When using the public cloud there are always challenges which need to be overcome. Organizations lose some of the control over how security is handled and who can access the elements which, in most cases, are the core of the company's business. Additionally, some of those elements are controlled by local laws and regulations.This is especially true in the Financial Services and Insurance Industry (FSI) where regulations are gradually increasing in scope. For example in the EU, the emerging Digital Operational Resiliency Act (DORA) now includes the protection and handling of data while it is ex

Secure cloud bursting: Leveraging confidential computing for peace of mind

Attackers are triggering victims' deep-seated fear of getting in trouble in order to spread the sophisticated stealer across continents.

Source: Charles Walker Collection via Alamy Stock Photo

Hundreds of companies worldwide have been targeted with spear-phishing emails claiming copyright infringement that actually deliver an infostealer.

Starting in July, Check Point Research began to track the emails as they spread across the Americas, Europe, and Southeast Asia, coming from a new domain each time. Hundreds of its customers have been targeted, indicating that the real reach of the campaign may be far greater still.

The goal of the emails is to bait guilt-riddled victims into downloading Rhadamanthys, a sophisticated infostealer equally capable of pilfering nation-state intelligence or, in this case, cryptocurrency wallet passphrases.

**CopyR(ight)hadamantys**

No two emails in the campaign that researchers have dubbed "CopyR(ight)hadamantys" come from the same address, indicating that there must be some kind of automation behind their distribution. This automation proves awkward in some circumstances — like when an Israeli target receives an email almost entirely in Korean — and limits the emails' ability to realistically impersonate known brands.

Each one is made to seem as if it came from legal representatives of specific, known companies. Nearly 70% of those companies come from either technology — like Check Point itself — or from media and entertainment industries.

The profile of impersonated brands weaves in neatly with the story the attackers peddle: that recipients have posted some sort of content on social media that violated a copyright. "I assume everyone has done it to some degree in his life," says Sergey Shykevich, threat intelligence group manager at Check Point. "It just makes people hesitate and think, 'Oh, did I use some wrong image? Did I copy some text \[by accident\]?' Even if you didn't."

Recipients are asked to remove specific images and videos, the details of which are contained in a password-protected file. The file is actually a link that redirects the user to download an archive from Dropbox or Discord. The archive contains a decoy document, a legitimate executable, and a malicious dynamic link library (DLL) containing the Rhadamanthys stealer.

**What to Know About Rhadamanthys**

Rhadamanthys is a popular and accomplished information stealer. As Shykevich explains, "It's without any doubt the most sophisticated of those infostealers which are sold as commodity malware in the Dark Web. It's more expensive than other infostealers: Mostly you'll rent other infostealers from between $100 to $200. Rhadamanthys is more, around $1,000. It's much more modular, more obfuscated, and more complicated in how it's built: The way it loads itself, hides itself, all this makes detection much more complicated."

Among other features, the newest Rhadamanthys version 0.7 sports a slightly archaic machine-learning-based optical character recognition (OCR) component. It's hardly advanced artificial intelligence (AI) — it struggles with text in mixed colors, can't read handwriting, and only interprets the most popular fonts. Nonetheless, it helps the malware read data from static documents (like PDFs) and images.

In CopyR(ight)hadamantys, the OCR module comes loaded with a dictionary of 2,048 words associated with Bitcoin wallet protection codes. This might suggest that the attackers are after cryptocurrencies, which, if true, would also align with the campaign's broad targeting, characteristic of financially motivated campaigns. In recent months, Rhadamanthys has also been associated with nation-state threat actors like Iran's Void Manticore, and the pro-Palestine group "Handala."

**One Strange Stealth Feature**

Organizations looking to defend against CopyR(ight)hadamantys should start with phishing protections, but there's another quirk of the campaign worth noting as well.

After making landfall, the malicious DLL writes a significantly larger version of itself to the victim computer's Documents folder, which masquerades as a component of Firefox. This version of the file is functionally equivalent to the first. What makes it so much heavier is an "overlay" — useless data that serves two meta-functions. First, it changes the file's hash value, a common means by which antivirus programs identify malware.

Some antivirus programs also avoid scanning extra large files. "For example, they don't want to run files associated with games, with a huge number of gigabytes, because it makes for an intense load," Shykevich explains. By this logic, an otherwise uselessly larger Rhadamanthys file might improve its chances of avoiding detection. Though, he adds, "It's not extremely common because it's also not convenient for the attackers to deal with huge files. With some email solutions, you can't attach files more than 20MB, so you need to send the victim to some external resource. So it's a tactic, but it's not some crazy tactic that always works."

