#ssl

An update for gnutls and nettle is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2509: gnutls: Double free during gnutls_pkcs7_verify

An update for rh-ruby27-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-41816: ruby: buffer overflow in CGI.escape_html * CVE-2021-41817: ruby: Regular expression denial of service vulnerability of Date parsing methods * CVE-2021-41819: ruby: Cookie prefix spoofing in CGI::Cookie.parse * CVE-2022-28739: Ruby: Buffer overrun in String-to-Float conversion

When analyzing the external data storage Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that the device will not lock and require reformatting after 20 failed passcode attempts, as described in the product description and the corresponding user manual.

When analyzing the external data storage Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that the validation of the firmware for the USB-to-SATA bridge controller INIC-3637EN only consists of a simple CRC-16 check (XMODEM CRC-16).

When analyzing the external storage device Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that the firmware of the USB-to-SATA bridge controller INIC-3637EN uses AES-256 with the ECB (Electronic Codebook) mode.

When analyzing the external storage device Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that it uses an insecure design which allows for offline brute-force attacks against the passcode.

Web Based Student Clearance version 1.0 suffers from a remote shell upload vulnerability.

Slack Morphism is a modern client library for Slack Web/Events API/Socket Mode and Block Kit. Debug logs expose sensitive URLs for Slack webhooks that contain private information. The problem is fixed in version 1.3.2 which redacts sensitive URLs for webhooks. As a workaround, people who use Slack webhooks may disable or filter debug logs.

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 30 and Oct. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats. As a reminder, the information provided for the following threats in this post is non-exhaustive and current as of the date of publication. Additionally, please keep in mind that IOC searching is only one part of threat hunting. Spotting a single IOC does not necessarily indicate maliciousness. Detection and coverage for the following threats is subject to updates, pending additional threat or vulnerability analysis. For the most current information, please refer to your Firepower Management Center, Snort.org, or ClamAV.net. For each threat described below, this blog post only lists 2...

Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 30 and Oct. 7.