NCAS Weekly Vulnerability Summary

Topic

New Reply

U.S. Department of Homeland Security US-CERT
National Cyber Awareness System:

SB17-079: Vulnerability Summary for the Week of March 13, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-079

03/20/2017 09:37 AM EDT

Original release date: March 20, 2017

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0

Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9

Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

………

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

Reply | Quote

Replies

SB17-086: Vulnerability Summary for the Week of March 20, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-086

Original release date: March 27, 2017

This week’s vulnerability lists include:
Linux
Ubuntu
Raspberry Pi
BitDefender 12
TrendMicro 11
Cisco Webex
Huawai DSM
(and many more)

Reply | Quote

SB17-093:  Vulnerability Summary for the Week of March 27, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-093

Original release date: April 03, 2017

This week’s vulnerability lists include:

• Adobe Acrobat Reader
  Apple iOS pre-10.3
  Apple MacOS pre-10.12.4
  Samsung Galaxy
  Linux
  Debian Linux
  Ubuntu Linux
  Gitlab
  Php to 7.1.3
  Netflix Security Monkey
  Moodle
  (and many more)

Reply | Quote

SB17-100: Vulnerability Summary for the Week of April 3, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-100

Original release date: April 10, 2017

This week’s vulnerability lists include:

• Adobe Acrobat Reader
  Apple iOS pre-10.3
  Apple MacOS X pre-10.12.4
  Apple iCloud pre-6.2
  Apple iTunes pre-12.6
  Apple tvOS pre-10.2
  Safari
  Linux
  Google Android
  Huawai
  Cisco
  D-Link
  McAfee Anti-Malware AVE
  TreendMicro Interscan Web Security
  Dropbox
  FoxIt PDF Toolkit
  (and many more)

Reply | Quote

(and many more)

Google Android 58 unique line items.

10 Critical
33 High
15 Moderate

google — android
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32658595. References: QC-CR#1103099. 2017-04-07 not yet calculated CVE-2017-0575
CONFIRM (link is external)
google — android
An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot and power management processor. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.18. Android ID:A-34115304. References: N-CVE-2017-0329. 2017-04-05 not yet calculated CVE-2017-0329
BID (link is external)
CONFIRM (link is external)
…

To read more, see the link above.

Reply | Quote

This is something to be concerned about. Even if Google is able to fix “critical” issues, how will it trickle down to the manufacture’s firmware of all devices way back to KitKat?
Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1.

Google Android 58 unique line items.

10 Critical
33 High
15 Moderate

A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34031018.

Reply | Quote

SB17-107: Vulnerability Summary for the Week of April 10, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-107

Original release date: April 17, 2017

This week’s vulnerability lists include:
Adobe Acrobat Reader
Adobe Flash Player v. 25.0.0.127
Amazon Fire OS
Apple MacOS X (10.6-10.6.3)
Blackberry
Brother MFC/DRP/HL/ADS Devices
Cisco
Google Android, Google Chrome
Huawai
LibreOffice
Linux, Debian, Ubuntu
Microsoft Windows, Office, Edge, IE, .net Framework
Samsung Galaxy
Symantec

(and many, many more)

1 user thanked author for this post.

Elly

Reply | Quote

SB17-114: Vulnerability Summary for the Week of April 17, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-114

Original release date: April 24, 2017

 
This week’s vulnerability lists include:

Apple iOS pre 9.3.2
Apple OS X pre 10.11.5
Apple tvOS pre 9.2.1
C / C++
Cisco
D-Link Wireless Range Extenders
Google Android
LibreOffice
Linux
Moodle
Netgear
Opera
PHP
Symantec

(and many, many more)

Reply | Quote

SB17-121: Vulnerability Summary for the Week of April 24, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-121

Original release date: May 01, 2017

 
This week’s vulnerability lists include:

Apple Quicktime
Apple Safari
Avast
D-Link DCS Cameras
D-Link Firmware
Google Android
Google Chrome
Hyundai Blue Link
Linux
Netgear Firmware
NVidia Video Driver for Android
Oracle
TP-Link Firmware
Trend Micro
7-Zip32

(and many, many more)

Reply | Quote

SB17-128: Vulnerability Summary for the Week of May 1, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-128

Original release date: May 08, 2017

 
Only 3 listed as High Vulnerability, and none of the “usual suspects” above listed in known vulnerabilities, this week.

This week’s “Severity Not Yet Assigned” vulnerability list includes:

FOREX.com FOREXTrader for iPhone
Foxit PDF/Reader
Iodata Webcam Firmware
LibreOffice
Linux
OpenSSL
Panda Security
PayQuicker iOS App
QuickHeal Internet Security
Sandisk Memory Card (SDHC/SDXC)
Trend Micro OfficeScan

(and many more)

1 user thanked author for this post.

MrBrian

Reply | Quote

SB17-135: Vulnerability Summary for the Week of May 8, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-135

Original release date: May 15, 2017

 
Only a few quantified vulnerabilities again this week.

This week’s “Severity Not Yet Assigned” vulnerability list includes:

Adobe Flash Player
Google Android
Linux Kernel
MS Edge
MS Explorer
MS Office
Panda Mobile Security
Qualcomm
others already discussed elsewhere on askwoody.com

(and many more)

Reply | Quote

SB17-142: Vulnerability Summary for the Week of May 15, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-142

Original release date: May 22, 2017

 
Google Android and Linux Kernel both have long lists of high- and medium-grade vulnerabilities.

Severity Not Yet Assigned vulnerability list includes:

Cisco
Google Android
iOS apps
Linux Kernel
Microsoft browsers
Microsoft Office
Microsoft SMBv1
Microsoft Windows

and many more.

1 user thanked author for this post.

MrBrian

Reply | Quote

SB17-149 – Vulnerability Summary for the Week of May 22, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-149

Original release date: May 29, 2017 | Last revised: May 30, 2017

 
This week’s vulnerability lists include:

Apple iOS, MacOS, tvOS, watchOS, Safari
Linux Kernel
7-Zip
BMW 330i Bluetooth Stack
Cisco
Evernote
Google Chrome
Huawai
Lenovo
Microsoft Malware Protection Engine
Pegasus Mail
TrendMicro ServerProtect
VLC

and many, many more

Reply | Quote

SB17-156: Vulnerability Summary for the Week of May 29, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-156

Original release date: June 05, 2017

 
Only 11 entries in the assigned vulnerabilities lists this week, with no High vulnerabilities. Linux Kernel is mentioned as a Medium vulnerability.

On the Unassigned list:
Microsoft Malware Protection Engine
VLC Media Player
VMware

and several more

Reply | Quote

SB17-163: Vulnerability Summary for the Week of June 5, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-163

Original release date: June 12, 2017

 
This week’s vulnerability lists include:

Google Android
AdBlock
AMD fglrx-driver
Apple Mac Sleipnir 4
ARM Trusted Firmware
Cisco
Huawai
I-O Data
Lenovo
Windows 7, Vista
Samsung S6 Mobile
Ubuntu – Debian
VMWare

and many, many more

Reply | Quote

SB17-170: Vulnerability Summary for the Week of June 12, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-170

Original release date: June 19, 2017

 
This week’s vulnerability lists include:

Google Android
Linux Kernel
Cisco
D-Link Wireless N300 Router
Various iOS Banking Apps
Microsoft Office, Skype, Windows etc.

and many, many more

Reply | Quote

SB17-177: Vulnerability Summary for the Week of June 19, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-177

Original release date: June 26, 2017

 
This week’s vulnerability lists include:

Adobe Digital Editions
Adobe Flash Player
Adobe ShockWave
Linux Kernel
Microsoft Windows (XP to SP3, & Server 2003 to SP2)

and many more

Reply | Quote

SB17-184: Vulnerability Summary for the Week of June 26, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-184

Original release date: July 03, 2017

 
This week’s vulnerability lists include:

Linux Kernel
Microsoft Internet Explorer (6-11)
OpenVPN
Adobe “Multiple Products”, incl. Flash Player, AIR
Cisco
Huawai
Lenovo
Microsoft “Multiple Products”, incl. Skype, WinOS, MMPE, Azure
Samsung Galaxy S6
Symantec
TP-Link
VLC Media Player

and many more

Reply | Quote

SB17-191: Vulnerability Summary for the Week of July 3, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-191

Original release date: July 10, 2017

 
This week’s vulnerability lists include:

Cisco
VLC Media Player
Apple Quicktime for Windows
Brother MFC-J960DWN firmware
Google Android (numerous vulnerabilities)
Linux Kernel
Notepad ++
NVidia Android Sound Driver
Toshiba Home Gateway firmware

and many, many more

Reply | Quote

Windows, Office, IE are not in the list!
It looks like the price for security in Windows is to destroy some of the functionality, as it was/is the case with the Outlook patches from June 2017.

1 user thanked author for this post.

HiFlyer

Reply | Quote

ch100 wrote:

Windows, Office, IE are not in the list!

Not this week… 🙂

Reply | Quote

SB17-198: Vulnerability Summary for the Week of July 10, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-198

Original release date: July 17, 2017

 
On this week’s High Vulnerability list:

Cisco
Foxit Reader
Linux Kernel
McAfee ATD
Microsoft:
Edge,
Excel,
IE,
Office, &
Windows;
PHP
Toshiba Home Gateway

as well as many, many Medium and Low Vulnerabilities, and even more with Severity Not Yet Assigned…

2 users thanked author for this post.

Xtype, satrow

Reply | Quote

SB17-205: Vulnerability Summary for the Week of July 17, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-205

Original release date: July 24, 2017

 
This weeks vulnerability lists include:

Apple iOS, MacOS, tvOS, WatchOS
Apple iCloud, iTunes, Safari
Cisco
Google Android
Linux Kernel
Microsoft Edge

and many, many more

2 users thanked author for this post.

