An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as **KmsdBot** has led to it being accidentally taken down.

KmsdBot, as christened by the Akamai Security Intelligence Response Team (SIRT), came to light mid-November 2022 for its ability to brute-force systems with weak SSH credentials.

The botnet strikes both Windows and Linux devices spanning a wide range of microarchitectures with the primary goal of deploying mining software and corralling the compromised hosts into a DDoS bot.

Some of the major targets included gaming firms, technology companies, and luxury car manufacturers.

Akamai researcher Larry W. Cashdollar, in a new update, explained how commands sent to the bot to understand its functionality in a controlled environment inadvertently neutralized the malware.

"Interestingly, after one single improperly formatted command, the bot stopped sending commands," Cashdollar said. "It's not every day you come across a botnet that the threat actors themselves crash their own handiwork."

This, in turn, was made possible due to the lack of an error-checking mechanism built into the source code to validate the received commands.

Specifically, an instruction issued without a space between the target website and the port caused the entire Go binary running on the infected machine to crash and stop interacting with its command-and-control server, effectively killing the botnet.

The fact that KmsdBot doesn't have a persistence mechanism also means that the malware operator will have to re-infect the machines again and re-build the infrastructure from scratch.

"This botnet has been going after some very large luxury brands and gaming companies, and yet, with one failed command it cannot continue," Cashdollar concluded. "This is a strong example of the fickle nature of technology and how even the exploiter can be exploited by it."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Researchers 'Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated attacker, possibly using the default admin:tlJwpbo6 credentials, can connect to port 34567 and execute arbitrary operating system commands via a crafted JSON file during an upgrade request. Since at least 2021, Xiongmai has applied patches to prevent attackers from using this mechanism to execute telnetd.

CVE-2022-45045: Xiongmai IoT Exploitation - Blog - VulnCheck

CI Fuzz CLI, the open source fuzzing tool with just three commands, integrates fuzz testing directly into the software development workflow.

The open source security tool CI Fuzz CLI now supports Java, according to Code Intelligence, the company behind the project.

Back in September, Code Intelligence announced CI Fuzz CLI, which lets developers run coverage-guided fuzz tests directly from the command line to find and fix functional bugs and security vulnerabilities at scale. CI Fuzz CLI can be integrated into common build systems such as Maven and Bazel; integrated development environments (IDEs), and continuous integration/continuous delivery (CI/CD) tools such as Jenkins. Initially, the tool supported C, C++, and CMake. The latest update, which includes the Junit integration, allows Java developers to run fuzz tests directly from the IDE.

Fuzz testing – or fuzzing – refers to when the tester throws a lot of data ("fuzz") against an application to see how the application reacts. Because the input data includes random and invalid inputs, developers can uncover issues which could result in memory corruptions, application crashes, and security issues such as denial-of-service and uncaught exceptions.

The latest guidelines for software verification from the National Institute of Standards and Technology includes fuzzing among the minimum standard requirements. Google recently reported more than 40,500 bugs in 650 open source projects have been uncovered through fuzz testing. The company launched OSS-Fuzz in 2016 in response to the Heartbleed vulnerability, a memory buffer overflow flaw that could have been detected by fuzz testing.

While fuzz testing is slowly gaining traction within the open source community, it is not yet widely used by developers outside open source and information security, Code Intelligence says. Part of that is because fuzzing is a specialized skill and many security teams don't have the knowledge and experience to use fuzz testing tools effectively. Code Intelligence says CI Fuzz CLI lowers the barrier to entry for fuzzing because the tool has only three commands. By allowing developers to run the tool from the command line or within the IDE makes fuzzing more accessible, the company says.

The fact that the tool integrates into the developer workflow means it can automatically fuzz the code whenever there is a new pull or merge request, the company says.

“Code Intelligence helps developers ship secure software by providing the necessary integrations to test their code at each pull request, without ever having to leave their favorite environment. It’s like having an automated security expert always by your side,” Thomas Dohmke, CEO of GitHub, said in a statement.

