Nmap Development — Unmoderated technical development forum for debating ideas, patches, and suggestions regarding proposed changes to Nmap and related projects. Subscribe here.

• Current Quarter
•  Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Re: Possible bug? Daniel Miller (Jul 22)
Shaun,

That's an interesting problem. I can see you're using Nmap on Windows;
which version of Npcap are you using? You can get this information by
running: nmap --version

What is the output of the following command when port 443 is open and also
when it is closed? nmap -d -p1-10,80,443

Dan

On Mon, Jul 20, 2020 at 1:39 AM Shaun Michelson via dev <dev () nmap org>
wrote:

Re: Incremental TCP scanning to find a zombie Paulino Calderon (Jul 20)
You won't find it in modern operating systems but in corporate networks we often find printers, scanners, web cams,
DVRs, etc still use incremental IPIDs.

Cheers.

Possible bug? Shaun Michelson via dev (Jul 19)
I have come across a case where, if you open port 443 on a public facing interface, nmap will report dozens of other
open ports on that host. If you then close port 443, nmap cannot detect the host at all. I have replicated on multiple
hosts running both Ubuntu and Windows Server OS.

Attached are the results of an example nmap scan on a machine with a single port open (443), the results of which show
dozens of other ports open.

Also attached...

Github PR #1953 scan_engine_connect: allow -g (w/ or w/o -S) for tcp connect scan Simone Chiarelli (Jul 19)
scan_engine_connect: allow -g (w/ or w/o -S) for tcp connect scan

Allow settings source port through bind() for tcp connect scan for ipv4/ipv6, optionally in conjuction with -S.
Ports under 1024 will usually fail if not root, but for what I could see on macOS 10.15.2 they will be set when binding
to INADDR_ANY/in6addr_any (0.o)_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev...

【VPN】免费无限制访问所有国外网站-自带VpN加速功能最 ...:2021-5-21 · 软件不用什么设置，进去输入你想进的网站网址就可以了[勉强][玫瑰] 【应用名称】：Tenta 浏览器汉化版 【应用版本】：3.1.6 Claudia Pellegrino (Jul 19)
Dear nmap developers,

As suggested by CONTRIBUTING.md, this is to let you know that I submitted a pull request on the nmap mirror on GitHub.

The pull request aims to fix an integer truncation issue with regard to rlimit.

The title of the PR:

Truncate rlim_cur/rlim_max if greater than INT_MAX
The URL to the PR:

http://github.com/nmap/nmap/pull/2085
The PR description:

On macOS, the rlim_t type used by rlimit is 64 bits wide. For me,...

bug Josue Carames (Jul 19)
I am unable to type or paste anything into the target field. I am using the latest version 7.80 and I am using macOS
10.15.5.

I appreciate any help.

P.S. I tried uninstalling it and re-installing it and the error still persists.

电脑怎么浏览国外网站:2021-6-13 · 用VPN.在我的百度空间有一款,你看看,个人一直在用,速度不错,有6个IP可选,建议先不买,免费用用先,好的再买.包年的话会比包月划算好多,电脑,手机IPHONE,上Facebook,推特等国外网站或者国外游戏服务器加速都可以了上.当然免费的也可以用到手机上的.呵呵 Gaëtan Frenoy (Jul 19)
Dear committers,

As suggested in the CONTRIBUTING[1] document, here is a short mail to
let you know that PR2073[2] has been submitted on GitHub.

This PR implements a new feature discussed in issue #2060[3] :

One can now optionally use the environment variable NCAT_PROXY_AUTH to
specify SOCKS5 proxy credentials.
This reduces the risk of the credentials being captured in process logs.
Note that option --proxy-auth takes precedence.

Thanks for...

Incremental TCP scanning to find a zombie 手机浏览国外网站的方法
This is probably the wrong place to ask, but google shows that most of
the OS's out there not longer have this flaw.  Do you know any OS
(either past or present) that this will work against?  I have the book
but only found examples.

Thank you.