HiFlyer, Elly

Reply | Quote

SB17-212: Vulnerability Summary for the Week of July 24, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-212

Original release date: July 31, 2017

 
For a change, none of the “usual suspects” appear in the allocated vulnerability lists; these are among the not-yet-assigned vulnerability list:

Avira AV
Cisco
Google Android, Chrome
Intel Processors
Linux Kernel
Netcomm Wireless Routers
NVidia Windows GPU Display Drvier
Panda Security
VMWare

and many more

Reply | Quote

The Intel Processors vulnerability could be considered a very important one.
However, this may or may not be a real threat, like many others so called security flaws which are only of academic significance, while in practice is close to impossible to exploit them.

1 user thanked author for this post.

HiFlyer

Reply | Quote

The Intel “SGX Update” advisory, INTEL-SA-00076, rates the Elevation of Privilege severity as Critical, but the list of affected products appear to be mainly server and some client systems (NUC/Compute Stick).

Recommendations:
This update improves the security of Intel® Software Guard Extensions (Intel® SGX) and is strongly recommended.

While this firmware update prevents exploitation of the issue on systems running SGX, Intel also provides an SGX Attestation service to allow service providers to know whether clients have the latest security updates. Intel plans to update the SGX Attestation Service response on November 14, 2017. On platforms that have not installed the update, SGX applications using the SGX Attestation Service will begin to receive “out of date” responses from the SGX Attestation Service. Applications using SGX may or may not take action based on this information.

Reply | Quote

Wow, no Windows vulnerabilities listed at all. That’s impressive.

Toward the bottom of the report…

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler where a missing permissions check may allow users to gain access to arbitrary physical system memory, which may lead to an escalation of privileges.

Stuff like this always worries me a little, in that the obvious fix is to add that “missing permissions check”. Trouble is, doing so might slow everything down or create unexpected couplings. Perhaps that check is “missing” in a high-use section of the code. We are talking about a display driver here where changes to performance could be very visible and potentially disruptive.

Secondary to that it’s all fine and good to want robust software, but software that presumes a system WILL be compromised and constantly takes measures deep within to protect itself from itself can be way less efficient than software that can run unfettered, secure in the knowledge that the system is protected from infection at a higher level. It’s a bit like a company where every employee checks the credentials of every other employee on a moment by moment basis. Sure, no one is going to be fooled by an imposter, but no one really gets much done either. Wouldn’t it be better to just check the credentials at the front door?

-Noel

Reply | Quote

Security Bulletin: NVIDIA GPU display driver contains multiple vulnerabilities in the kernel mode layer handler
https://nvidia.custhelp.com/app/answers/detail/a_id/4525
Answer ID 4525 | Updated July 31, 2017

NVIDIA GPU display driver vulnerabilities may lead to denial of service or possible escalation of privileges

 
The above security bulletin contains details of the affected products and driver fixes, with a link to the driver download page.

1 user thanked author for this post.

Noel Carboni

Reply | Quote

I downloaded their latest driver (385.48) for my card early this morning. I worked with the system all day, and it’s running perfectly. There was only a small degradation in one of the Passmark PerformanceTest benchmarks, while there was a slight improvement in a few others. All in all, the scores before and after added up to about the same.

-Noel

Reply | Quote

v. 385.48 isn’t showing in NVidia’s list under “First version that includes the fix”… could that be a typo?

Reply | Quote

SB17-219: Vulnerability Summary for the Week of July 31, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-219

Original release date: August 07, 2017

 
Some of last week’s not-yet-assigned vulnerabilities appear in this week’s list categorised as High & Medium vulnerabilities.

This week’s vulnerability lists include:
Cisco
Comcast
Microsoft Outlook
NetComm
NVidia Windows GPU Driver
TrendMicro
IBM (various)
VMWare
F-Secure Online Scanner
Linux Kernel

and many more.

1 user thanked author for this post.

ch100

Reply | Quote

SB17-226: Vulnerability Summary for the Week of August 7, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-226

Original release date: August 14, 2017

 
This week’s vulnerability lists include:
Cisco
Microsoft Edge, Internet Explorer, Win. Server 2016, Windows (various)
Linux Kernel
Oracle
Google Android
Adobe Acrobat Reader, Digital Editions & Experience Manager, Flash Player
Debian
TrendMicro
VMWare

& oodles more…

1 user thanked author for this post.

ch100

Reply | Quote

SB17-233: Vulnerability Summary for the Week of August 14, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-233

Original release date: August 21, 2017

 
This week’s vulnerability lists include:

Adobe Acrobat Reader, Digital Ediitions, Experience Manager & Flash Player
Google Android
Cisco
D-Link
FoxIt PDF
Linux Kernel

& and many more

1 user thanked author for this post.

ch100

Reply | Quote

SB17-240: Vulnerability Summary for the Week of August 21, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-240

Original release date: August 28, 2017

 
This week’s vulnerability lists include:

Google Android
Linux Kernel
D-Link Firmware
Kaspersky IS for Android
Samsung S4 & S6
Ubuntu

& many more

Reply | Quote

SB17-247: Vulnerability Summary for the Week of August 28, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-247-0

Original release date: September 04, 2017

 
On this week’s vulnerability lists:

Linux Kernel
Bitdefender Total Security
D-Link Firmware
FoxIt Reader
Fuji Xerox
Heimdal
McAfee Live Safe

& many more

Reply | Quote

Bulletin SB17-289: Vulnerability Summary for the Week of October 9, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-289

Original release date: October 16, 2017

 
Among this week’s extensive list with Severity Not Yet Assigned, are:

Cisco Firmware
Intel NUC Firmware
JavaScript
Linux (various)
Microsoft Edge, Internet Explorer, Office, Outlook, Windows, Sharepoint, Web Apps, etc.

& many, many more

Reply | Quote

SB17-296: Vulnerability Summary for the Week of October 16, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-296

Original release date: October 23, 2017

 
This week’s very long list of vulnerabilities include, among others:

Microsoft – various:
“Scripting Engine Memory Corruption Vulnerability”, “Windows Kernel Information Disclosure Vulnerability” et al
Oracle
WPA/WPA2
Blackberry
Cisco
Debian
Google Android
Huawei
Infineon
Linux Kernel
NVidia
TP-Link

and many, many more

1 user thanked author for this post.

Elly

Reply | Quote

SB17-303: Vulnerability Summary for the Week of October 23, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-303

Original release date: October 30, 2017

 
This week’s vulnerability lists include:

Apple: macOS-X, iOS, AppleTV, iCloud, iTunes, Safari etc.
FoxIt Reader
Adobe Flash Player (27.0.0.159 and earlier)
Cisco Webex Meetings Server
D-Link
Debian-Ubuntu
Google Chrome
Linux Kernel
Symantec Endpoint Encryption, Encryption Desktop
TP-Link
WordPress

and many, many more

Reply | Quote

SB17-310: Vulnerability Summary for the Week of October 30, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-310

Original release date: November 06, 2017

 
No High or Low vulnerabilities this week!

On the “Severity Not Yet Assigned” list:
BitDefender Internet Security 2018
Cisco
D-Link
FoxIt Reader
Google Android & Chrome
Linux Kernel
McAfee
TP-Link
Tor Browser

and many, many more

Reply | Quote

SB17-317: Vulnerability Summary for the Week of November 6, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-317

Original release date: November 13, 2017

 
The categorised vulnerabilities entries are limited again this week, but in the uncategorised list:

Disney Circle
Linux Kernel
Logitech Media Server
Symantec Endpoint Protection
Tor Browser

and many more

Reply | Quote

SB17-324: Vulnerability Summary for the Week of November 13, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-324

Original release date: November 20, 2017

 
Again, no categorised vulnerabilities in this week’s list. In the Severity Not Yet Assigned list:
Apple – various “multiple products”
Microsoft – various “multiple products”
Cisco
D-Link
Google Android
Linux Kernel
Realtek Audio Driver (in some Lenovo ThinkPads)
VMWare

and many more

Reply | Quote

SB17-331: Vulnerability Summary for the Week of November 20, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-331

Original release date: November 27, 2017

 
No quantified vulnerabilities again. From Severities Not Yet Assigned:

Open Office
Huawei Smartphones (multiple)
Intel (various)
Symantec
VMWare

and many more

Reply | Quote

SB17-338: Vulnerability Summary for the Week of November 27, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-338

Original release date: December 04, 2017

 
On this week’s vulnerability lists:

Cisco Webex & others
Adobe, incl. Flash
Apple MacOS
JavaScript
Linux Kernel
Samba
TP-Link “multiple devices”

and many more.

Reply | Quote

SB17-345: Vulnerability Summary for the Week of December 4, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-345

Original release date: December 11, 2017 | Last revised: December 15, 2017

 
There are no categorised risks this time. On the Severity Not Yet Assigned list:
Adobe – multiple products
Debian
Dell Storage Manager & 233DM MF Laser Printer Firmware
Google Android
Kaspersky ESS
Linux Kernel
Microsoft Malware Protection Engine
OpenSSL
Qualcomm Android for MSM
Tor
VMWare

& many more

Reply | Quote

SB17-352: Vulnerability Summary for the Week of December 11, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-352

Original release date: December 18, 2017

 
On this week’s extensive vulnerability lists:
Adobe Acrobat/Reader, Photoshop, Connect, Digital Editions, Experience Manager, Flash Player, InDesign, Shockwave;
Microsoft Internet Explorer, Device Guard, ChakraCore, Malware Protection Engine, Edge, Office 2016 CTR, Office 2013 SP1 & RT SP1, Sharepoint Enterprise Server 2016; Windows 7, Server 2008 and newer;
Cisco Multiple Products
D-Link
Kaspersky ESS
Linux Kernel
Panda
SAP
Symantec-Norton
TrendMicro
VLan VLC
Western Digital MyCloud

and many, many more

Reply | Quote

SB17-359: Vulnerability Summary for the Week of December 18, 2017
https://www.us-cert.gov/ncas/bulletins/SB17-359

Original release date: December 25, 2017 | Last revised: December 26, 2017

 
This week’s vulnerability lists include:

BitDefender
Cisco
FoxIt Reader
Huawei – multiple products
IBM
Linux Kernel
Synology
TP-Link – multiple products
VLan VLC
VMWare

& many, many more

1 user thanked author for this post.