Organizations might want to sniff out at any particularly large files that employees may be downloading from emails. "It's not easy, because there are many reasons why some legitimate files will be big," he says. "But I think it's possible to implement some \[effective\] rules for what you can download."

**About the Author**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

Fake Copyright Infringement Emails Spread Rhadamanthys

Campaigns like Silver Fox and Void Arachne are deploying the framework, using social media and messaging platforms to lure in victims.

Source: RaymondAsiaPhotography via Alamy Stock Photo

Researchers are warning of an advanced malicious framework called Winos4.0 that's getting distributed in the installation tools, speed boosters, and optimization utilities for gaming applications.

The framework is rebuilt from Gh0strat with several modular components, each of them handling different functions; the framework has been deployed in several attack campaigns such as Silver Fox and Void Arachne.

"Winos4.0 is an advanced malicious framework that oﬀers comprehensive functionality, a stable architecture, and efficient control over numerous online endpoints to execute further actions," Fortinet FortiGuard Labs researchers stated.

The campaigns using this framework have been previously documented by Trend Micro and the KnownSec 404 Team and have been observed targeting Chinese-speaking users, leveraging SEO tactics, social media, and messaging platforms like Telegram to distribute the malware.

Once the victim runs the application, it retrieves a fake BMP file from the server ad59t82g\[.\]com. The file then extracts the DLL, which is responsible for setting up the execution environment, according to the researchers.

The attack chain involves multiple encrypted data and C2 communication to complete the injection of the malware.

"Threat campaigns leverage game-related applications to lure a victim to download and execute the malware without caution and successfully deploy deep control of the system," the Fortinet researchers added. Users should be wary of any new applications' source and only download software from reputable sources.

Don't miss the latest Dark Reading Confidential podcast, where we talk about NIST's post-quantum cryptography standards and what comes next for cybersecurity practitioners. Guests from General Dynamics Information Technology (GDIT) and Carnegie Mellon University break it all down. Listen now!

**About the Author**

Chinese Gamers Targeted in Winos4.0 Framework Scam

Google Cloud will take a phased approach to make multifactor authentication mandatory for all users.

Source: Genius Studio via Adobe Stock Photo

In a bid to improve account security, Google will enforce mandatory multifactor authentication (MFA) for all Google Cloud users by the end of 2025. Currently, 70% of Google users have MFA enabled.

This requirement will apply to all Google Cloud users who currently use passwords for authentication and all new users; it will not apply to general consumer Google accounts. The company will begin the first phase of a year-long implementation this month.

*   In Phase 1, Google Cloud administrators will receive information on how to prepare for the transition. Phase 1 will raise awareness and provide materials to help plan a rollout and conduct testing.
    
*   Phase 2, to begin in early 2025, will require all new users and existing Google Cloud users who use passwords for authentication to enable MFA on their accounts. The notifications and guidance will be displayed in Google Cloud Console, Firebase Console, gCloud, and other platforms.
    
*   Phase 3, at the end of 2025, will require users who federate authentication into Google Cloud to turn on MFA. Users can enable MFA with their primary identity providers before accessing Google Cloud — or add an extra layer of MFA through the Google account.
    

"Beginning this month, you'll find helpful reminders and information in the Google Cloud console, including resources to help raise awareness, plan your rollout, conduct testing, and smoothly enable MFA for your users," the company said.

MFA adoption is one of the key recommendations in the Cybersecurity and Infrastructure Security Agency's (CISA) Secure By Design initiative. The shift to mandatory MFA is happening throughout the industry. In June, Amazon started requiring mandatory MFA for Amazon Web Services. Customers signing into the AWS Management Console with the root user of an AWS Organizations management account also had to start using MFA, which has since been extended to stand-alone accounts outside of AWS Organizations.

Mandatory MFA has also be adopted by Snowflake, which in July introduced an option to allow administrators to enforce mandatory MFA for all users. The following monty, Microsoft announced its rollout for Microsoft Azure. Microsoft's plan, similar to Google Cloud's, takes a phased approach. Phase 1 for Microsoft started last month, with MFA required to sign in to Azure portal, Microsoft Entra admin center, and Intune admin center. Phase 2, also beginning early next year, will gradually enforce MFA for Azure CLI (command-line interface), Azure PowerShell, Azure mobile app, and infrastructure-as-code tools.

While CISA has said that MFA means users are 99% less likely to be hacked, it is important to remember that MFA is not foolproof.

"Mandatory MFA is necessary but not sufficient for enterprise security," says Jasson Casey, CEO of Beyond Identity. "This is because MFA is not created equal and doesn't offer the same level of security assurances."

