <br>
<br>
Balcones Amplios, Parrillas, Terrazas, Jardines y Patios Propia<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
Mas Oportunidades para vos haciendo click aqui<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
&amp;nbsp;<br>
<br>
La Capitana Real Estate de Marisa G. Snatman<br>
<br>
Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA<br>
<br>
3 De...<br>
</p>


<p class="excerpt">
<strong><a href="https://seclists.org/interesting-people/2022/Jul/6">Casas en Ayres del Pilar, Lagartos CC, Belgrano, etc</a></strong>
<em>La Capitana (Jul 22)</em><br>
        <br>
<br>
🍀 + Espacio&amp;nbsp;+ Verde&amp;nbsp;

Resolver

Resolver ASN
AS9121
Resolver IP
195.175.120.8
Resolver Network Name
Turk Telekomunikasyon Anonim Sirketi
Measurement UID
20220819194139.652587_TR_webconnectivity_49575bb981639c92
Report ID
20220819T192700Z_webconnectivity_TR_9121_n1_1XP1LuH4WCCL3nti
Platform
windows
Software Name
ooniprobe-desktop-unattended (3.14.1)
Measurement Engine
ooniprobe-engine (3.14.1)

Raw Measurement Data

Loading…