Elly

Reply | Quote

SB18-001: Vulnerability Summary for the Week of December 25, 2017
https://www.us-cert.gov/ncas/bulletins/SB18-001

Original release date: January 01, 2018

 
On this week’s vulnerability lists:

Apple tvOS, MacOS, iOS, Safari; iCloud & iTunes on Windows
Enigmail
Google Play
Linux Kernel
Samsung Internet Browser 6.2.01.12, S6 Edge – Email Composer

& many, many more

Reply | Quote

SB18-008: Vulnerability Summary for the Week of January 1, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-008-0

Original release date: January 08, 2018

 
Very few quantified vulnerabilities this week; from the Severity Not Yet Assigned list:

Cisco Webex
DuoLingo
Linux Kernel
Microsoft Edge, Internet Explorer, Windows etc.
Oracle
Samsung Multiple Mobile Devices
VMWare

& many, many more.

Reply | Quote

SB18-015: Vulnerability Summary for the Week of January 8, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-015

Original release date: January 15, 2018

 
Only one product populates this week’s High & Medium severity vulnerability list. From the Severity Not Yet Assigned list:

Adobe Flash
D-Link DSL Devices
Google Android (multiple)
Google Chrome
Intel Driver & Support Assistant
Linux Kernel
Malwarebytes Premium
Microsoft .NET, Office, Outlook, Sharepoint
SAP
Sophos Firewall
Symantec ASG
TP-Link – multiple devices
VMWare

& many, many more.

1 user thanked author for this post.

MrBrian

Reply | Quote

SB18-022: Vulnerability Summary for the Week of January 15, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-022

Original release date: January 22, 2018

 
Oracle (multiple vulnerabilities) make up all the High, Meduim & Low vulnerabilities in this week’s list, and along with the Oracle entries in the Severity Not Yet Assigned list, I’d venture a bet that Oracle make up half of this week’s entries.

Also on the Severity Not Yet Assigned list:
Cisco
Google Android
Linux Kernel
TrendMicro
Yandex Browser

and many more.

1 user thanked author for this post.

Microfix

Reply | Quote

SB18-029: Vulnerability Summary for the Week of January 22, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-029

Original release date: January 29, 2018

 
No categorised vulnerabilities again this week. In the Severity Not Yet Assigned list are, among others:

HP: various/multiple products
IBM: various/multiple products
Lenovo
Linux Kernel
Microsoft Office (Equation Editor)
Moodle
TrendMicro

Reply | Quote

SB18-036: Vulnerability Summary for the Week of January 29, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-036

Original release date: February 05, 2018

 
No categorised vulnerabilities again this week. In the Severity Not Yet Assigned list are, among others:

7-Zip
Asus
Cisco
Linux Kernel

and many others

Reply | Quote

SB18-043: Vulnerability Summary for the Week of February 5, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-043

Original release date: February 12, 2018

 
Again, no classified vulnerabilities; from this week’s Severity Not Yet Assigned list:

Adobe Flash Player
Audacity
Cisco (multiple products)
FoxIt Reader & PhantomPDF
Google Android
Google Chrome
LibreOffice
Linux Kernel
MalwareFox AntiMalware
Microsoft Internet Explorer 11
TrendMicro
Twitter Kit for iOS

& many, many more

Reply | Quote

SB18-050: Vulnerability Summary for the Week of February 12, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-050

Original release date: February 19, 2018

 
Again, no categorised vulnerabilities, but an extensive list deemed “Severity Not Yet Assigned”, including:
Dell EMC Support Assistant: Enterprise
Google Android
Huawei
IBM
Linux Kernel
Microsoft: ChakraCore, Edge, Internet Explorer, Office, Outlook, Sharepoint, Windows, Windows Kernel
SAP
TrendMicro
Ubuntu

and a host more.

1 user thanked author for this post.

Elly

Reply | Quote

SB18-057: Vulnerability Summary for the Week of February 19, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-057

Original release date: February 26, 2018

 
Another long list of uncategorised vulnerabilties, with none catergorised yet again. On the Severity Not Yet Assigned list:

Adobe ShockWave Player
Cisco
Google Android
IBM
Linux Kernel
Seagate BlackArmor NAS
Symantec
Synology
TrendMicro

and many more.

Reply | Quote

SB18-064: Vulnerability Summary for the Week of February 26, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-064

Original release date: March 05, 2018

 
In this week’s Severity Not Yet Assigned list:

Adobe Reader
Adobe Experience Manager
FoxIt MobilePDF
IBM
Linux Kernel
Microsoft Windows (Vista – 8.1, before KB30862525 KB3086255)
PureVPN
SAP

and many more.

3 users thanked author for this post.

satrow, Elly, Susan Bradley

Reply | Quote

SB18-071: Vulnerability Summary for the Week of March 5, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-071

Original release date: March 12, 2018

 
Again, no categorised vulnerabilities (many Severity Not Yet Assigned vulnerabilities)
 

 
SB18-078: Vulnerability Summary for the Week of March 12, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-078

Original release date: March 19, 2018

 
Again, no categorised vulnerabilities (many Severity Not Yet Assigned vulnerabilities)
 

 
SB18-085: Vulnerability Summary for the Week of March 19, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-085

Original release date: March 26, 2018

 
Again, no categorised vulnerabilities (many Severity Not Yet Assigned vulnerabilities)

Reply | Quote

SB18-092: Vulnerability Summary for the Week of March 26, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-092

Original release date: April 02, 2018

 
This week’s bulletin contains numerous Medium Severity Vulnerabilities affecting 5 products. In addition, there are Severity Not Yet Assigned Vulnerabilities affecting, among others:

Cisco
D-Link
Google Android
IBM
Linux Kernel
NordVPN
Opera Browser
Qualcomm Android
Samsung Mobile Devices
Symantec
Twonky Server
WD MyCloud

1 user thanked author for this post.

satrow

Reply | Quote

SB18-099: Vulnerability Summary for the Week of April 2, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-099

Original release date: April 09, 2018

 
Again, no categorised vulnerabilities. This week’s list of Severity Not Yet Assigned Vulnerabilities include:

Apple: iOS, MacOS, tvOS, WatchOS, Safari, iCloud, iTunes
Asus Routers
BitDefender AntiVirus
Cisco iOS XE software
D-Link
FreeBSD
Google Android
Linux Kernel
McAfee multiple products
Microsoft Malware Protection Engine & Windows Kernel
Nvidia
Qualcomm Android

& many more

2 users thanked author for this post.

satrow, Elly

Reply | Quote

SB18-106: Vulnerability Summary for the Week of April 9, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-106

Original release date: April 16, 2018

 
The categorised vulnerabilities listed are not common consumer products. However, on the Severity Not Yet Assigned list:

Apple: iOS, MacOS
D-Link
FreeBSD
Google Chrome: Video Downloader Pro extension
Huawai
Linux Kernel
Qualcomm Android
SAP
Symantec
VMWare
Microsoft (a very long list, this may not be inclusive): Edge, Internet Explorer, SharePoint, SharePoint Server Excel, Excel Viewer, Word, Office, Windows, Windows Kernel, ChakraCore, Wireless Keyboard 850…

& many more.

1 user thanked author for this post.

Elly

Reply | Quote

SB18-113: Vulnerability Summary for the Week of April 16, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-113

Original release date: April 23, 2018

 
Only one categorised vulnerability this week, but another long list of Severity Not Yet Assigned vulnerabilities, including:

7-Zip
Asus Routers
Belkin Routers
Cisco
D-Link
FoxIt PDF Reader
Huawei
Kaspersky Password Manager
LibreOffice
Linux Kernel
Microsoft Internet Explorer
Microsoft Windows 10
NordVPN
Oracle
PureVPN
Qualcomm Android
Symantec
VMWare

and many more

Reply | Quote

SB18-120: Vulnerability Summary for the Week of April 23, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-120

Original release date: April 30, 2018

 
Another long list of uncategorised vulnerabilties, with none catergorised yet again. On the Severity Not Yet Assigned list:

Corel Draw & PhotoPain x8
FoxIt PDF Reader, PhantomPDF
Huawei
Linux Kernel
Paypal WebHybridClient for Android
Seagate Personal Cloud
Siemens
TunnelBear

& many more

1 user thanked author for this post.

Elly

Reply | Quote

SB18-127: Vulnerability Summary for the Week of April 30, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-127

Original release date: May 07, 2018

 
Another long list of uncategorised vulnerabilties, with none catergorised yet again. On the Severity Not Yet Assigned list:

7-Zip
Cisco
D-Link
Google Android
Huawei
Lenovo
LibreOffice
Linux Kernel
Microsoft Windows
Nvidia
SaferVPN
TP-Link
VMWare

and many more

1 user thanked author for this post.

satrow

Reply | Quote

SB18-134: Vulnerability Summary for the Week of May 7, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-134

Original release date: May 14, 2018

 
Another long list of uncategorised vulnerabilties, with none catergorised yet again. On the Severity Not Yet Assigned list:

D-Link
Google Android
Huawei
Intel NUC Kits
Intel Wireless AC Products
Linux Kernel
Microsoft: .NET, Azure, Internet Explorer, Edge, Exchange Server, InfoPath, “Multiple Products”, Office & Excel, Office & Word, SharePoint, Windows etc.
OS Kernels – Multiple Vendors (incl. Ubuntu, Debian)
SAP
Synology

and many, many more

Reply | Quote

SB18-141: Vulnerability Summary for the Week of May 14, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-141

Original release date: May 21, 2018

 
Another long list of uncategorised vulnerabilties, with none catergorised yet again. On the Severity Not Yet Assigned list:

Adobe Acrobat and Reader, ColdFusion, Connect, Creative Cloud Desktop Application, Digital Editions, Dreamweaver CC, Experience Manager, Flash Player, InDesign, PhoneGap Push Plugin
Asus
Cisco
D-Link
FoxIt Reader
Linux Kernel
Multiple email clients – S/Mime EFail vulnerability
Qualcomm Android
Red Hat
Symantec

& many more

1 user thanked author for this post.

