/ Cisco Event Response: February 2022 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication

Cisco released its semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication on February 23, 2022. In direct response to customer feedback, Cisco releases bundles of Cisco FXOS and NX-OS Software Security Advisories on the fourth Wednesday of the month in February and August of each calendar year:

https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74834

/ Horde Webmail 5.2.22 - Account Takeover via Email

https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/

/ New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft’s Official Store

https://research.checkpoint.com/2022/new-malware-capable-of-controlling-social-media-accounts-infects-5000-machines-and-is-actively-being-distributed-via-gaming-applications-on-microsofts-official-store/

Update: Blocky installer noscript is updated

Added new features:
* Backup blocky
* Uninstall blocky
* Self checking blocky installation health

Project repository: https://github.com/m0zgen/blocky-installer

Also you can will try to open BLD DNS project from Sys-Adm.in with based on blocky

Be safe ✌️

/ Zabbix - A Case Study of Unsafe Session Storage

https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage

/ GitLab Critical Security Release: 14.8.2, 14.7.4, and 14.6.5

GitLab strongly recommend that all GitLab installations be upgraded to one of these versions immediately:

https://about.gitlab.com/releases/2022/02/25/critical-security-release-gitlab-14-8-2-released/

/ Windows 11 known issues and notifications

Files might persist after resetting a Windows device...:

https://docs.microsoft.com/en-us/windows/release-health/status-windows-11-21h2

/ (RU) Служба безопасности Яндекс Еды сообщила об утечке информации

https://yandex.ru/company/services_news/2022/01-03-2022

(EN) Yandex Food Security Service reported a leak of information

/ JFrog Discloses 5 Memory Corruption Vulnerabilities in PJSIP – A Popular Multimedia Library

PJSIP supplies an API that can be used by IP telephony applications such as VoIP phones and conference applications. It is used today by the world’s most popular communication applications such as WhatsApp and BlueJeans. PJSIP is also used by Asterisk, the ubiquitous open-source PBX (private branch exchange) implementation:

https://jfrog.com/blog/jfrog-discloses-5-memory-corruption-vulnerabilities-in-pjsip-a-popular-multimedia-library/

/ How I Cracked CONTI Ransomware Group’s Leaked Source Code ZIP File

https://medium.com/@whickey000/how-i-cracked-conti-ransomware-groups-leaked-source-code-zip-file-e15d54663a8

/ Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks

Daxin is a backdoor that allows the attacker to perform various operations on the infected computer such as reading and writing arbitrary files.

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage

/ Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS)

Could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the underlying operating system of an affected device as the root user:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-filewrite-87Q5YRk

 
News: Open BLD DNS Services Updates and Releases

Hi everybody, at the last few month I updated and improved BLD DNS ecosystem and I want to share this news with you:

- Released few bash/go utils for dns checking/testing:
-- https://github.com/m0zgen/check-dns-servers
-- https://github.com/m0zgen/bld-lookup
-- https://github.com/m0zgen/dns-tester
-- https://github.com/m0zgen/mac-dns

- BLD Update Server sources now available for public:
-- https://github.com/m0zgen/bld-server

- Added new worldwide locations to BLD Infrastructure
- BLD DNS Service infrastructure updated and improved for auto-deployment and fast recovery
- New version BLD Service released
- BLD "black-box" mode will implement to all BLD DNS infrastructure
- BLD Service Page has been updated - https://bld.sys-adm.in

If you haven't tried Open BLD DNS Service yet, then try it, I'm sure you and your friends will like it 🙂

Sys-Admin BLD Project website - https://lab.sys-adm.in

Take you care. Peace ✌️
 

/ Security Vulnerabilities fixed in Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0

Update your browser as possible:

https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/

/ Security Notice: NVIDIA Response to Security Incident - March 2022

https://nvidia.custhelp.com/app/answers/detail/a_id/5333

/ New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?

https://unit42.paloaltonetworks.com/cve-2022-0492-cgroups/

/ CVE-2022-0847: Linux kernel: overwriting read-only files

https://www.openwall.com/lists/oss-security/2022/03/07/1

/ TCP Middlebox Reflection: Coming to a DDoS Near You

https://www.akamai.com/blog/security/tcp-middlebox-reflection

/ RagnarLocker Ransomware Indicators of Compromise

https://www.ic3.gov/Media/News/2022/220307.pdf

/ Remote Desktop Client Remote Code Execution Vulnerability

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21990