Regards

Daniel Wagner

AW: NDIS Filter driver in Npcap Lisa Hofmann (Jul 19)
Hello Daniel,

thank you for your answer. It really helped me with my problem.

Best regards,

Lisa

________________________________
Von: Daniel Miller <bonsaiviking () gmail com>
Gesendet: Dienstag, 14. Juli 2020 22:44:32
An: Lisa Hofmann
Cc: dev () nmap org
Betreff: Re: NDIS Filter driver in Npcap

Lisa,

Thanks for inquiring. I was not involved in Npcap design from the beginning, but I currently maintain it. The
advantages of the...

如何提高在外国网站下载软件或文件的速度_weixin ...:2021-9-5 · 在学习工作过程中往往需要下载国外网站上的一些在资源，但是因为很多原因，下载速度不尽人意，夸张的可能需要下载好几天，同时还经常伴有传输失败。这里提供一种方法，通过百度云的离线下载，加速我们的下载过程。糟心的下载速度：1.获取下载URL2.找到百度云的离线下载，粘贴下载链接 ... Daniel Miller (Jul 14)
Lisa,

Thanks for inquiring. I was not involved in Npcap design from the
beginning, but I currently maintain it. The advantages of the filter driver
implementation over protocol driver are primarily related to performance.
As a protocol driver, WinPcap sits next to TCPIP and other protocol drivers
and does not naturally see any of the traffic they generate. Instead, it
has to instruct NDIS to loop back all traffic from other protocols when it...

如何提高在国外网站的下载速度-CSDN论坛:2021-7-8 · 解决外网下载速度过慢问题 今天在研究《Algorithm4》及学习配套课程，作为一本值得顶礼膜拜的书，我是下了很大的决心来啃下这本书的内容，熟知在第一步Java环境配置上就遇见了第一只拦路虎，在资料中，给出了一个软件lift-java-installer.exe作为编译环境，结果因为原下载网址在国外的普林斯顿 … Gildásio Júnior (Jul 12)
Hi all,

Looking in contributing guidelines it recommends to send an e-mail about
a PR created by me. So...

I open a simple PR changing a rule to catch Apache web server
information in an specific case.