MFA and two-factor authentication has been in use in some shape or form for more than 20 years, and attackers have had time to innovate against it, said Kris Bondi, CEO and co-founder of Mimoto, in an emailed statement. Threat actors are increasingly launching phishing operations that can bypass legacy MFA, which is why the National Institute of Standards and Technology and CISA have urged adopting phishing-resistant MFA.

Google Cloud to Enforce MFA on Accounts in 2025

The draft amendment also includes prison time for those who access systems to maliciously spy or intercept data.

Source: Simon Tilley via Alamy Stock Photo

Germany's Federal Ministry of Justice has drafted legislation that would protect security researchers who discover and report security flaws to vendors.

The draft eliminates criminal liability for people who choose to warn businesses, and ultimately the public, of cyber vulnerabilities. The proposed law amends an existing law that protects IT security researchers, companies, and hackers from punishment.

Certain criteria must be met for the act to be considered security research. The action must aim to identify a vulnerability or security risk in an IT system, and the researcher who discovers the flaw must have the intent of reporting the vulnerability to those responsible for addressing the issue. They should also only be accessing a system to identify a vulnerability.

The draft proposes a penalty of three to five months in prison for severe cases of malicious data spying and data interception that include criminal acts, acts motivated by profit, or those that result in substantial financial damage.

"Those who want to close IT security gaps deserve recognition — not a letter from the prosecutor," stated Marco Buschmann, the Federal Minister of Justice.

**About the Author**

German Law Could Protect Researchers Reporting Vulns

SANS's "2024 State of ICS.OT Cybersecurity report" highlights the most common types of attack vectors used against ICT/OT networks.

Attacks against industrial-control systems (ICS) and operational technology (OT) systems are increasing, as adversaries find weaknesses in IT networks that allow them to move into OT networks, according to a recent report from the SANS Institute.

The "State of ICS/OT Cybersecurity 2024" report is based on responses from cybersecurity professionals in various critical-infrastructure sectors. More non-ransomware incidents (74.4%) were reported than ransomware (11.7%) over the past year, according to the report.

Other initial attack vectors involved in OT/ICS incidents include compromising these systems by use of external remote services (23.7%) or Internet-accessible devices (23.7%), compromising employee workstations (20.3%) and removable media (20.3%), and a supply chain compromise (20.3%). It's worth noting that 18.6% of respondents said attackers attempted spear-phishing with an email attachment for the initial compromise.

Nearly one out of five (19%) of respondents reported one or more security incidents over the past year.

While only 12% of respondents reported being the targets of ransomware attacks in the past 12 months, the impact on the OT/ICS environment remains "potentially catastrophic," SANS said in the report. Of the organizations that reported a ransomware incident, 38% said only their IT network systems were impacted, while 28.6% said their OT/ICS networks were affected. Just 21% said both networks were impacted, and 38.1% said reliability and safety were compromised during those attacks.

"Although the overall trend \[of ransomware\] seems to have decreased, the impacts are still potentially catastrophic and should be considered for all ICS/OT-specific incident response programs," SANS said.

**About the Author**

Jennifer Lawinski is a writer and editor with more than 20 years experience in media, covering a wide range of topics including business, news, culture, science, technology and cybersecurity. After earning a Master's degree in Journalism from Boston University, she started her career as a beat reporter for The Daily News of Newburyport. She has since written for a variety of publications including CNN, Fox News, Tech Target, CRN, CIO Insight, MSN News and Live Science. She lives in Brooklyn with her partner and two cats.

Attackers Breach IT-Based Networks Before Jumping to ICS/OT Systems

Interpol disrupts 22,000 malicious IP addresses, 59 servers, 43 electronic devices, and arrests 41 suspected cybercriminals.

Source: Timon Schneider via Alamy Stock Photo

Operation Synergia II, an international law enforcement effort supported by the private cybersecurity sector, successfully dismantled a widespread cybercrime operation stretching from Hong Kong to Estonia, Interpol said this week.

Operation Synergia II was launched in April, with law enforcement collaborating with cybersecurity experts from Group-IB, Trend Micro, Kaspersky, and Team Cymru to track down thousands of servers used to commit cybercrimes involving phishing, infostealers, and ransomware attacks. Interpol discovered 30,000 malicious IP addresses and has already taken down 22,000, along with 59 servers.

Law enforcement across several countries contributed on-the-ground resources to perform house searches and seize electronics believed to support the cybercriminal operation — leading to the arrest of 41 people, with 65 others still under investigation, according to Interpol.