Elly

Reply | Quote

SB18-148: Vulnerability Summary for the Week of May 21, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-148

Original release date: May 28, 2018

 
On this week’s Severity Not Yet Assigned list:

Adobe Acrobat & Reader, ColdFusion, Connect, Creative Cloud Desktop Application, Digital Editions, Dreamweaver CC, Experience Manager, Flash Player, InDesign, PhoneGap Push Plugin
Citrix
D-Link Router DSL-3782
FoxIt Reader & PhantomPDF
Huawei
Linux Kernel
McAfee
Microsoft Office, Windows Server 2016, Windows 10, Windows 10 Servers
Moodle
“Multiple Vendors – Multiple Products” (Rogue System Register Read (RSRE), Variant 3a; Speculative Store Bypass (SSB), Variant 4)
TrendMicro
VMWare

& many more.

Reply | Quote

SB18-155: Vulnerability Summary for the Week of May 28, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-155

Original release date: June 04, 2018

 
On this week’s Severity Not Yet Assigned list:

BMW – multiple vehicles
Brother HL-L2340D and HL-L2380DW series printers
Google Android
Groupon
Huawei – multiple smartphones, servers etc.
Linux Kernel
Moodle
Symantec ASG
Synology Drive
TP-Link
Ubuntu
VLC Media Player
VMWare

& many more

2 users thanked author for this post.

HiFlyer, satrow

Reply | Quote

SB18-162: Vulnerability Summary for the Week of June 4, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-162

Original release date: June 11, 2018

 
On this week’s Severity Not Yet Assigned list:

Apple iOS, macOS, iCloud, iTunes, watchOS, tvOS, Safari, Swift (for Ubuntu);
Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices, MF210 and MF220 web interface, web interfaces for LBP7110Cw & LBP6030w;
Cisco
Foxit PDF Reader
Linux Kernel
McAfee
Qualcomm Android
Synology
TP-Link
TrendMicro

& many, many more

1 user thanked author for this post.

satrow

Reply | Quote

SB18-169: Vulnerability Summary for the Week of June 11, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-169

Original release date: June 18, 2018

 
For the first time in quite a few weeks, there are High Vulnerabilities this week; both are for Microsoft Windows 10.

On the Severity Not Yet Assigned list:
Apple iOS, macOS, OSX, Safari, Multiple Products (incl. TvOS, iCloud)
Enigmail
Huawei
Linux Kernel
McAfee
Microsoft Edge, ChakraCore, Internet Explorer, Office, Outlook, Publisher, SharePoint, Windows (multliple)
Mozilla Firefox & Firefox ESR, Thunderbird, Multiple Products
Pale Moon
Qualcomm Android
SAP
TrendMicro
VMWare

& many more

2 users thanked author for this post.

StruldBrug, satrow

Reply | Quote

Kirsty,

This could be related — and, perhaps, also reassuring:

Both Firefox and Waterforx have been updated recently (Windows and Mac versions), this month, and the macOS has received security patches as well, a week ago.

 

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Firefox’s last security advisory was issued on June 6th, and the only CVE# reported in MFSA2018-14 isn’t one of the numerous CVE#’s listed in the NCAS Severity Not Yet Ascertained list issued on June 18th… I suspect a new update will be due very soon.

Firefox’s release notes indicate their last update was issued on June 6th.

1 user thanked author for this post.

OscarCP

Reply | Quote

SB18-176: Vulnerability Summary for the Week of June 18, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-176

Original release date: June 25, 2018

 
On this week’s Severity Not Yet Assigned list:

Cisco
D-Link DIR-620 devices
Intel Core-based microprocessors (Lazy FP)
Linux Kernel
McAfee
Symantec
TP-Link TL-WA850RE Wi-Fi Range Extender

& many more

1 user thanked author for this post.

geekdom

Reply | Quote

It’s a little troubling when security software, such as McAfee and Symantec, has vulnerability issues.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

SB18-183: Vulnerability Summary for the Week of June 25, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-183

Original release date: July 02, 2018

 
On this week’s Severity Not Yet Assigned list:

Google Home and Chromecast devices
Linux Kernel
Microsoft: Visual C++ Redistributable, OneDrive, Skype for Windows, Visual Studio, Windows
Siemens
TP-Link TL-WA850RE

& many more

Reply | Quote

SB18-190: Vulnerability Summary for the Week of July 2, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-190

Original release date: July 09, 2018

 
On this week’s Severity Not Yet Assigned list:

Cinnamon Linux
D-Link
Huawei
IBM
Linux Kernel
Qualcomm Android
Siemens
Synology
TP-Link
TrendMicro

& many more

1 user thanked author for this post.

Elly

Reply | Quote

SB18-197: Vulnerability Summary for the Week of July 9, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-197

Original release date: July 16, 2018

 
Two non-mainstream categorized vulnerabilities, and from the Severity Not Yet Assigned vulnerabilities disclosed this week:

Adobe Acrobat and Reader, Flash Player, Photoshop CC
D-Link DIR Routers
Intel Active Management Technology (AMT), Multiple Core Processors etc.
Linux Kernel
Microsoft .NET framework, Access & Office, Chakracore & Edge, Internet Explorer, “Multiple Products”, Skype, Visual Studio, Windows, Wireless Display Adapter etc.
Qualcomm Android
SAP
Sonos
VideoLan VLC Media Player
VMWare

& many, many more

1 user thanked author for this post.

Elly

Reply | Quote

SB18-204: Vulnerability Summary for the Week of July 16, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-204

Original release date: July 23, 2018

 
This week’s vulnerabilities include:

Oracle MySQL
Adobe Acrobat & Reader, Connect, Experience Manager, Flash Player
Cisco
Foxit Reader
Linux Kernel
McAfee
TeamViewer
TP-Link WR840N devices

& many more

1 user thanked author for this post.

Elly

Reply | Quote

SB18-211: Vulnerability Summary for the Week of July 23, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-211-0

Original release date: July 30, 2018

 
On this week’s Severity Not Yet Assigned list:

Adobe Acrobat and Reader, Connect, Experience Manager, Flash Player
Linux Kernel
McAfee
NetGear (specified routers)
Samba
Siemens
Symantec
VMWare

& many more

1 user thanked author for this post.

satrow

Reply | Quote

SB18-218: Vulnerability Summary for the Week of July 30, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-218

Original release date: August 06, 2018

 
On this week’s Severity Not Yet Assigned list:

Cisco
FoxIt PDF Reader
Huawei (multiple products & smartphones)
Linux Kernel
Oracle
PayPal
Samba
SAP
Synology DiskStation Manager (DSM)

and many more

1 user thanked author for this post.

Elly

Reply | Quote

SB18-225: Vulnerability Summary for the Week of August 6, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-225

Original release date: August 13, 2018

 
On this week’s Severity Not Yet Assigned list:

Hewlett Packard Enterprise (HPE)
LibreOffice
Linux Kernel
MacOS BlueTooth FirmWare, OS Drivers (multiple vendors)
NetComm Wireless G LTE
Siemens
SquirrelMail
Ubuntu

and many more.

1 user thanked author for this post.

Elly

Reply | Quote

SB18-232: Vulnerability Summary for the Week of August 13, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-232

Original release date: August 20, 2018

 
In this week’s Vulnerability lists:

Intel Core (L1 Data Cache)
Cisco
Citrix
LG Android devices
Microsoft .NET framework, ChakraCore, Edge, “Multiple Products”, Internet Exploror, Exchange Server, Excel, Office, PowerPoint, SQL Server, Windows etc.
SAP
TP-Link WR840N
TrendMicro
VMWare
Yubico

& many more.

Reply | Quote

SB18-239: Vulnerability Summary for the Week of August 20, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-239-0

Original release date: August 27, 2018

 
On this week’s Severity Not Yet Assigned list:

Belkin Wemo Insight Smart Plug
D-Link DIR-615 routers, EyeOn Baby Monitor (DCS-825L)
Huawei – multiple firewall products
Linux Kernel
Mikrotik RouterOS
Philips’ IntelliSpace Cardiovascular (ISCV) products
Samba
Symantec
Ubuntu

& many more

Reply | Quote

SB18-246: Vulnerability Summary for the Week of August 27, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-246-0

Original release date: September 03, 2018

 
On this week’s Severity Not Yet Assigned list:

Adobe Acrobat and Reader, Creative Cloud Desktop Application, Experience Manager, Flash Player, Photoshop CC
Amazon Web Services (AWS)
CA
D-Link
Epson
Foxit Reader
Google Chrome
Linux Kernel
NVIDIA GeForce Experience
Samsung
TrendMicro

& many more

1 user thanked author for this post.

Elly

Reply | Quote

SB18-253: Vulnerability Summary for the Week of September 3, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-253

Original release date: September 10, 2018

 
On this week’s Severity Not Yet Assigned list:

Adobe Experience Manager
Canon IT Solutions – multiple products
D-Link DIR-846
Fuji Xerox – multiple products
Google Android
Huawei SmartPhones
Linux Kernel
NordVPN
TeamViewer
Ubuntu ORCA

& many more.