CI Fuzz CLI Brings Fuzz Testing to Java Applications

If unpatched, a host of GPU Display Driver flaws could expose gamers, graphic designers, and others to code execution, denial of service, data tampering, and more.

A new update from Nvidia for its GPU Display Driver includes fixes for a full 29 security vulnerabilities, seven with a base score of more than 7. 

The company's graphics cards are built to accelerate computing processing to support real-time or data-intensive applications. As such, they're known for their use by gamers, graphic designers, and other creative producers, and for artificial intelligence and machine learning. Impacted software products for the update specifically include GeForce, Studio, Nvidia RTX, Quadro, NVS, and Tesla.

The most serious of the bugs are two flaws that exist in the user mode layer for Windows versions, both of which could allow an unauthorized user to execute code, escalate privileges, launch denial-of-service attacks, and achieve data compromise and disclosure, according to the chipmaker:

*   **CVE‑2022‑34669** (CVSS score of 8.8): An unprivileged regular user can access or modify system files or other files that are critical to the application.
*   **CVE‑2022‑34671** (CVSS score of 8.7): An unprivileged regular user can cause an out-of-bounds write.

The display driver for Linux also received a number of updates in this latest security update. 

"Earlier software branch releases that support these products may also be affected," the Nvidia security update said. "If you are using an earlier branch release for which an update version is not listed above, upgrade to the latest branch release." 

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Nvidia GPU Driver Bugs Threaten Device Takeover & More

Intel Data Center Manager versions 4.1.1.45749 and below suffer from an authentication bypass vulnerability via spoofing.

RCE Security Advisory  
https://www.rcesecurity.com

1. ADVISORY INFORMATION  
=======================  
Product:        Intel Data Center Manager  
Vendor URL:     https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html  
Type:           Authentication Bypass by Spoofing [CWE-290]  
Date found:     2022-06-01  
Date published: 2022-11-23  
CVSSv3 Score:   10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)  
CVE:            CVE-2022-33942

2. CREDITS  
==========  
This vulnerability was discovered and researched by Julien Ahrens from  
RCE Security.

3. VERSIONS AFFECTED  
====================  
Intel Data Center Manager 4.1.1.45749 and below

4. INTRODUCTION  
===============  
Energy costs are the fastest rising expense for today’s data centers. Intel® Data  
Center Manager (Intel® DCM) provides real-time power and thermal consumption data,  
giving you the clarity you need to lower power usage, increase rack density, and  
prolong operation during outages.

(from the vendor's homepage)

5. VULNERABILITY DETAILS  
========================  
The application allows configuring authentication via Active Directory groups. While  
this by itself isn't an issue, it becomes one as soon as an Active Directory group  
with a well-known SID (such as "S-1-5-32-544" or "S-1-5-32-546") is configured to  
allow authentication to DCM. This is because Intel's DCM only relies on the group's  
SID to allow authentication but doesn't verify the authenticating domain, which the  
user can give during the authentication process against the DCM Console and its REST  
interface.

Since the DCM will send all Kerberos and LDAP (authentication) requests against the  
given domain, it is trivially easy to spoof the authentication responses by using an  
arbitrary Kerberos and LDAP server and replying with the SID of one of the configured  
Active Directory groups.

This allows an attacker to bypass the authentication schema by using any domain  
with any user/password combination without actually being part of any Active Directory  
groups.