As part of the coordinated response, police in Hong Kong took down 1,037 servers, while in Mongolia police conducted 21 house searches and were able to identify 93 individuals believed to be linked to cybercrimes. Macau cops took 291 servers offline, and in Madagascar police tracked down 11 people linked to the servers and seized multiple devices. And in Estonia, authorities confisacted more than 80GB of server data, which is still being analyzed at Interpol.

"The global nature of cybercrime requires a global response which is evident by the support member countries provided to Operation Synergia II," Neal Jetton, Interpol's director of the Cybercrime Directorate, said in a statement. "Together, we've not only dismantled malicious infrastructure but also prevented hundreds of thousands of potential victims from falling prey to cybercrime."

Don't miss the latest Dark Reading Confidential podcast, where we talk about NIST's post-quantum cryptography standards and what comes next for cybersecurity practitioners. Guests from General Dynamics Information Technology (GDIT) and Carnegie Mellon University break it all down. Listen now!

International Police Effort Obliterates Cybercrime Network

Omdia Principal Analyst Hollie Hennessy says that until a promising new set of regulations around the world comes online, connected device security entails a shared responsibility among consumers, enterprises, and manufacturers.

Hollie Hennessy, Principal Analyst, IoT Cybersecurity, Omdia

November 6, 2024

4 Min Read

COMMENTARY

A broad array of Internet-connected devices have become a part of our lives, whether the mobile devices that we use daily, the Internet of Things (IoT) devices often spread throughout our "smart" homes, or even the medical devices that help provide us care when we need it.

These devices are now a fixture of our lives, professionally and personally. Unfortunately, they bring with them a countless number of cybersecurity challenges.

**Consumers Must Watch for Insecure Devices, Scams**

Historically, home IoT devices in particular have been neglected when it comes to cybersecurity. Security was rarely a concern for consumer device makers.

However, we've seen positive movement by governments globally, offering up new guidelines and regulations to facilitate better security of these products for consumers. In October alone, the Cyber Resilience Act (EU) was adopted by the council, and Australia announced its Cybersecurity Bill 2024, which proposes new security guidelines for smart devices.

That said, consumers should be aware that manufacturers might not yet be doing the best they can regarding cybersecurity. Cheap devices sold on online marketplaces often are riddled with vulnerabilities, despite looking like a good deal. Fortunately, once a number of promising new and proposed regulations take effect in many regions, this will no longer be the case — but for now, consumers must still largely look out for themselves.

Related:Any IoT Device Can Be Hacked, Even Grills

Scams are one of the most common cybersecurity issues for consumers, and IoT and mobile devices can make these scams easier to perpetrate. Mobile devices have put everything in the palm of our hand, even our financial transactions; a seemingly legitimate mobile application or a well-timed smishing message can do great harm. Consumers should be wary of anyone telling them to download an application or take any other unusual action, especially if they are asking for payment without receiving any services.

For example, in Singapore, millions of dollars are lost to scams — whether through social engineering, or malware-enabled. Scams have proliferated social media too, including Facebook, Instagram, and LinkedIn. While the government, banks, and device makers are working to address issues like this, consumers must practice vigilance throughout daily life.

**IT-OT Combination Is Emerging Issue**

For enterprises, even though information technology and operational technology (IT and OT) security are generally handled separately, Omdia believes a holistic strategy incorporating both will be increasingly important.

Organizations are also increasingly relying on IoT and other cyber-physical devices — many of which fall into critical national infrastructure sectors such as energy, transport, wastewater, and healthcare. Often, IT security tends to get a lot of focus, but it's the entire landscape, including IoT and OT, and the gaps in between that need to be adequately secured.

Enterprises will increasingly be affected by regulation as well. October also saw the deadline for European Union member states to implement the NIS 2 Directive — which is intended to enhance the security and resiliency of networking and information systems in the EU — into national law. Requirements are broadly focused on reporting, accountability, risk management, and business continuity, with minimum requirements spanning these categories, such as incident response planning, cybersecurity training, and tooling such as multifactor authentication and employee and asset access.

Despite regulatory burdens, Omdia's research suggests that cybersecurity maturity — at least for cyber-physical assets — isn't quite where it needs to be. Omdia's 2024 Cybersecurity Decision Maker Survey revealed that only 37% of organizations are confident that their business could continue to operate efficiently in the event of a cyber-physical system compromise, yet around a third do not have an adequate strategy for securing IoT devices.

**Device Manufacturers Facing Major Strategic, Operational Adjustments**

For device manufacturers, it's time to start thinking about how to adapt to an evolving regulatory environment. Even small manufacturers hoping to sell into regulated regions will need to adhere to cybersecurity requirements — setting up the product security teams, processes, and supporting technology will take a significant period of time. Collaborating effectively between product security and cybersecurity teams is no mean feat.