Reply | Quote

SB18-260: Vulnerability Summary for the Week of September 10, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-260

Original release date: September 17, 2018

 
On this week’s Severity Not Yet Assigned list:

Asus Routers
Bullguard Safe Browsing
D-Link
Huawei Smartphones
Intel AMT, CSME, Firmware, SA-00086 Detection Tool and various utilities
LG multiple devices
Linux Kernel
Microsoft Edge, ChakraCore, IE11, Multiple Products, Office, Sharepoint, Windows, Servers
NordVPN
OpenSSL
PowerDNS
ProtonVPN
SAP
TP-Link TL-WR886N
VMware

& many more

Reply | Quote

SB18-267: Vulnerability Summary for the Week of September 17, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-267-0

Original release date: September 24, 2018

 
On this week’s Severity Not Yet Assigned list:

Google Android
Huawei Smartphones
Intel Core Processors (4th-8th gen)
Linksys
Linux Kernel
McAfee
Microsoft (server)
Oracle
Symantec Messaging Gateway
Western Digital My Cloud

& many more

 

Weekly Threat Report 21st September 2018
https://www.ncsc.gov.uk/report/weekly-threat-report-21st-september-2018

 
Microsoft Office Macros, most popular method of malware delivery

Cyber criminals continue to utilise weaponised macros in Microsoft Office documents to deliver malware. In a recent report from Cofense, it was noted that the exploitation of Microsoft Office macros comprised 45% of all deliveries. A separate report showed that a further 37% exploited the Microsoft Office Memory Corruption Vulnerability (CVE-2017-11882).

Macros can be easily developed and distributed. Despite Microsoft having disabled macros by default, it only takes minimal user interaction to start the infection chain. Subsequently, the victim could be infected by a range of malware, with Geodo, GandCrab and Trickbot among the variants observed.

As Cofense noted, the range of observed payloads indicates that this delivery mechanism is used widely across the cyber crime landscape by both “mature and amateur operators alike.”

The NCSC website has published guidance on Macro security for Microsoft Office. It also has guidance on phishing.

 
This report includes other notes, including:
GDPR three months in
Bristol Airport cyber attack

1 user thanked author for this post.

Elly

Reply | Quote

SB18-274: Vulnerability Summary for the Week of September 24, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-274-0

Original release date: October 01, 2018

 
On this week’s Severity Not Yet Assigned list:

Adobe Acrobat and Reader, ColdFusion, Flash Player
Citrix
Google Chrome
Huawei – multiple products
Intel Core Processor – 4th – 8th generation
Linux Kernel
Microsoft Exchange Server 2010, SQL Server
Ricoh printers
Samsung Email, Galaxy Apps, Internet Browser etc
TP-Link
TrendMicro
Ubuntu Udisks

& many more

1 user thanked author for this post.

Elly

Reply | Quote

Weekly Threat Report 5th October 2018
https://www.ncsc.gov.uk/report/weekly-threat-report-5th-october-2018

 
Microsoft Warns Fileless Malware on the Rise

Media reporting has highlighted a recent warning from Microsoft that so-called ‘fileless’ malware attacks are on the rise.

According to the report, the trend towards fileless malware is being driven by the increasing effectiveness of antivirus solutions, which can detect the installation of malicious files on a hard-drive.

By contrast, traditional anti-malware products find fileless malware significantly more difficult to detect. This is because the malicious payload is not written to the hard-drive and is instead run directly in the system’s memory.

Fileless malware can use the default tools present on a computer, such as Powershell, to achieve malicious effects, a tactic known as ‘living-off-the-land’.

Whilst fileless malware is nothing new, knowledge of how to implement it is becoming more widespread. This has been accelerated by an increase in the number of tools that assist in the creation of fileless malware. The use of fileless malware and other more sophisticated techniques will become increasingly prevalent as malicious actors find new ways of circumventing security controls.

The simplest way to avoid this type of threat is to disable tools such as Powershell and Windows Management Instrumentation (WMI).

Also this week:
Attribution of Russian close access and remote cyber operations
LoJax – A new type of rootkit

1 user thanked author for this post.

Elly

Reply | Quote

SB18-281: Vulnerability Summary for the Week of October 1, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-281

Original release date: October 08, 2018

 
On this week’s Severity Not Yet Assigned list:

Cisco
D-Link
Dell Digital Delivery
FoxIt PDF Reader
Google Android
HP Printers & Multi-Functions
Linux Kernel
McAfee
Nvidia GeForce Experience
TP-Link
VMWare

& many more

1 user thanked author for this post.

Elly

Reply | Quote

SB18-288: Vulnerability Summary for the Week of October 8, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-288-13

Original release date: October 15, 2018

 
On this week’s Severity Not Yet Assigned list:

Adobe Acrobat and Reader
Blackberry UEM
Cisco
D-Link
Dell Encryption & Endpoint Security Suite Enterprise
Foxit PDF Reader, PhantomPDF
GoPro
IBM
Intel Graphics Drivers, NUC, multiple products etc
Linux Kernel
Microsoft ChakraCore, Edge, Exchange Server, IE, multiple products, SharePoint, Win10 etc.
SAP
Siemens
VMWare

& many, many more

In NCSC’s Weekly Threat Report 12th October 2018:
https://www.ncsc.gov.uk/report/weekly-threat-report-12th-october-2018

Californian state law change for connected devices
The NCSC and DCMS will be publishing the Secure by Design Code of Practice, in addition to consumer guidance on IoT devices, in the coming weeks.

Google+ and Project Strobe
For any user of social media, this breach is a reminder that social media applications that you no longer use may still contain your data and this could potentially be leaked.
It is recommended that any active or inactive users of social media platforms review their data held by such platforms to limit any future exposure to breaches. They should also review their privacy settings with companies, including Google, which have introduced further privacy checks with the introduction of the GDPR act.

Reply | Quote

SB18-295: Vulnerability Summary for the Week of October 15, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-295

Original release date: October 22, 2018

 
The majority of the High & Medium Vulnerabilities this week relate to Oracle. On this week’s Severity Not Yet Assigned list:

Adobe Digital Editions, Experience Manager, Experience Manager etc.
Amazon Kindle
Asus
Cisco
D-Link
Dell EMC
Huawei
Intel Graphics Drivers
Linksys E-Series Routers
Linux Kernel
Mozilla Firefox, Thunderbird
VMWare

& many, many more

From NCSC’s Weekly Threat Report 19th October 2018:
https://www.ncsc.gov.uk/report/weekly-threat-report-19th-october-2018

US water utility suffers ransomware attack
Publishing House Phishing Warning

1 user thanked author for this post.

OscarCP

Reply | Quote

SB18-302: Vulnerability Summary for the Week of October 22, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-302

Original release date: October 29, 2018

 
On this week’s Severity Not Yet Assigned list:

BitDefender
Cisco, Webex
Citrix
C-Link
Eaton UPS
Linux Kernel
Microsoft Yammer
Qualcomm
TP-Link
TrendMicro

& many more

From NCSC’s Weekly Threat Report 26th October 2018:
https://www.ncsc.gov.uk/report/weekly-threat-report-26th-october-2018

The insider threat
Remote access trojan (RAT) developer convicted
Further details on TRITON malware attack

Reply | Quote

SB18-309: Vulnerability Summary for the Week of October 29, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-309-0

Original release date: November 05, 2018

 
On this week’s Severity Not Yet Assigned list:

BitDefender
Cisco
Dell EMC
Foxit PhantomPDF, Reader
GoPro
IBM
Linux Kernel
Nextcloud Server
OpenSSL
PowerDNS
Qualcomm Snapdragon
RedHat
Samba
Sandboxie
Synology

& many, many more

 

From NCSC’s Weekly Threat Report 2nd November 2018:
https://www.ncsc.gov.uk/report/weekly-threat-report-2nd-november-2018

 
Cyber security of youth data

GandCrab
Victims of an aggressive ransomware known as GandCrab can now find assistance in recovering their files from Europol’s No More Ransom website.

2 users thanked author for this post.

Elly, satrow

Reply | Quote

SB18-316: Vulnerability Summary for the Week of November 5, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-316

Original release date: November 12, 2018

 
On this week’s Severity Not Yet Assigned list:

Cisco (multiple)
Foxit Reader
Google Android
IBM (multiple)
PluralSight
PowerDNS
Sennheiser HeadSetup

and many more

From NCSC’s Weekly Threat Report 9th November 2018
https://www.ncsc.gov.uk/report/weekly-threat-report-9th-november-2018

Growth in cryptocurrency scams
Third-party JavaScript abused to steal money from Cryptocurrency exchange users

1 user thanked author for this post.

Elly

Reply | Quote

SB18-323: Vulnerability Summary for the Week of November 12, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-323

Original release date: November 19, 2018

 
On this week’s Severity Not Yet Assigned list:

Cisco
Dell EMC
Foxit Reader
Google Android, Chrome
Huawei
Intel Driver & Support Assistant, Rapid Store Technology (RST) etc.
Linux Kernel
Microsoft .NET Core, ChakraCore & Edge, Dynamics 365 (on-premises), Exchange Server, Internet Explorer, “multiple products”, Office & Outlook, SharePoint Server, Team Foundation Server (TFS), Windows & Windows Server
Nvidia Graphics Driver
OpenSSL
SAP
VMWare
ZTE multiple products

& many more

From NCSC’s Weekly Threat Report 16th November 2018:
https://www.ncsc.gov.uk/report/weekly-threat-report-16th-november-2018

Smishing, the criminal’s data source in your pocket:
According to recent reports, smishing, a technique similar to phishing, but using an SMS message rather than an email, is on the rise. The SMS message, which can be disguised to appear from an official source, will have a link which can download malware or redirect the victim to a malicious website to steal credentials or other personal data.

Popular GDPR-related plugin compromised
African ISP inadvertently routes internet traffic via Russia and China

2 users thanked author for this post.

jburk07, satrow

Reply | Quote

SB18-330: Vulnerability Summary for the Week of November 19, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-330

Original release date: November 26, 2018

 
On this week’s Severity Not Yet Assigned list:

Foxit Reader
Google Chromium
Linux Kernel
Samsung “multiple devices”

and many more

From NCSC’s Weekly Threat Report 23rd November 2018:
https://www.ncsc.gov.uk/report/weekly-threat-report-23rd-november-2018

The phishing threat and how to protect yourself

Malicious scripts make websites malicious
The NCSC has also published seven tips for staying safe online before, during and after bagging Black Friday bargains. You can also learn more about how to stay safe before, during, and after making online purchases in a new series of podcasts.