6. PROOF OF CONCEPT  
===================  
See the referenced blog post for a full exploit.

7. SOLUTION  
===========  
Update to Intel DCM 5.0 or later

8. REPORT TIMELINE  
==================  
2022-06-01: Discovery of the vulnerability  
2022-06-28: Sent notification to Intel via their PSIRT  
2022-06-28: Vendor response: Sent to appropriate reviewers.  
2022-06-29: Vendor acknowledges the vulnerability and asks for coordinated disclosure on Nov. 8, 2022  
2022-06-30: Rejected the disclosure date, due to my own policy, which makes it: August 13, 2022  
2022-07-08: After a vendor call, I've submitted the issue through Intel's bug bounty program  
2022-xx-xx: Vendor releases version 5.0 without any notification which fixes this vulnerability  
2022-11-08: Vendor (responsible CNA) assigns CVE-2022-33942  
2022-11-08: Vendor publishes security advisory INTEL-SA-00713  
2022-11-23: Public disclosure

9. REFERENCES  
=============  
https://www.rcesecurity.com/2022/11/from-zero-to-hero-part-1-bypassing-intel-dcms-authentication-by-spoofing-kerberos-and-ldap-responses-cve-2022-33942  
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html  
https://github.com/MrTuxracer/advisories

Intel Data Center Manager 4.1.1.45749 Authentication Bypass / Spoofing

Ubuntu Security Notice 5728-3 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-5728-3  
November 29, 2022

linux-gcp-5.4 vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:  
- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems

Details:

Jann Horn discovered that the Linux kernel did not properly track memory  
allocations for anonymous VMA mappings in some situations, leading to  
potential data structure reuse. A local attacker could use this to cause a  
denial of service (system crash) or possibly execute arbitrary code.  
(CVE-2022-42703)

It was discovered that a race condition existed in the memory address space  
accounting implementation in the Linux kernel, leading to a use-after-free  
vulnerability. A local attacker could use this to cause a denial of service  
(system crash) or possibly execute arbitrary code. (CVE-2022-41222)

It was discovered that a race condition existed in the instruction emulator  
of the Linux kernel on Arm 64-bit systems. A local attacker could use this  
to cause a denial of service (system crash). (CVE-2022-20422)

It was discovered that the KVM implementation in the Linux kernel did not  
properly handle virtual CPUs without APICs in certain situations. A local  
attacker could possibly use this to cause a denial of service (host system  
crash). (CVE-2022-2153)

Hao Sun and Jiacheng Xu discovered that the NILFS file system  
implementation in the Linux kernel contained a use-after-free  
vulnerability. A local attacker could use this to cause a denial of service  
(system crash) or possibly execute arbitrary code. (CVE-2022-2978)

Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64  
processors, the Linux kernel's protections against speculative branch  
target injection attacks were insufficient in some circumstances. A local  
attacker could possibly use this to expose sensitive information.  
(CVE-2022-29901)

Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in  
the Linux kernel. A local attacker could use this to cause a denial of  
service (system crash) or possibly expose sensitive information (kernel  
memory). (CVE-2022-3028)

It was discovered that the Netlink device interface implementation in the  
Linux kernel did not properly handle certain error conditions, leading to a  
use-after-free vulnerability with some network device drivers. A local  
attacker with admin access to the network device could use this to cause a  
denial of service (system crash) or possibly execute arbitrary code.  
(CVE-2022-3625)

It was discovered that the IDT 77252 ATM PCI device driver in the Linux  
kernel did not properly remove any pending timers during device exit,  
resulting in a use-after-free vulnerability. A local attacker could  
possibly use this to cause a denial of service (system crash) or execute  
arbitrary code. (CVE-2022-3635)

Jann Horn discovered a race condition existed in the Linux kernel when  
unmapping VMAs in certain situations, resulting in possible use-after-free  
vulnerabilities. A local attacker could possibly use this to cause a denial  
of service (system crash) or execute arbitrary code. (CVE-2022-39188)

Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX  
storage controller driver in the Linux kernel did not properly handle  
certain structures. A local attacker could potentially use this to expose  
sensitive information (kernel memory). (CVE-2022-40768)

Sönke Huster discovered that a use-after-free vulnerability existed in the  
WiFi driver stack in the Linux kernel. A physically proximate attacker  
could use this to cause a denial of service (system crash) or possibly  
execute arbitrary code. (CVE-2022-42719)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 18.04 LTS:  
   linux-image-5.4.0-1093-gcp      5.4.0-1093.102~18.04.1  
   linux-image-gcp                 5.4.0.1093.71

After a standard system update you need to reboot your computer to make  
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have  
been given a new version number, which requires you to recompile and  
reinstall all third party kernel modules you might have installed.  
Unless you manually uninstalled the standard kernel metapackages  
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,  
linux-powerpc), a standard system upgrade will automatically perform  
this as well.