Using nmap-service-probe updated until today:

```

Starting Nmap 7.80 ( http://nmap.org ) at 2020-07-12 20:20 -03
Nmap scan report for lab (172.16.0.201)
Host is up (0.0025s latency).

PORT STATE SERVICE VERSION
80/tcp open http Apache...

NDIS Filter driver in Npcap 哪些方法可以浏览国外网站
Hello,

for my master thesis I am currently working on a similar tool as Npcap which will also be based on NDIS 6.x. Therefore
I wanted to ask you why Npcap is using a NDIS filter driver while WinPcap uses a protocol driver?

With kind regards,

Lisa

Re: Nmap ICMP Scan Technical Question Robin Wood (Jun 26)

Re: Probe submission for OpenText Gupta SQLBase Gordon Fyodor Lyon (Jun 26)
Thanks Matthias! To better track this submission, I created an issue for
it here: http://github.com/nmap/nmap/issues/2071

We've been really focused on Npcap for the last year (because it is
critical infrastructure for Nmap), but we're about to turn a lot more of
our attention to Nmap proper!

Cheers,
Fyodor

Re: Nmap ICMP Scan Technical Question Andrew Morrison via dev (Jun 26)

Nmap Announce — Moderated list for the most important new releases and announcements regarding the Nmap Security Scanner and related projects. We recommend that all Nmap users subscribe.

• Previous Year
•  Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Nmap Defcon Release! 80+ improvements include new NSE scripts/libs, new Npcap, etc. Gordon Fyodor Lyon (Aug 10)
Fellow hackers,

I'm here in Las Vegas for Defcon and delighted to release Nmap 7.80. It's
the first formal Nmap release in more than a year, and I hope you find it
worth the wait!

The main reason for the delay is that we've been working so hard on our
Npcap Windows packet capturing driver. As many of you know, Windows Nmap
traditionally depended on Winpcap for packet capture. That is great
software, but it has been...

Nmap 7.70 released! Better service and OS detection, 9 new NSE scripts, new Npcap, and much more. Fyodor (Mar 20)
Nmap Community,

We're excited to make our first Nmap release of 2018--version 7.70! It
includes hundreds of new OS and service fingerprints, 9 new NSE scripts
(for a total of 588), a much-improved version of our Npcap windows packet
capturing library/driver, and service detection improvements to make -sV
faster and more accurate. And those are just a few of the dozens of
improvements described below.

Nmap 7.70 source code and binary...

Full Disclosure — A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

• Previous Month
•  Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

用什么加速器可以免费上国外网站_好运百科:2021-6-5 · 话题：免费加速器能看外国网站的 问：急啊，要能用的啊 推荐回答：这里有，自己去下载吧，不过不是VPN，功效和VPN是相同的，不用安装设置，永久免费，简单好用。因各地网络情况不一样，软件的使用效果也不一样，请一个一个的试，哪个好用用哪个。 大陆怎么浏览外国网站
Advisory ID: SYSS-2020-015
Product: ABUS Secvest Hybrid module (FUMO50110)
Manufacturer: ABUS
Affected Version(s): N/A
Tested Version(s): N/A
Vulnerability Type: Authentication Bypass Using an Alternate Path or
Channel (CWE-288)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2020-04-03
Solution Date: -
Public Disclosure: 2020-07-30
CVE Reference: CVE-2020-14158
Authors of Advisory: Michael Rüttgers, Thomas...

SEC Consult SA-20200728-0 :: Stored Cross-Site Scripting (XSS) Vulnerability in Namirial SIGNificant SignAnyWhere SEC Consult Vulnerability Lab (Jul 29)
SEC Consult Vulnerability Lab Security Advisory < 20200728-0 >
=======================================================================
title: Stored Cross-Site Scripting (XSS) Vulnerability
product: Namirial SIGNificant SignAnyWhere
vulnerable version: v6.10.60.25434 (SSP v4.22.60.25434)
v6.10.100.25817 (SSP v4.22.100.25817)
fixed version: v19.76.0.26030 (SSP v19.76.0.26030)...

Vulnerability Repot# MAMP PRO 4.2.0 Local Privilege Escalation Nicholas (Jul 24)
Hi!

I have discovered a local privilege escalation vulnerability on MAMP PRO
4.2.0 and would like to post it. Please kindly check the attached file.

Best regards,
Nicholas
# Exploit Title: MAMP PRO 4.2.0 Local Privilege Escalation
# Date: 2020-07-08
# Exploit Author: b1nary
# Vendor Homepage: 如何进入外国网站
# Software Link: http://downloads.mamp.info/MAMP-PRO-WINDOWS/releases/4.2.0/MAMP_MAMP_PRO_4.2.0.exe
# Version: 4.2.0
# Tested on:...

Defense in depth -- the Microsoft way (part 70): CVE-2014-0315 alias MS14-019 revisited Stefan Kanthak (Jul 24)