Reply | Quote

SB18-337: Vulnerability Summary for the Week of November 26, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-337-0

Original release date: December 03, 2018

 
On this week’s Severity Not Yet Assigned list:

Adobe Acrobat and Reader, Flash Player, Photoshop CC etc.
Cisco
Dell EMC
Google Android
Huawei (multiple products)
Lenovo
Linux Kernel
Moodle
NVIDIA GeForce Experience
PowerDNS
Qualcomm Android, multiple products
Samba
Symantec
TP-Link
VMWare

& many more

From NCSC’s Weekly Threat Report 30th November 2018:
https://www.ncsc.gov.uk/report/weekly-threat-report-30th-november-2018

Further increase in criminals use of HTTPS phishing sites
Responsible vulnerability disclosure
SamSam: FBI indicts two Iranian men for global ransomware infection

2 users thanked author for this post.

cesmart4125, Elly

Reply | Quote

SB18-344: Vulnerability Summary for the Week of December 3, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-344

Original release date: December 10, 2018

 
On this week’s Severity Not Yet Assigned list:

Amazon Web Services (AWS)
Dell Encryption (DDP:E)
FreeBSD
Android: Google & Qualcomm
Google Chrome
Huawei
IBM
Linux Kernel
McAfee
Quicken: Deluxe 2018 for Mac version 5.2.2
VideoLAN VLC Media Player 3.0.4
VMWare

& many more

In NCSC’s Weekly Threat Report 7th December 2018:
https://www.ncsc.gov.uk/report/weekly-threat-report-7th-december-2018

Rogue fitness apps help you to lose money not weight
Three malicious apps have recently been identified and removed from Apple’s app store.

A week of data breaches…
In one week, a number of new breaches have also been disclosed, such as the personal data of 500 million Marriott/Westin Hotels customers and the personal data of 100 million Quora users.

YouTuber fan promotes subscription via printer hack
This week an anonymous individual hacked 50,000 printers, causing them to print out a message that urged people to subscribe to the PewDiePie YouTube channel.

1 user thanked author for this post.

Elly

Reply | Quote

SB18-351: Vulnerability Summary for the Week of December 10, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-351

Original release date: December 17, 2018

 
Microsoft features prominently in the high-med-low categorised, and uncategorised, vulnerabilities this week, along with Google Chrome.

Other vulnerabilities whose Severity [is] Not Yet Assigned:

D-Link
Dell EMC
Evernote
IBM
Intel (various)
Linux Kernel
McAfee
Oracle
SAP
Signal Messenger for Android

and many, many more

From NCSC’s Weekly Threat Report 14th December 2018:
https://www.ncsc.gov.uk/report/weekly-threat-report-14th-december-2018-0

The problem with lapsing certificates
A report from the US congress this week has revealed that the network breach suffered by Equifax in 2017 was not found due to an expired software certificate.

Confidential data loss in Denmark

Stay secure; keep on top of the latest security updates

3 users thanked author for this post.

Elly, geekdom, satrow

Reply | Quote

Kirsty wrote:

A report from the US congress this week has revealed that the network breach suffered by Equifax in 2017 was not found due to an expired software certificate. Confidential data loss in Denmark Stay secure; keep on top of the latest security updates

Safety measures are required to aid in problem prevention. Most people (and corporations) are short-sighted. The most common means of short-circuiting safety measures is problem denial. When the problem occurs, uninvolved recipients acquire the problem.

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

SB18-358: Vulnerability Summary for the Week of December 17, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-358

Original release date: December 24, 2018

 
This week’s Severity Not Yet Assigned list includes:

1password
BlackBerry UEM
Brave browser
D-Link routers, cameras, multiple devices
Evernote
Google Android, gVisor
IBM
KeePassDX
Linux, Linux Kernel
Microsoft Internet Explorer
Samsung Galaxy S6
TP-Link
TrendMicro
VMWare

& many more

No new threat report from NCSC this week.

Reply | Quote

SB18-365: Vulnerability Summary for the Week of December 24, 2018
https://www.us-cert.gov/ncas/bulletins/SB18-365

Original release date: December 31, 2018

 
This week’s categorised vulnerabilities are non-mainstream products. On the Severity Not Yet Assigned list are, among others:

Asus (various)
Cisco
D-Link – multiple devices
Epson WorkForce WF-2861 printers
Foxit Quick PDF Library
Google Chrome
Linux Kernel
Motorola – multiple devices
Synology
Telegram

& many more

Reply | Quote

SB19-007: Vulnerability Summary for the Week of December 31, 2018
https://www.us-cert.gov/ncas/bulletins/SB19-007

Original release date: January 07, 2019

 
On this week’s Severity Not Yet Assigned list:

D-Link devices
ExpressVPN
Foxit Reader, PhantomPDF
Huawei (some HG products)
Linux Kernel
McAfee
Telegram Android app

Multiple products, multiple vendors:
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. This issue affects osquery prior to v3.2.7
CVE-2018-6336

& many more

2 users thanked author for this post.

satrow, Elly

Reply | Quote

SB19-014: Vulnerability Summary for the Week of January 7, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-014

Original release date: January 14, 2019

 
A High Vulnerability:
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka “Microsoft Edge Memory Corruption Vulnerability.”

There is also a Medium Vulnerability affecting Microsoft Office & Outlook.

Several Apple products, apps and software make it to the Severity Not Yet Assigned list, along with:
Cisco
D-Link
Google Chrome
Intel (various)
Linux Kernel
McAfee
Microsoft …more products
SAP

& many, many more

From NCSC’s Weekly Threat Report 11th January 2019
https://www.ncsc.gov.uk/report/weekly-threat-report-11th-january-2019

German politicians and celebrities caught in Christmas data leak
Hackers threaten to leak 9/11 litigation documents
Hackers hijack Chromecast devices to warn of latest security bug

Reply | Quote

I’d note that at least one would appear to be mislabeled, though. Possibly more. (Applies to a different product.)

Also the printer-based web spoofing one would be good to note especially.

• The product’s web interface may be abused to redirect web browsers to any web site.
• The product’s web interface may be abused to show fake information or execute arbitrary script on web browsers.

Reply | Quote

SB19-021: Vulnerability Summary for the Week of January 14, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-021

Original release date: January 21, 2019 | Last revised: January 22, 2019

 
Several Apple vulnerabilities appear in the High Vulnerability list this week, as well as Oracle and others.
Apple again appears in the Medium Vulnerability list, along with Cisco, IBM, Oracle etc.
Down in the Low Vulnerability list, Apple and Oracle are the main entries.

The Severity Not Yet Assigned list features, among others, Adobe Acrobat and Reader, Flash Player and “multiple products”, Qualcomm Snapdragon.

It’s the first time I recall not seeing Linux Kernel in the list!

From NCSC’s Weekly Threat Report 18th January 2019:
https://www.ncsc.gov.uk/report/weekly-threat-report-18th-january-2019

NASA employee data left exposed due to misconfigured app

International hacker-for-hire jailed for cyber attacks on Liberian telecommunications provider
A British cyber criminal has been jailed for conducting attacks that disrupted a Liberian telecommunications provider, resulting in losses estimated at tens of millions of US dollars.

Time running out for Windows 7
On the 14th January 2020, extended support for Windows 7 will end. … An NCSC blog post was published earlier this week which offers clear advice for those using Windows 7. You may also find the Obsolete Platforms guidance useful if you really cannot upgrade when the time comes.

1 user thanked author for this post.

satrow

Reply | Quote

SB19-028: Vulnerability Summary for the Week of January 21, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-028

Original release date: January 28, 2019

 
A large number of High and Medium vulnerabilities this week, mainly Adobe Acrobat and FoxIt PDF software.

Also listed on the various categories this week:
Adobe Connect, Digital Editions
Cisco
IBM
Linux Kernel

& many more

From NCSC’s Weekly Threat Report 25th January 2019
https://www.ncsc.gov.uk/report/weekly-threat-report-25th-january-2019

Schools targeted in fees phishing scam
Newcastle Royal Grammar School has been targeted with a phishing attack in which fraudulent emails sent from a school account email offered parents a 25% discount on fees for paying quickly via the Bitcoin cryptocurrency.

Research suggests that smart buildings are vulnerable to hackers
According to research by cyber security firm ForeScout, Internet of Things (IoT) devices within smart buildings are regularly unsecured from hackers.

GoDaddy authentication vulnerability exploited for phishing campaigns
A security researcher has discovered a vulnerability with GoDaddy.com which impacts the way it handles domain name server (DNS) change requests, allowing hackers to hijack domains.

1 user thanked author for this post.

satrow

Reply | Quote

SB19-035: Vulnerability Summary for the Week of January 28, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-035

Original release date: February 04, 2019

 
Among this week’s Medium Vulnerabilities list are a number of familiar names, incl:
Adobe Acrobat, Experience Manager
Apache Open Office
FoxIt PDF Reader
IBM
Linux Kernel
McAfee

More familiar names in the Severity Not Yet Assigned list too, incl:
D-Link
Debian
Google Android

and many, many more

From NCSC’s Weekly Threat Report 1st February 2019:
https://www.ncsc.gov.uk/report/weekly-threat-report-1st-february-2019

Iranian hackers believed to be targeting sensitive personal data
Security researchers at FireEye have reported that Iranian hackers are targeting businesses in the telecommunications and travel industries as part of an international surveillance campaign.

FaceTime privacy bug allows unauthorised eavesdropping
Researchers identified a flaw in Apple’s FaceTime application affecting the camera and microphone of iPhones and Macs that could allow attackers to eavesdrop on another FaceTime user, even when the recipient doesn’t accept the call.

B&Q reportedly exposes details of suspected thieves

2 users thanked author for this post.