References:  
   https://ubuntu.com/security/notices/USN-5728-3  
   https://ubuntu.com/security/notices/USN-5728-1  
   CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-29901,  
   CVE-2022-3028, CVE-2022-3625, CVE-2022-3635, CVE-2022-39188,  
   CVE-2022-40768, CVE-2022-41222, CVE-2022-42703, CVE-2022-42719

Package Information:  
   https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1093.102~18.04.1

Ubuntu Security Notice USN-5728-3

Red Hat Security Advisory 2022-8685-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a memory leak vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update  
Advisory ID:       RHSA-2022:8685-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8685  
Issue date:        2022-11-29  
CVE Names:         CVE-2022-1158   
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.4  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder EUS (v. 8.4) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux BaseOS EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux  
operating system.

Security Fix(es):

* KVM: cmpxchg_gpte can write to pfns outside the userspace region  
(CVE-2022-1158)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* E810-XXV - Multicast packets are not received by all VFs on the same port  
even though they have the same VLAN (BZ#2117027)

* kernel BUG at kernel/sched/deadline.c:1561! [rhel-8.4.0] (BZ#2125673)

* zfcp: fix missing auto port scan and thus missing target ports  
(BZ#2127851)

* memory leak in vxlan_xmit_one (BZ#2131256)

* nf_conntrack causing nfs to stall (BZ#2134090)

* s390x: bpftrace Could not read symbols from  
/sys/kernel/debug/tracing/available_filter_functions: No such device  
(BZ#2134809)

* Intel E810 PTP clock glitching (BZ#2136038)

* configure link-down-on-close on and change interface mtu to 9000,the  
interface can't up (BZ#2136218)

* dump additional CSRs for Tx hang debugging (BZ#2136515)

* system panic during sriov sriov_test_cntvf_reboot testing (BZ#2137272)

* arp replies not making it to switch (BZ#2137521)

* WARNING: CPU: 0 PID: 9637 at kernel/time/hrtimer.c:1309  
hrtimer_start_range_ns+0x35d/0x400 (BZ#2138956)

* Cannot trigger kernel dump using NMI on SNO node running PAO and RT  
kernel (BZ#2139582)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2069793 - CVE-2022-1158 kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.8.4):

Source:  
kernel-4.18.0-305.71.1.el8_4.src.rpm

aarch64:  
bpftool-4.18.0-305.71.1.el8_4.aarch64.rpm  
bpftool-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-core-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-cross-headers-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debug-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debug-core-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debug-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debug-devel-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debug-modules-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debug-modules-extra-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debuginfo-common-aarch64-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-devel-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-headers-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-modules-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-modules-extra-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-tools-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-tools-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-tools-libs-4.18.0-305.71.1.el8_4.aarch64.rpm  
perf-4.18.0-305.71.1.el8_4.aarch64.rpm  
perf-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm  
python3-perf-4.18.0-305.71.1.el8_4.aarch64.rpm  
python3-perf-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm

noarch:  
kernel-abi-stablelists-4.18.0-305.71.1.el8_4.noarch.rpm  
kernel-doc-4.18.0-305.71.1.el8_4.noarch.rpm

ppc64le:  
bpftool-4.18.0-305.71.1.el8_4.ppc64le.rpm  
bpftool-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-core-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-cross-headers-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debug-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debug-core-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debug-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debug-devel-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debug-modules-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debug-modules-extra-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-devel-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-headers-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-modules-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-modules-extra-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-tools-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-tools-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-tools-libs-4.18.0-305.71.1.el8_4.ppc64le.rpm  
perf-4.18.0-305.71.1.el8_4.ppc64le.rpm  
perf-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm  
python3-perf-4.18.0-305.71.1.el8_4.ppc64le.rpm  
python3-perf-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm

s390x:  
bpftool-4.18.0-305.71.1.el8_4.s390x.rpm  
bpftool-debuginfo-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-core-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-cross-headers-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-debug-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-debug-core-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-debug-debuginfo-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-debug-devel-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-debug-modules-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-debug-modules-extra-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-debuginfo-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-debuginfo-common-s390x-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-devel-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-headers-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-modules-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-modules-extra-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-tools-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-tools-debuginfo-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-zfcpdump-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-zfcpdump-core-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-zfcpdump-debuginfo-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-zfcpdump-devel-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-zfcpdump-modules-4.18.0-305.71.1.el8_4.s390x.rpm  
kernel-zfcpdump-modules-extra-4.18.0-305.71.1.el8_4.s390x.rpm  
perf-4.18.0-305.71.1.el8_4.s390x.rpm  
perf-debuginfo-4.18.0-305.71.1.el8_4.s390x.rpm  
python3-perf-4.18.0-305.71.1.el8_4.s390x.rpm  
python3-perf-debuginfo-4.18.0-305.71.1.el8_4.s390x.rpm

x86_64:  
bpftool-4.18.0-305.71.1.el8_4.x86_64.rpm  
bpftool-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-core-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-cross-headers-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debug-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debug-core-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debug-devel-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debug-modules-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debug-modules-extra-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-devel-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-headers-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-modules-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-modules-extra-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-tools-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-tools-libs-4.18.0-305.71.1.el8_4.x86_64.rpm  
perf-4.18.0-305.71.1.el8_4.x86_64.rpm  
perf-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm  
python3-perf-4.18.0-305.71.1.el8_4.x86_64.rpm  
python3-perf-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm

Red Hat CodeReady Linux Builder EUS (v. 8.4):

aarch64:  
bpftool-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debug-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-debuginfo-common-aarch64-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-tools-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm  
kernel-tools-libs-devel-4.18.0-305.71.1.el8_4.aarch64.rpm  
perf-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm  
python3-perf-debuginfo-4.18.0-305.71.1.el8_4.aarch64.rpm

ppc64le:  
bpftool-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debug-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-tools-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm  
kernel-tools-libs-devel-4.18.0-305.71.1.el8_4.ppc64le.rpm  
perf-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm  
python3-perf-debuginfo-4.18.0-305.71.1.el8_4.ppc64le.rpm

x86_64:  
bpftool-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm  
kernel-tools-libs-devel-4.18.0-305.71.1.el8_4.x86_64.rpm  
perf-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm  
python3-perf-debuginfo-4.18.0-305.71.1.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1158  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY4ZVptzjgjWX9erEAQiCGg/+IF7xgD9A/HMCrjo/vs9vQpxHxIJ0ZZxo  
ee6o48mcxHWA+E93bIswJMHckqGXfSeVi2crv6EiN2Cs26I4refmKPVsPbTKCH+0  
8M+aVuXaJlSUIIfhMEH9TjDonAVE+KiVOkOXf8Oc0gYqYDEXt7mnoZQYrdjU0fz5  
t7uskFWgcxYqa+eIcQwtKJzILokcypmV6SfFILGMFXdJgluSFb/eLG4dt6sLjJFk  
b0d52IX+yQP8YcApnvXvwLtZXqrErWBWC3Rueygven/DVlG5b74bVffgjh2z6dJR  
U0ijVBL+qZBdYhFxDAkHB8fRIl7A0BBvfVnuT3piDLFXx8ypuqW+r9bGTqmuDc7O  
WRqft3Z/hvi1oSpDGDIcSKSbH/9VCqGdRveWa30U5AJtF2LJoQuL5ePjlu9f0dNg  
u/2YB+bgcdtx23U0lBaWbPwTFkmV5VtZYSRwszMrTupGeP17LrMhGI0Y1A4TCNHt  
QaK8EUyqNndmK44hJwuqAtWSeplnhVxz5GVphrqslvUNeSkR3M37OMLlObu5Qqa0  
pBkS/TubfVH2dfk4pKAqfVY27hbO97YeMyIQ++NfdKcyOiTdBxX1g6yN7uun9nKW  
yDIaVo5oGgBQU+q6nQyRQtM/d6NFpZmm0gH0O7beGhdIKnmthzbtuQ7yzaWPtIVQ  
Jbq89idXCcg=  
=lmf0  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-8685-01