Considering the software and firmware element of product security also will be key. This will require new and enhanced communication between engineering and cybersecurity teams, alongside DevSecOps processes. Omdia's research suggests that consumers see security as a purchase driver for IoT devices, so it's best to start to ensure devices are secure sooner rather than later.

**About the Author**

Principal Analyst, IoT Cybersecurity, Omdia

Hollie works as a Principal Analyst within the Omdia team, providing insight into the fascinating and fast-moving domain of IoT Cybersecurity.

Hollie has a range of experience in research. She began her career in the legal sector, writing and researching for expert witness reports on the labour market. She then moved into product testing, with a consumer protection focus. In this role she was responsible for managing comparative tests of various tech products, as well as regular testing and investigative work into the security of these products.

She has published various articles for Which?, the UK's largest consumer organisation and one of the largest subscription magazines, and Computing magazine.

Despite Emerging Regulations, Mobile Device, IoT Security Requires More Industry Attention

Gentoo Linux Security Advisory 202411-1 - A vulnerability has been discovered in Neat VNC, which can lead to authentication bypass. Versions greater than or equal to 0.8.1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202411-01  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Neat VNC: Authentication Bypass  
     Date: November 06, 2024  
     Bugs: #937140  
       ID: 202411-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Neat VNC, which can lead to  
authentication bypass.

Background  
==========

Neat VNC is a liberally licensed VNC server library that's intended to  
be fast and neat.

Affected packages  
=================

Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
gui-libs/neatvnc  < 0.8.1       >= 0.8.1

Description  
===========

Neat VNC allows remote attackers to bypass authentication via a request  
in which the client specifies an insecure security type such as "Type 1  
- None", which is accepted even if it is not offered by the server, as  
originally demonstrated using a long password.

Impact  
======

A remote attacker can opt not to use any authentication method and  
access the VNC server.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Neat VNC users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=gui-libs/neatvnc-0.8.1"

References  
==========

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202411-01

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202411-01

Red Hat Security Advisory 2024-8906-03 - A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Issues addressed include bypass, denial of service, memory leak, remote SQL injection, and traversal vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8906.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Critical: Satellite 6.16.0 release  
Advisory ID:        RHSA-2024:8906-03  
Product:            Red Hat Satellite 6  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8906  
Issue date:         2024-11-06  
Revision:           03  
CVE Names:          CVE-2024-4067  
====================================================================

Summary: 

A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9.

Red Hat Product Security has rated this update as having a security impact  
of  Critical. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

Description:

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.

Security Fix(es):

* mosquitto: sending specific sequences of packets may trigger memory leak  
(CVE-2024-8376)  
* micromatch: vulnerable to Regular Expression Denial of Service (CVE-2024-4067)  
urllib3: proxy-authorization request header is not stripped during cross-origin redirects (CVE-2024-37891)  
* node-tar: denial of service while parsing a tar file due to lack of folders depth validation (CVE-2024-28863)  
* python-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)   
* python-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)  
* python-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)  
* python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)  
* github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp (CVE-2024-5569)  
* puppet-foreman: An authentication bypass vulnerability exists in Foreman (CVE-2024-7012)  
* python-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)  
* grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)  
* puppet-pulpcore: An authentication bypass vulnerability exists in pulpcore (CVE-2024-7923)  
* foreman: Read-only access to entire DB from templates (CVE-2024-8553)

Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.

Solution:

https://access.redhat.com/documentation/en-us/red_hat_satellite/6.16/html/updating_red_hat_satellite/index

CVEs:

CVE-2024-4067

References:

https://access.redhat.com/security/updates/classification/#critical  
https://bugzilla.redhat.com/show_bug.cgi?id=2280601  
https://bugzilla.redhat.com/show_bug.cgi?id=2292788  
https://bugzilla.redhat.com/show_bug.cgi?id=2293200  
https://bugzilla.redhat.com/show_bug.cgi?id=2295935  
https://bugzilla.redhat.com/show_bug.cgi?id=2295936  
https://bugzilla.redhat.com/show_bug.cgi?id=2295937  
https://bugzilla.redhat.com/show_bug.cgi?id=2295938  
https://bugzilla.redhat.com/show_bug.cgi?id=2296413  
https://bugzilla.redhat.com/show_bug.cgi?id=2299429  
https://bugzilla.redhat.com/show_bug.cgi?id=2302436  
https://bugzilla.redhat.com/show_bug.cgi?id=2305718  
https://bugzilla.redhat.com/show_bug.cgi?id=2312524  
https://bugzilla.redhat.com/show_bug.cgi?id=2318080  
https://issues.redhat.com/browse/SAT-12847  
https://issues.redhat.com/browse/SAT-15089  
https://issues.redhat.com/browse/SAT-15466  
https://issues.redhat.com/browse/SAT-15467  
https://issues.redhat.com/browse/SAT-15549  
https://issues.redhat.com/browse/SAT-16224  
https://issues.redhat.com/browse/SAT-16247  
https://issues.redhat.com/browse/SAT-16381  
https://issues.redhat.com/browse/SAT-16537  
https://issues.redhat.com/browse/SAT-16593  
https://issues.redhat.com/browse/SAT-17442  
https://issues.redhat.com/browse/SAT-17443  
https://issues.redhat.com/browse/SAT-17785  
https://issues.redhat.com/browse/SAT-18093  
https://issues.redhat.com/browse/SAT-18270  
https://issues.redhat.com/browse/SAT-18327  
https://issues.redhat.com/browse/SAT-18410  
https://issues.redhat.com/browse/SAT-18461  
https://issues.redhat.com/browse/SAT-18568  
https://issues.redhat.com/browse/SAT-18610  
https://issues.redhat.com/browse/SAT-18705  
https://issues.redhat.com/browse/SAT-18721  
https://issues.redhat.com/browse/SAT-18859  
https://issues.redhat.com/browse/SAT-18993  
https://issues.redhat.com/browse/SAT-19018  
https://issues.redhat.com/browse/SAT-19269  
https://issues.redhat.com/browse/SAT-19342  
https://issues.redhat.com/browse/SAT-19389  
https://issues.redhat.com/browse/SAT-19394  
https://issues.redhat.com/browse/SAT-19501  
https://issues.redhat.com/browse/SAT-19502  
https://issues.redhat.com/browse/SAT-19504  
https://issues.redhat.com/browse/SAT-19511  
https://issues.redhat.com/browse/SAT-19592  
https://issues.redhat.com/browse/SAT-19614  
https://issues.redhat.com/browse/SAT-19621  
https://issues.redhat.com/browse/SAT-19748  
https://issues.redhat.com/browse/SAT-19789  
https://issues.redhat.com/browse/SAT-19922  
https://issues.redhat.com/browse/SAT-19993  
https://issues.redhat.com/browse/SAT-19999  
https://issues.redhat.com/browse/SAT-20099  
https://issues.redhat.com/browse/SAT-20361  
https://issues.redhat.com/browse/SAT-20445  
https://issues.redhat.com/browse/SAT-20553  
https://issues.redhat.com/browse/SAT-21261  
https://issues.redhat.com/browse/SAT-21266  
https://issues.redhat.com/browse/SAT-21268  
https://issues.redhat.com/browse/SAT-21273  
https://issues.redhat.com/browse/SAT-21353  
https://issues.redhat.com/browse/SAT-21374  
https://issues.redhat.com/browse/SAT-21375  
https://issues.redhat.com/browse/SAT-21395  
https://issues.redhat.com/browse/SAT-21396  
https://issues.redhat.com/browse/SAT-21421  
https://issues.redhat.com/browse/SAT-21463  
https://issues.redhat.com/browse/SAT-21682  
https://issues.redhat.com/browse/SAT-21757  
https://issues.redhat.com/browse/SAT-21920  
https://issues.redhat.com/browse/SAT-21994  
https://issues.redhat.com/browse/SAT-22047  
https://issues.redhat.com/browse/SAT-22048  
https://issues.redhat.com/browse/SAT-22156  
https://issues.redhat.com/browse/SAT-22172  
https://issues.redhat.com/browse/SAT-22358  
https://issues.redhat.com/browse/SAT-22442  
https://issues.redhat.com/browse/SAT-22491  
https://issues.redhat.com/browse/SAT-22554  
https://issues.redhat.com/browse/SAT-22579  
https://issues.redhat.com/browse/SAT-22626  
https://issues.redhat.com/browse/SAT-22849  