Elly, satrow

Reply | Quote

SB19-042: Vulnerability Summary for the Week of February 4, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-042

Original release date: February 11, 2019

 
This week’s High Vulnerablities list includes: D-Link DIR-823G devices, Mozilla Firefox, and several others;

This week’s Medium Vulnerablities list includes: Cisco, D-Link DIR-823G device, IBM, ImageMagick, Linux Kernel, Mozilla Firefox, and many others;

In the Low Vulnerability list: Cisco Webex Meetings for Android, MyWebSQL 3.7, and a few others;

The Severity Not Yet Assigned list includes:
Cisco (various)
Dell EMC
IBM
TrendMicro
WinRar

and many others.

From NCSC’s Weekly Threat Report 8th February 2019:
https://www.ncsc.gov.uk/report/weekly-threat-report-8th-february-2019

Recall of children’s smartwatch following data risk
A recall of a children’s smartwatch has been ordered by the European Commission following fears over a lack of encryption.

Sophisticated phishing campaign targeting top brass
A new phishing campaign to steal login credentials from businesses is specifically targeting senior executives.

Norwegian cloud computing company admits to compromise by APT10
…Visma is one of the largest cloud service providers in Europe. The firm offers online HR, accounting, and other software to over 900,000 customers across Scandinavia and other regions of Europe.
The attacks are believed to be a part of a global hacking campaign, codenamed Operation Cloudhopper, that started in 2017 and mainly targets cloud service providers.

Deliveroo reportedly suffers credential stuffing attack
Deliveroo customers have reported that their accounts have been accessed, delivery addresses added and orders made without their knowledge or consent.
Scammers are reportedly ordering huge quantities of food and drink to seemingly random addresses, using bank details linked to the victim’s account.

2 users thanked author for this post.

Elly, satrow

Reply | Quote

SB19-049: Vulnerability Summary for the Week of February 11, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-049

Original release date: February 18, 2019 | Last revised: February 19, 2019

 
High Vulnerabilities this week include:
D-Link DIR-878 devices, Google Android, Qualcomm

Medium Vulnerabilities include:
Enigmail, Google Android, Linux Kernel, Symantec GSS

Low Vulnerabilities include:
Cisco ISE, Google Android, SAP

Severity Not Yet Assigned Vulnerabilities include:
Cisco, D-Link, IBM, Qualcomm Snapdragon, SAP, Xerox WorkCenter (various models)

& many more

From NCSC’s Weekly Threat Report 15th February 2019
https://www.ncsc.gov.uk/report/weekly-threat-report-15th-february-2019

Microsoft act to defend against credential stealing attacks on Office 365
Dark web selling stolen account details following hacks
Google highlights Android vulnerability
Researcher claims more than 14 million Instagram accounts could be vulnerable to hackers

Reply | Quote

SB19-056: Vulnerability Summary for the Week of February 18, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-056

Original release date: February 25, 2019

 
A number of High, Medium & Low-rated vulnerabilities again this week, with names like Linux Kernel, Intel, Cisco, D-Link, Google Chrome, in the lists.

There are also a number of uncategorised vulnerabilities, including among others:
Amazon Fire OS
British Airways’ Entertainment System
IBM
SAP

and many more

From NCSC’s Weekly Threat Report 22nd February 2019
https://www.ncsc.gov.uk/report/weekly-threat-report-22nd-february-2019

Patient calls to Swedish healthcare hotline left unprotected online
Payment data being targeted by cyber criminals

Reply | Quote

SB19-063: Vulnerability Summary for the Week of February 25, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-063

Original release date: March 04, 2019

 
Again showing lots of entries in the High, Medium and Low Vulnerability categories, as well as a number as Severity Not Yet Assigned, including:

CheckPoint Zone Alarm
Cisco
D-Link
Google Android
Linux Kernel
Mozilla Firefox
NVidia (Windows drivers)
Qualcomm Snapdragon
Ubuntu Linux 32bit builds
Citrix
IBM
McAfee

& many, many more

From NCSC’s Weekly Threat Report 1st March 2019
https://www.ncsc.gov.uk/report/weekly-threat-report-1st-march-2019

Smart Home devices vulnerable to remote attacks due to weak credentials
It is no secret that the number of connected devices in the average home is rising.
However the Internet of Things (IoT), which is likely to be the norm in the next couple of years, can also contain vulnerabilities and security issues.
Smart home devices can be vulnerable to attacks due to outdated software, unpatched security flaws, and weak credentials according to a new report produced by Avast.

Record fine handed to TikTok following data privacy issues
The video sharing app, TikTok, has received the largest ever fine recorded in a US case following issues with its management of children’s data privacy.

2 users thanked author for this post.

satrow, Elly

Reply | Quote

SB19-070: Vulnerability Summary for the Week of March 4, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-070

Original release date: March 11, 2019

 
On this week’s High Vulnerability list, et al:
Apple iPhone OS; Check Point ZoneAlarm; Cisco; Microsoft .NET Framework and Visual Studio, ChakraCore, Edge, Exchange Server, IE, Office, SharePoint, Windows 10; Motorola; Nokia.

Medium Vulnerabilities include:
Apple iCloud, iPhone OS, iTunes, MacOS-X, Safari; Linux Kernel; MS Excel, Excel Viewer, Powershell Core, Windows 7 (and as listed above); Samba.

Low Vulnerabilities include:
IBM; Microsoft again.

The Severity Not Yet Rated list includes:
Windows Hyper-V; Yubico

and many, many more

NCSC’s website isn’t currently available. I’ll try to update this later 🙂

2 users thanked author for this post.

Elly, satrow

Reply | Quote

SB19-077: Vulnerability Summary for the Week of March 11, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-077

Original release date: March 18, 2019

 
High Vulnerabilities exist for Cisco, IBM, Intel (various), and others, which also appear in the Medium & Low Vulnerability lists, as well as the Severity Not Yet Assigned list.

Also in the Medium Vulnerability list are: Microsoft Teams & Windows 7, SAP, and others.

Also in the Severity Not Yet Assigned list: Fujitsu Wireless Keyboard Set, Google Android
& many more

No entry for Linux Kernel this week!

NCSC’s new website is still giving a lot of 404 results, so I can’t access the Weekly Threat Report for 15th March 2019. If anyone else can access it, please feel free to add a summary here 🙂

1 user thanked author for this post.

Elly

Reply | Quote

SB19-084: Vulnerability Summary for the Week of March 18, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-084

Original release date: March 25, 2019

 
A number of entries in the High, Medium & Low Vulnerability lists, but are mainly not regular consumer items. However, these names do appear:
FoxIt PDF Reader
Moodle
Avast Free Antivirus

On the Severity Not Yet Categorised list:
BlackBerry AtHoc
Cisco
Heimdal Security
IBM
Linux Kernel
Nokia 8810 4G
Opera Browser
Samsung
Siemens
Synaptics Touchpad drivers

& many more

PS @NCSC is still offline this week

1 user thanked author for this post.

satrow

Reply | Quote

SB19-091: Vulnerability Summary for the Week of March 25, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-091

Original release date: April 01, 2019

 
High Vulnerabilities in this week’s summary include: D-link, Github, HP, Linux Kernel, Moodle;

The Meduim Vulnerabilities also includes: IBM, LibreOffice, Verifone, XpdfReader;

On the Severity Not Yet Assigned vulnerability list are:
Cisco
McAfee
Signal
Symantec
Tesla Model 3 Vehicles
TP-Link
Zoho

and many more (including many of those listed above)

1 user thanked author for this post.

Elly

Reply | Quote

SB19-098: Vulnerability Summary for the Week of April 1, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-098

Original release date: April 08, 2019

 
Numerous entries under High Vulnerabilities for Apple products, from iCloud to iPhoneOS and MacOS-X, as well as IBM, Qualcomm and several more.

Apple takes up much of the Medium & Low Vulnerabilities lists too, including Safari; Synology & TP-Link devices are among the other entries.

In the Severity Not Yet Assigned list, “Apple Multiple Products” also get mentioned, along with:
Cisco
Raspberry Pi
TrendMicro
VMWare

& many others

From NCSC’s Weekly Threat Report 5th April 2019

DCMS survey highlights 11% reduction of cyber breaches
Toyota suffers a second breach
Data exposed by banking app security flaws

2 users thanked author for this post.

Elly, satrow

Reply | Quote

Between work commitments and the site being slow, I’ve been a little remiss in updating the weekly summaries, so here are the links, for those who might like to review them:

NCAS:
Vulnerability Summary for the Week of April 8, 2019
Vulnerability Summary for the Week of April 15, 2019
Vulnerability Summary for the Week of April 22, 2019
Vulnerability Summary for the Week of April 29, 2019

NCSC:
Weekly Threat Report 12th April 2019
Weekly Threat Report 18th April 2019
Weekly Threat Report 26th April 2019
Weekly Threat Report 3rd May 2019

Hopefully normal service will resume next week 😉

3 users thanked author for this post.

satrow, Elly, Lars220

Reply | Quote

SB19-133: Vulnerability Summary for the Week of May 6, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-133
Original release date: May 13, 2019

 
In this week’s High Vulnerabilities list:
Various Cisco products
Google Android
Linux Kernel
Qualcomm firmware

Cisco, Facebook, Google Android, IBM, LibreOffice and may others also appear in the Medium & Low Vulnerability lists.

Notable entries in the Severity Not Yet Assigned list also include:
Kaspersky
NVidia
Symantec
WhatsApp (see blogpost)

and many more

From NCSC’s Weekly Threat Report 10th May 2019
https://www.ncsc.gov.uk/report/weekly-threat-report-10th-may-2019

Researchers recognise MegaCortex ransomware spike
Concern around computer skills decline in schools

2 users thanked author for this post.

Elly, satrow

Reply | Quote

SB19-140: Vulnerability Summary for the Week of May 13, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-140

Original release date: May 20, 2019

 
A long list of High Vulnerabilities includes:
Asus, Cisco, D-Link, Microsoft (multiple OS & software), NVidia, Siemens, WhatsApp;

Many of these also show in the Medium Vulnerability list, along with:
Citrix, EverNote, FoxIt PDF Reader, Heimdal, Linux Kernel, Ricoh, SAP, Seagate NAS OS, TP-Link, Xerox, Zoho;

… which also show in the Low Vulnerability list, along with McAfee.