By Habiba Rashid
Meet XRAI Glass, an AI-powered augmented reality smart glasses that gives deaf people the power to see conversations.
This is a post from HackRead.com Read the original post: AI-Powered Smart Glasses Give Deaf People the Power of Speech

In a recent example of innovative technology making a positive difference, there is now new **artificial intelligence (AI)** powered smart glasses that allow deaf people to listen in on real-time conversations by reading subtitles. 

Branded XRAI Glass has developed these glasses using ordinary **augmented reality (AR)** glasses synchronized to a smartphone app with AI-powered software. This latest technology also has the feature to rewind the chat and acts as a personal assistant that remembers what the person might have forgotten. 

Image credit: XRAI Glass

Not only this, but the live captioning app can also translate over nine languages and there are soon more to come in the next few months. The translation takes place near-real time, allowing the wearer to keep up with the conversation. 

**XRAI Glass** co-founder and chief marketing officer Mitchell Feldman referred to it as “Alexa in front of your eyes” which is quite a fitting analogy. 

The idea for this product was inspired by co-founder Dan Scarfe’s 97-year-old grandfather who experienced hearing loss and found it increasingly difficult to participate in family gatherings. 

​​“Where his grandfather came to life the most was watching television and using subtitles,” Feldman said.

He added, “If he enjoys captioning, why can’t we caption his life? And that was the genesis of how this product started.”

1.  **AI-based Model to Predict Extreme Wildfire Danger**
2.  **This AI Can Generate Unique and Free Bored Ape NFTs**
3.  **IRpair & Phantom; powerful anti-facial recognition glasses**
4.  **Anti-facial recognition glasses protect privacy from CCTV cams**
5.  **Apple Glass may feature 3D Audio and Self-Cleaning in new patent**

The standard live captioning app is currently free to download with the assistant on fourteen android smartphone models however, it is not yet compatible with the iPhone. A free version of the app is expected to soon be made available on Apple smartphones, but users will have to pay for premium features themselves. The translation services have to be paid via subscription while the glasses separately cost $484. 

Aside from this, there are some other improvements that are required before the glasses can be fully incorporated into daily life. For example, understanding group conversations can be a struggle with people speaking over each other. Moreover, a fairly quiet environment is a prerequisite for interpreting speech accurately. 

As this exciting innovation advances, we look forward to seeing it enable engagement and participation for those with hearing loss. 

I’m a student and cybersecurity writer. On a random Sunday, I am likely to be figuring out life and reading Kafka.

AI-Powered Smart Glasses Give Deaf People the Power of Speech

Signal messaging app zero-day vulnerabilities have sparked a $1.5M bidding match, as gray-market exploit brokers flourish in today's geopolitical climate.

Gray-market exploit brokers are alive and kicking, with the latest sign of this flourishing market coming in the form of a bidding war for Signal messaging app zero-days from a relatively new entrant. 

Russia-based OpZero went on the record recently with a $1.5 million offer for Signal remote code execution (RCE) exploits, more than tripling the relatively stable high-water mark for that app offered by American firm Zerodium.

Cybersecurity experts say that this particular bidding war indicates the Russian government's desperation to gain surveillance capabilities over Ukrainians utilizing Signal to communicate. But the price movement on this front also offers a microcosmic look into the broader reliance of gray-market customers (most typically governments) on intermediary brokers.