https://issues.redhat.com/browse/SAT-22872  
https://issues.redhat.com/browse/SAT-22889  
https://issues.redhat.com/browse/SAT-22900  
https://issues.redhat.com/browse/SAT-23047  
https://issues.redhat.com/browse/SAT-23077  
https://issues.redhat.com/browse/SAT-23093  
https://issues.redhat.com/browse/SAT-23096  
https://issues.redhat.com/browse/SAT-23109  
https://issues.redhat.com/browse/SAT-23124  
https://issues.redhat.com/browse/SAT-23167  
https://issues.redhat.com/browse/SAT-23211  
https://issues.redhat.com/browse/SAT-23228  
https://issues.redhat.com/browse/SAT-23279  
https://issues.redhat.com/browse/SAT-23288  
https://issues.redhat.com/browse/SAT-23302  
https://issues.redhat.com/browse/SAT-23335  
https://issues.redhat.com/browse/SAT-23405  
https://issues.redhat.com/browse/SAT-23407  
https://issues.redhat.com/browse/SAT-23424  
https://issues.redhat.com/browse/SAT-23426  
https://issues.redhat.com/browse/SAT-23487  
https://issues.redhat.com/browse/SAT-23505  
https://issues.redhat.com/browse/SAT-23544  
https://issues.redhat.com/browse/SAT-23573  
https://issues.redhat.com/browse/SAT-23592  
https://issues.redhat.com/browse/SAT-23610  
https://issues.redhat.com/browse/SAT-23752  
https://issues.redhat.com/browse/SAT-23841  
https://issues.redhat.com/browse/SAT-23894  
https://issues.redhat.com/browse/SAT-23943  
https://issues.redhat.com/browse/SAT-23947  
https://issues.redhat.com/browse/SAT-23951  
https://issues.redhat.com/browse/SAT-23954  
https://issues.redhat.com/browse/SAT-23957  
https://issues.redhat.com/browse/SAT-23990  
https://issues.redhat.com/browse/SAT-23992  
https://issues.redhat.com/browse/SAT-24050  
https://issues.redhat.com/browse/SAT-24064  
https://issues.redhat.com/browse/SAT-24073  
https://issues.redhat.com/browse/SAT-24111  
https://issues.redhat.com/browse/SAT-24132  
https://issues.redhat.com/browse/SAT-24197  
https://issues.redhat.com/browse/SAT-24470  
https://issues.redhat.com/browse/SAT-24478  
https://issues.redhat.com/browse/SAT-24479  
https://issues.redhat.com/browse/SAT-24489  
https://issues.redhat.com/browse/SAT-24521  
https://issues.redhat.com/browse/SAT-24526  
https://issues.redhat.com/browse/SAT-24531  
https://issues.redhat.com/browse/SAT-24545  
https://issues.redhat.com/browse/SAT-24548  
https://issues.redhat.com/browse/SAT-24577  
https://issues.redhat.com/browse/SAT-24600  
https://issues.redhat.com/browse/SAT-24769  
https://issues.redhat.com/browse/SAT-24771  
https://issues.redhat.com/browse/SAT-24774  
https://issues.redhat.com/browse/SAT-24779  
https://issues.redhat.com/browse/SAT-24781  
https://issues.redhat.com/browse/SAT-24786  
https://issues.redhat.com/browse/SAT-24787  
https://issues.redhat.com/browse/SAT-24801  
https://issues.redhat.com/browse/SAT-24805  
https://issues.redhat.com/browse/SAT-24837  
https://issues.redhat.com/browse/SAT-24854  
https://issues.redhat.com/browse/SAT-24878  
https://issues.redhat.com/browse/SAT-24884  
https://issues.redhat.com/browse/SAT-24893  
https://issues.redhat.com/browse/SAT-24917  
https://issues.redhat.com/browse/SAT-24918  
https://issues.redhat.com/browse/SAT-24919  
https://issues.redhat.com/browse/SAT-24920  
https://issues.redhat.com/browse/SAT-24932  
https://issues.redhat.com/browse/SAT-24936  
https://issues.redhat.com/browse/SAT-24943  
https://issues.redhat.com/browse/SAT-24988  
https://issues.redhat.com/browse/SAT-25032  
https://issues.redhat.com/browse/SAT-25129  
https://issues.redhat.com/browse/SAT-25152  
https://issues.redhat.com/browse/SAT-25155  
https://issues.redhat.com/browse/SAT-25159  
https://issues.redhat.com/browse/SAT-25160  
https://issues.redhat.com/browse/SAT-25194  
https://issues.redhat.com/browse/SAT-25213  
https://issues.redhat.com/browse/SAT-25217  
https://issues.redhat.com/browse/SAT-25243  
https://issues.redhat.com/browse/SAT-25250  
https://issues.redhat.com/browse/SAT-25328  
https://issues.redhat.com/browse/SAT-25368  