The Severity Not Yet Assigned list includes many more, incl.
Dell EMC, F-Secure, Intel AMT, NUC and multiple other products, VMWare
and many, many more

From NCSC’s Weekly Threat Report 17th May 2019
https://www.ncsc.gov.uk/report/weekly-threat-report-17th-may-2019

Millions of devices affected by Cisco bugs
WhatsApp vulnerability – update your devices
Organisations urged to patch Microsoft SharePoint
Fix released for Windows vulnerability discovered by NCSC

1 user thanked author for this post.

Elly

Reply | Quote

SB19-147: Vulnerability Summary for the Week of May 20, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-147

Original release date: May 27, 2019

 
High vulnerabilities include:
Adobe Acrobat & Reader, Flash Player, InDesign, etc. (“impressive” list of CVE’s, and a similar list in the Medium vulnerability list)
Citrix
Intel (various)

There are also a large number of Medium, Low and Not Yet Assigned vulnerabilities, incl.:
EnigMail
F-Secure
Google Chrome (browser)
IBM
Linux Kernel
Adobe Photoshop CC, Shockwave Player
BitDefender
Panda Security
Qualcomm (multiple products)
TP-Link TL-WR840N v5

and many, many more

From NCSC’s Weekly Threat Report 24th May 2019:
https://www.ncsc.gov.uk/report/weekly-threat-report-24th-may-2019

TalkTalk customer details found online following 2015 data beach
Instagram data stored unsecurely
Hackers breach Stack Overflow Q&A site

2 users thanked author for this post.

Elly, satrow

Reply | Quote

SB19-154: Vulnerability Summary for the Week of May 27, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-154

Original release date: June 03, 2019

 
On this week’s High Vulnerability list:
Adobe Acrobat & Reader, Digital Editions, Photoshop CC etc.
Linux Kernel
Qualcomm Snapdragon firmware

Adobe further features in the Medium Vulnerability list:
Creative Cloud Desktop Application, Flash Player, etc.
IBM
Oracle

On the Severity Not Yet Assigned list:
BitDefender
Evernote 7.9 on macOS
Google Sign-In
HP Workstation BIOS (UEFI Firmware)
NVIDIA GeForce Experience versions prior to 3.19

and many more

From NCSC’s Weekly Threat Report 31st May 2019
https://www.ncsc.gov.uk/report/weekly-threat-report-31st-may-2019

Online services suffer hacks exposing customer data (Flipboard)
Windows vulnerability still affecting nearly 1 million computers

1 user thanked author for this post.

Elly

Reply | Quote

SB19-161: Vulnerability Summary for the Week of June 3, 2019
https://www.us-cert.gov/ncas/bulletins/SB19-161

Original release date: June 10, 2019

 
On this week’s High Vulnerability list:
HP, incl. HPE Intelligent Management Center (IMC)
Huawei
LinkSys
Linux Kernel

Also in the Medium Vulnerability list:
BitDefender
Cisco
Citrix
FoxIt PDF Software, Studio Photo
Malwarebytes Antimalware
NVIDIA Vibrante Linux version
Yubico

On the Severity Not Yet Assigned list:
Dell EMC
Google Android
Huawei smartphones
IBM
Samsung
TP-Link Router
VMWare
Broadcom firmware (before summer 2014)

and many more

From NCSC’s Weekly Threat Report 7th June 2019
https://www.ncsc.gov.uk/report/weekly-threat-report-7th-june-2019

Unsecured database exposes security logs of major hotel chains
Pyramid Hotel Group manages hotels in the US, Hawaii, the Caribbean, Ireland, and the UK, including Marriott, Sheraton and Hilton properties.

Organisations still struggle to manage vulnerability patching

Microsoft drop password expiration policies

Windows vulnerability still affecting nearly 1 million computers

1 user thanked author for this post.

Elly

Reply | Quote

Huh. Really feels like there ought to be more subclassifications in “High” in there.
Like the Linux kernel vulnerabilities, of which two are specific to non-mainstream hardware (IBM pSeries and Oracle Sparc), don’t look like they’d be remotely exploitable at all, and at least the IBM pSeries one looks like it probably needs elevated privileges already…

I mean, compared to something like the Exim vulnerability, or the Zyxel P-660HN-T1 authentication, really a lot less of a problem.

(The third Linux kernel one definitely is remotely exploitable… on specific hardware.)

Reply | Quote

Are the weekly NCAS Vulnerability  summaries still being published?  I haven’t seen one in AskWoody for about 2 months.  If they’re in another forum than Code Red security  please let me know.

regards

GeoffB

Reply | Quote

Sorry Geoff, I’ve been snowed under recently, so they haven’t been on my top priority list (and I wasn’t sure anyone other than me was interested in the reports anyway!) 🙂

It’s not that they have been relocated. I’ll see what I can do…

1 user thanked author for this post.

satrow

Reply | Quote

Kirsty:  thanks for the update.

With all the changes/integration on the AskWoody site, I can understand there are more important things than the NCAS reports!

Regards

GeoffB

Reply | Quote

Catch-up links (with my apologies):

NCSC Weekly Security Bulletins:
Weekly Threat Report 14th June 2019
Weekly Threat Report 21st June 2019
Weekly Threat Report 28th June 2019
Weekly Threat Report 5th July 2019
Weekly Threat Report 12th July 2019
Weekly Threat Report 19th July 2019
Weekly Threat Report 26th July 2019
Weekly Threat Report 2nd August 2019
Weekly Threat Report 9th August 2019
Weekly Threat Report 16th August 2019
Weekly Threat Report 23rd August 2019
Weekly Threat Report 30th August 2019
Weekly Threat Report 6th September 2019
Weekly Threat Report 13th September 2019
Weekly Threat Report 20th September 2019
Weekly Threat Report 27th September 2019
Weekly Threat Report 4th October 2019
Weekly Threat Report 11th October 2019
Weekly Threat Report 18th October 2019
Weekly Threat Report 25th October 2019
Weekly Threat Report 1st November 2019
Weekly Threat Report 8th November 2019
Weekly Threat Report 15th November 2019
Weekly Threat Report 22nd November 2019

NCAS to follow… as time permits 🙂

3 users thanked author for this post.

GeoffB, satrow, DrBonzo

Reply | Quote

At the risk of playing fast and loose with the lounge rules, I think this deserves more than a click on the ‘Thanks’ button. So, Thanks Kirsty! (and no apologies needed – been a lot going on at AskWoody, and it seems you’ve also been having some Win 10 update issues)

Reply | Quote

Recent NCSC Weekly Security Bulletins:

Weekly Threat Report 29th November 2019
Weekly Threat Report 6th December 2019
Weekly Threat Report 13th December 2019
Weekly Threat Report 20th December 2019

 
Excerpt from 20th December Report:

Google lets users know if their password has been hacked
Google will now automatically alert people if they are using a password that has been compromised by hackers or leaked as part of a data breach.

The new feature, which is included in the latest update to the Chrome web browser, is built into Google’s existing password manager. It scans passwords entered against a database of known stolen passwords which have been leaked online.

Reply | Quote

Catch-up NCAS Links to recent Weekly Security Bulletins:

SB19-168 : Vulnerability Summary for the Week of June 10, 2019
SB19-175 : Vulnerability Summary for the Week of June 17, 2019
SB19-182 : Vulnerability Summary for the Week of June 24, 2019
SB19-189 : Vulnerability Summary for the Week of July 1, 2019
SB19-196 : Vulnerability Summary for the Week of July 8, 2019
SB19-203 : Vulnerability Summary for the Week of July 15, 2019
SB19-210 : Vulnerability Summary for the Week of July 22, 2019
SB19-217 : Vulnerability Summary for the Week of July 29, 2019
SB19-224 : Vulnerability Summary for the Week of August 5, 2019
SB19-231 : Vulnerability Summary for the Week of August 12, 2019
SB19-238 : Vulnerability Summary for the Week of August 19, 2019
SB19-245 : Vulnerability Summary for the Week of August 26, 2019
SB19-252 : Vulnerability Summary for the Week of September 2, 2019
SB19-259 : Vulnerability Summary for the Week of September 9, 2019
SB19-266 : Vulnerability Summary for the Week of September 16, 2019
SB19-273 : Vulnerability Summary for the Week of September 23, 2019
SB19-280 : Vulnerability Summary for the Week of September 30, 2019
SB19-287 : Vulnerability Summary for the Week of October 7, 2019
SB19-294 : Vulnerability Summary for the Week of October 14, 2019
SB19-301 : Vulnerability Summary for the Week of October 21, 2019
SB19-308 : Vulnerability Summary for the Week of October 28, 2019
SB19-315 : Vulnerability Summary for the Week of November 4, 2019
SB19-322 : Vulnerability Summary for the Week of November 11, 2019
SB19-329 : Vulnerability Summary for the Week of November 18, 2019
SB19-336 : Vulnerability Summary for the Week of November 25, 2019
SB19-343 : Vulnerability Summary for the Week of December 2, 2019
SB19-350 : Vulnerability Summary for the Week of December 9, 2019

🙂

1 user thanked author for this post.

satrow

Reply | Quote

SB19-357: Vulnerability Summary for the Week of December 16, 2019
https://www.us-cert.gov/ncas/bulletins/sb19-357

Original release date: December 23, 2019

 
On this week’s High Vulnerabilities list:
Multiple Apple products (iCloud, macOS, etc)
Linux Kernel
Qualcomm Snapdragon (multiple products)

iOS features in the Medium Vulnerabilities list, along with other Apple products, as well as multiple Huawei smartphones.

Adobe Acrobat/Reader & Photoshop feature in the Severity Not Yet Assigned list, as well as:
more Apple entries
D-Link DIR-615 devices
multiple Intel products
Trend-Micro security products…
and many, many more.

1 user thanked author for this post.

GeoffB

Reply | Quote