**The Shadowy "Gray Hat" World of Cybersecurity Exploit Brokers

These brokers are sometimes independent dealers, other times thinly cloaked fronts for nation-state intelligence agencies, who buy from security researchers interested in cashing in on their exploit work. 

The market works on an "ask me no questions, and I'll tell you no lies" basis, researchers say. Brokers have no scruples in working with both white- and black-hat security experts — and exploit developers don't ask how or by whom their exploits will be used. The arrangements put this market in a swampy middle ground between the vendor-oriented, highly structured vulnerability bug-bounty market and the chaotic and overtly criminal dealings of the Dark Web, dominated by black hats.

"Exploit brokers function as market makers by contracting with suppliers (security researchers) managing an inventory of exploits, and selling to buyers (actors who deploy offensive cyber-operations)," according to a recent paper on the gray-market exploit world presented at the 21st Workshop on the Economics of Information Security (WEIS’22) in Tulsa, Okla., earlier this year. 

"In doing so, brokers can more efficiently manage transaction costs relative to suppliers and buyers directly contracting with each other. Additionally brokers provide a layer of insulation against reputation and legal fallout," the paper explained, adding that the price of exploits has grown by 1,240% over the last six years in the gray market.

****War in Ukraine Sparks Signal Exploit Bidding War**

Perhaps one of the most public and prolific players in the market is Zerodium, an American firm with an obscured customer list of "government institutions mainly from Europe and North America," according to the company's FAQ. 

The firm offers as much as $2 million for iOS flaws and presents many public offers for exploits in a range of operating systems and applications. The company has had a standing offer since 2017 of "up to" $500,000 for exploits of Signal and other social messaging apps, including Facebook Messenger, WhatsApp, and Telegram.

The entrance of OpZero into this mix with an offer of three times that amount, which has experts such as security researcher The Grugq postulating that the company is a stand-in for Russian intelligence services that are "desperate" for Android and Signal exploits.

"Android has an almost 80% market share in Ukraine, and Signal has over 2 million daily active users," The Grugq recently wrote. "Android phones with Signal are robust security platforms. They’re not military equipment, but they’re perfectly capable of providing protection against a wide range of security threats. Including nation state level threat actors. Russia appears to be lacking an Android or Signal capability."

New Exploit Broker on the Scene Pays Premium for Signal App Zero-Days

New investment will accelerate growth and expansion of SaaS identity-hygiene platform.

**NEWARK, N.J., Nov. 30, 2022 /PRNewswire****/** — SPHERE Technology Solutions (SPHERE), a leader in identity hygiene, announced today a $31 million Series B investment led by Edison Partners, a Princeton-based leading growth equity firm, with participation from existing investor Forgepoint Capital. As part of the transaction, Edison General Partner Lenard Marcus will join SPHERE's board of directors.

As cyberattacks escalate in number and severity, Identity Hygiene has become foundational to enterprise security, digital transformation, and mandatory compliance. The increasing needs around ensuring identities have access to only the required resources has been in direct response to the rise in ransomware attacks and bad actors who take advantage of wide open and mismanaged access.

SPHERE immediately shrinks the attack surface of these threats through an automated platform that provides visibility and remediation of identity hygiene risks along with tech-enabled managed services, delivering expertise to accelerate these crucial programs. SPHERE's current customers are some of the largest and most highly regulated organizations globally, ranging from financial institutions to healthcare providers and more. With this investment, SPHERE will expand its SaaS offering, channel ecosystem and alliances, and sales and marketing to accelerate growth.

"As a company founded and operated by a team of security practitioners, we developed a mission-critical solution well before the market even deemed it mission-critical," said Rita Gurevich, founder and CEO of SPHERE. "We've experienced the problems that our customers encounter firsthand, and understand the time, dedication, and resources it takes to solve the complex issues they face every day. We're thrilled to have the support of Edison Partners and Forgepoint Capital for our next chapter of growth."

