Original release date: January 23, 2020 Citrix has released security updates to address the CVE-2019-19781 vulnerability in Citrix SD-WAN WANOP. An attacker could exploit this vulnerability to take control of an affected system. Citrix has also released an Indicators of Compromise Scanner that aims to identify evidence of successful exploitation of CVE-2019-19781. The Cybersecurity and
The Feds have warned on six vulnerabilities in GE medical equipment that could affect patient monitor alarms and more.
The malicious email campaign included a never-before-seen malware downloader called Carrotball, and may be linked to the Konni Group APT.
The malware uses thousands of partner websites to spread malvertising code.
clamav vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary ClamAV could be made to crash if it opened a specially crafted file. Software Description clamav – Anti-virus utility for Unix Details USN-4230-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for
gnutls28 update A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary USN-4233-1 marked SHA1 as untrusted in GnuTLS with no workaround. Software Description gnutls28 – GNU TLS library Details USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using
Our malware analyst Liam Smith recently found malware on a client’s site that targets ecommerce sites powered by AmeriCommerce software. A popular ecommerce software solution that allows users to run multiple carts with a single admin user, AmeriCommerce product pages typically include an HTML form with the information about the item and an Add to
The critical flaw exists in Cisco’s administrative management tool, used with network security solutions like firewalls.
python-apt vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary Several security issues were fixed in python-apt. Software Description python-apt – Python interface to libapt-pkg Details USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04
e2fsprogs vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary e2fsprogs could be made to execute arbitrary code if it was running in a crafted ext4 partition. Software Description e2fsprogs – ext2/ext3/ext4 file system utilities