https://issues.redhat.com/browse/SAT-25429  
https://issues.redhat.com/browse/SAT-25437  
https://issues.redhat.com/browse/SAT-25455  
https://issues.redhat.com/browse/SAT-25467  
https://issues.redhat.com/browse/SAT-25503  
https://issues.redhat.com/browse/SAT-25569  
https://issues.redhat.com/browse/SAT-25583  
https://issues.redhat.com/browse/SAT-25655  
https://issues.redhat.com/browse/SAT-25658  
https://issues.redhat.com/browse/SAT-25678  
https://issues.redhat.com/browse/SAT-25713  
https://issues.redhat.com/browse/SAT-25774  
https://issues.redhat.com/browse/SAT-25789  
https://issues.redhat.com/browse/SAT-25795  
https://issues.redhat.com/browse/SAT-25813  
https://issues.redhat.com/browse/SAT-25869  
https://issues.redhat.com/browse/SAT-25936  
https://issues.redhat.com/browse/SAT-25946  
https://issues.redhat.com/browse/SAT-26012  
https://issues.redhat.com/browse/SAT-26031  
https://issues.redhat.com/browse/SAT-26040  
https://issues.redhat.com/browse/SAT-26064  
https://issues.redhat.com/browse/SAT-26078  
https://issues.redhat.com/browse/SAT-26084  
https://issues.redhat.com/browse/SAT-26105  
https://issues.redhat.com/browse/SAT-26202  
https://issues.redhat.com/browse/SAT-26242  
https://issues.redhat.com/browse/SAT-26269  
https://issues.redhat.com/browse/SAT-26397  
https://issues.redhat.com/browse/SAT-26417  
https://issues.redhat.com/browse/SAT-26493  
https://issues.redhat.com/browse/SAT-26563  
https://issues.redhat.com/browse/SAT-26588  
https://issues.redhat.com/browse/SAT-26758  
https://issues.redhat.com/browse/SAT-26762  
https://issues.redhat.com/browse/SAT-26767  
https://issues.redhat.com/browse/SAT-26834  
https://issues.redhat.com/browse/SAT-26835  
https://issues.redhat.com/browse/SAT-26837  
https://issues.redhat.com/browse/SAT-26901  
https://issues.redhat.com/browse/SAT-26967  
https://issues.redhat.com/browse/SAT-27144  
https://issues.redhat.com/browse/SAT-27182  
https://issues.redhat.com/browse/SAT-27211  
https://issues.redhat.com/browse/SAT-27276  
https://issues.redhat.com/browse/SAT-27384  
https://issues.redhat.com/browse/SAT-27401  
https://issues.redhat.com/browse/SAT-27411  
https://issues.redhat.com/browse/SAT-27485  
https://issues.redhat.com/browse/SAT-27506  
https://issues.redhat.com/browse/SAT-27512  
https://issues.redhat.com/browse/SAT-27569  
https://issues.redhat.com/browse/SAT-27593  
https://issues.redhat.com/browse/SAT-27595  
https://issues.redhat.com/browse/SAT-27604  
https://issues.redhat.com/browse/SAT-27622  
https://issues.redhat.com/browse/SAT-27676  
https://issues.redhat.com/browse/SAT-27677  
https://issues.redhat.com/browse/SAT-27702  
https://issues.redhat.com/browse/SAT-27752  
https://issues.redhat.com/browse/SAT-27778  
https://issues.redhat.com/browse/SAT-27779  
https://issues.redhat.com/browse/SAT-27814  
https://issues.redhat.com/browse/SAT-27830  
https://issues.redhat.com/browse/SAT-27834  
https://issues.redhat.com/browse/SAT-27836  
https://issues.redhat.com/browse/SAT-27891  
https://issues.redhat.com/browse/SAT-27900  
https://issues.redhat.com/browse/SAT-27901  
https://issues.redhat.com/browse/SAT-27940  
https://issues.redhat.com/browse/SAT-27943  
https://issues.redhat.com/browse/SAT-27981  
https://issues.redhat.com/browse/SAT-28012  
https://issues.redhat.com/browse/SAT-28046  
https://issues.redhat.com/browse/SAT-28048  
https://issues.redhat.com/browse/SAT-28162  
https://issues.redhat.com/browse/SAT-28269  
https://issues.redhat.com/browse/SAT-28275  
https://issues.redhat.com/browse/SAT-28336  
https://issues.redhat.com/browse/SAT-28361  
https://issues.redhat.com/browse/SAT-28362  
https://issues.redhat.com/browse/SAT-28367  
https://issues.redhat.com/browse/SAT-28394  
https://issues.redhat.com/browse/SAT-28435  
https://issues.redhat.com/browse/SAT-28467  
https://issues.redhat.com/browse/SAT-28667  
https://issues.redhat.com/browse/SAT-7770  
https://issues.redhat.com/browse/SAT-8076

Tag

#auth