For over 13 years, SPHERE has enabled IT and Security teams to adopt a Zero Trust model by finding and fixing any type of identity access issue across any resource — in a fraction of the time these complex capabilities would take manually. The platform SPHEREboard provides an end-to-end workflow for end-user and privileged account controls, across cloud and on-premises systems and infrastructure, remediates open, excessive and inappropriate access, and provides an evergreen path for sustainability.

"Identity management, and more broadly information security, starts with the ability to ensure that the only parties with access to sensitive or operational data are those identified by management," said Marcus. "SPHERE's platform enables enterprises to improve their identity hygiene and maintain compliance. Its managed services offerings enable it to service the mid-market and large enterprises, where the problem is pervasive. Edison Partners is also proud to support female trailblazers like Rita Gurevich, who are closing the gender diversity gap in a historically male-dominated industry."

SPHERE continues to build significant traction and earn industry accolades that recognize the company's growth, leadership and commitment to diversity, a source of passion for Gurevich ever since she began building the company from the ground up. SPHERE was honored as a Gold Winner in the 2022 Globee Cyber Security Excellence Awards, named a finalist in the annual SINET 16 Awards, and selected by the Timmy Awards for Best Tech Workplace for Diversity in New York. A proven leader and innovator in cybersecurity, Gurevich was named by _SC Magazine_ as a top "Women to Watch" in 2022. She was also selected as the only female finalist for the _SC Awards_ "Security Executive of the Year."

"Our focus is to invest in the most innovative cybersecurity companies and SPHERE's combination of automation and expertise is unmatched in the industry," said Forgepoint Capital Managing Director Don Dixon. "Major corporations including many of the world's leading financial institutions rely on Sphere for its ability to effectively address two critical use cases – Zero trust initiatives and regulatory requirements for identity entitlements. We're excited to continue our partnership and to welcome Lenard and Edison to the board of directors."

**About SPHERE**

SPHERE is an award-winning, woman-owned cybersecurity business focusing on improving security and enhancing compliance. SPHERE's identity hygiene solution puts the controls in place to secure an enterprise's most sensitive data, create the right governance processes for systems and assets, and ensure organizations are compliant with the regulations surrounding their respective industries. For more information, please visit www.SPHEREco.com.

**About Edison Partners**

Edison Partners is a leading growth equity firm providing the financial and intellectual capital that CEOs and their executive teams need to grow and scale their companies. The firm's team brings more than 275 years of combined investing, operating and sector experience to each investment, accessible via the Edison Edge value creation platform, which is tailored to each business' strategy, stage and operating needs. Edison targets high-growth financial technology, healthcare IT and vertical SaaS and marketplace companies located outside Silicon Valley with $10 million to $30 million in revenue. Investments also include buyouts, recapitalizations, spinouts, and secondary stock purchases. Edison's active portfolio has created aggregated market value exceeding $10 billion. Edison Partners manages $1.6 billion in assets. For more information on Edison Partners, please visit edisonpartners.com and follow on LinkedIn.

**About Forgepoint Capital**

Forgepoint Capital is a leading cybersecurity venture capital firm that invests in transformative companies protecting the digital future. As the most active sector-focused firm in cybersecurity and infrastructure software, Forgepoint has the largest dedicated investment team and portfolio of over 40 companies. The firm brings over 100 years of proven company-building experience and its Advisory Council of more than 80 industry leaders to support entrepreneurs advancing innovation globally. Founded in 2015, Forgepoint is proud to partner with category-defining companies such as 1Kosmos, Area 1 Security (Cloudflare), Attivo Networks (SentinelOne), BehavioSec (RELX), Bishop Fox, Cysiv (Forescout), Huntress, IDX (ZFOX), Noname Security, NowSecure, ReversingLabs, SPHERE, Uptycs and more as they achieve their market potential. Learn more at forgepointcap.com or follow Forgepoint on LinkedIn.

SOURCE: SPHERE

Tag

#intel