Hi @ll,

This multi-part post can be read even without a MIME-compliant program!

Back in 2014, I reported a vulnerability in CreateProcess()'s handling of
*.cmd and *.bat files that Microsoft fixed with MS14-019 alias MSKB 2922229
and assigned CVE-2014-0315: command lines with a batch script as first token
led to the execution of a (rogue) cmd.exe from the CWD (or the search path).

<...

Three vulnerabilities found in MikroTik's RouterOS Q C (Jul 24)
Advisory: three vulnerabilities found in MikroTik's RouterOS

Details
=======

Product: MikroTik's RouterOS
Vendor URL: 怎样浏览国外的网站
Vendor Status: fixed version released
CVE: -
Credit: Qian Chen(@cq674350529) of Qihoo 360 Nirvan Team

Product Description
==================

RouterOS is the operating system used on the MikroTik's devices, such as
switch, router and access point.

Description of vulnerabilities...

【海龟加速器】海龟加速器 V9.3.7官方pc版官方免费下载 ...:2021-4-22 · 相关软件软件大小版本说明下载地址 雷神NN加速器 v6.1.2.0官方版27.8Mv6.1.2.0官方版查看 海龟加速器是一款可以帮助海外华人高速访问国内网络，海龟加速器电脑版一键连接国内网络，畅享国内视频、音乐、游戏。全球专线布局，海量线路 SEC Consult Vulnerability Lab (Jul 24)
SEC Consult Vulnerability Lab Security Advisory < 20200724-0 >
=======================================================================
title: Privilege Escalation Vulnerability
product: SteelCentral Aternity Agent
vulnerable version: 11.0.0.120
fixed version:
CVE number: CVE-2020-15592, CVE-2020-15593
impact: Critical
homepage: http://www.riverbed.com/gb/...

Advisory:[CVE-2020-15596]ALPS ALPINE DLL Hijacking Issue Caiyuan Xie (Jul 21)
Summary:
A vulnerability to DLL preloading attacks was found in the ALPS ALPINE Touchpad driver, which might allow an attacker
to execute malicious code. ALPS ALPINE has released updates to mitigate this potential vulnerability.
Vulnerability Details:
The ALPS ALPINE Touchpad driver may try to load DLLs that are not always present in the driver package. If an attacker
can gain control of one of the DLL search directories, a malicious copy of...

Mida Solutions eFramework <= 2.9.0 Multiple Vulnerabilities 看国外网站加速软件
=============================================
Title: Mida Solutions eFramework Multiple Vulnerabilities
Date: 19/07/2020
Author: Andrea Baesso
Reference: http://elbae.github.io/jekyll/update/2020/07/14/vulns-01.html
Vendor Homepage: http://www.midasolutions.com/
Software Link: ova-efw.midasolutions.com
Software: Mida eFramework
Versions: <=2.9.0
Tested on: 2.8.9, 2.9.0
CVE : Mitre is aware, still waiting...

SEC Consult SA-20200717-0 :: Multiple Vulnerabilities in WonderCMS 网易云音乐加速软件v1.1 安卓版 一键打卡310首歌 _软件工具 ...:2021-6-14 · 网易云音乐加速软件v1.1 安卓版 一键打卡310首歌 昨天更新的软件不能使用了 今天给大家重新修复了一下 记得卸载软件重新下载 提示乱码的 确认一下账号密码是否正确 多按几次 “签到打卡”
SEC Consult Vulnerability Lab Security Advisory < 20200717-0 >
=======================================================================
title: Multiple Vulnerabilities
product: WonderCMS
vulnerable version: <=3.1.0
fixed version: -
CVE number: -
impact: High
homepage: http://www.wondercms.com/
found: 2020-04-30
by: Calvin Phang (Office...

APPLE-SA-2020-07-15-5 Safari 13.1.2 Apple Product Security via Fulldisclosure (Jul 17)
APPLE-SA-2020-07-15-5 Safari 13.1.2

Safari 13.1.2 is now available and addresses the following:

Safari Downloads
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious attacker may be able to change the origin of a
frame for a download in Safari Reader mode
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9912: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)...

APPLE-SA-2020-07-15-4 watchOS 6.2.8 网页看视频加速器_看国外视频网站加速器 - 云+社区 - 腾讯云:视频（Video）泛指将一系列静态影像以电信号的方式加以捕捉、纪录、处理、储存、传送与重现的各种技术。连续的图像变化每秒超过24帧（frame）画面以上时，根据视觉暂留原理，人眼无法辨别单幅的静态画面；看上去是平滑连续的视觉效果，这样连续的画面叫做视频。
APPLE-SA-2020-07-15-4 watchOS 6.2.8

watchOS 6.2.8 is now available and addresses the following:

Audio
Available for: Apple Watch Series 1 and later
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9889: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab

Audio
Available for: Apple Watch Series...

网传Model 3自动加速 刹车失灵后碰撞起火：特斯拉官方回应 ...:今天 · 6·18活动已全面开启 大促活动入口汇总： 阿里云6·18上云年中大促 点击领取最高12021元红包 天翼云“年中上云节”已上线 云产品全场0.6折起 8888元 ... Apple Product Security via Fulldisclosure (Jul 17)
APPLE-SA-2020-07-15-3 tvOS 13.4.8

tvOS 13.4.8 is now available and addresses the following:

Audio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9889: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab

Audio
Available for: Apple TV 4K and Apple TV...

APPLE-SA-2020-07-15-2 macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra Apple Product Security via Fulldisclosure (Jul 17)
APPLE-SA-2020-07-15-2 macOS Catalina 10.15.6, Security Update
2020-004 Mojave, Security Update 2020-004 High Sierra

macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security
Update 2020-004 High Sierra are now available and address the
following:

Audio
Available for: macOS Catalina 10.15.5
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with...

APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6 Apple Product Security via Fulldisclosure (Jul 17)
APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6

iOS 13.6 and iPadOS 13.6 are now available and address the following:

Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9888: JunDong Xie and XingWei Li of...

VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960] Cfir Cohen via Fulldisclosure (Jul 17)
Overview
=======
We identified several security issues in the ESIx virtual machine
monitor (VMM): a use-after-free (UAF) vulnerability in PVNVRAM, a
missing return value check in EHCI USB controller leading to private
heap information disclosure, and several OOB reads.

All issues have been fixed by the vendor. Links to the patches are
provided below.

ESXi PVNVRAM Use After Free [CVE-2020-3963]
======================================
The...

Bugtraq — The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

• Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Defense in depth -- the Microsoft way (part 62): Windows shipped with end-of-life components Stefan Kanthak (Feb 25)
Hi @ll,

since Microsoft Server 2003 R2, Microsoft dares to ship and install the
abomination known as .NET Framework with every new version of Windows.

Among other components current versions of Windows and .NET Framework
include

C# compiler (C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe,
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe)
J# compiler (C:\Windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe,...

Local information disclosure in OpenSMTPD (CVE-2020-8793) Qualys Security Advisory (Feb 25)
Qualys Security Advisory

Local information disclosure in OpenSMTPD (CVE-2020-8793)

==============================================================================
Contents
==============================================================================

Summary
Analysis
Exploitation
POKE 47196, 201
Acknowledgments

==============================================================================
Summary...

LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) Malus加速器唯一官方网站 - 海外必备，一键回国，50万用户 ...:开始使用Malus来加速访问中国的音视频和网站，简单快速好用，帮你解锁优酷B站腾讯视频等国内各种服务.海棠Malus回国加速器致力于帮助海外华人和留学生提供加速中国大陆音视频的服务，可以在海外流畅使用中国的网站和音视频服务，提供专业稳定的全球回国线路和回国节点。
Qualys Security Advisory

LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)

==============================================================================
Contents
==============================================================================

Summary
Analysis
...
Acknowledgments

==============================================================================
Summary...

[SECURITY] [DSA 4633-1] curl security update Alessandro Ghedini (Feb 25)
-------------------------------------------------------------------------
Debian Security Advisory DSA-4633-1 security () debian org
http://www.debian.org/security/ Alessandro Ghedini
February 22, 2020 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : curl
CVE ID : CVE-2019-5436 CVE-2019-5481...

Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888) Jamie R (Feb 25)
I've quoted the Cisco summary below as it's pretty accurate.

tl;dr is an admin user on the web console can gain command execution
and then escalate to root. If this is an issue in your environment,
then please patch.

Thanks to Cisco PSIRT who were responsive and professional.

Shouts to Andrew, Dave and Senad, Pedro R - if that's still even a
thing on advisories.

Ref:...

[TZO-22-2020] Qihoo360 | GDATA | Rising | Command Generic Malformed Archive Bypass 怎样浏览国外的网站

[TZO-16-2020] - F-SECURE Generic Malformed Container bypass (GZIP) Thierry Zoller (Feb 24)

国外破解网站大全-『外文翻译』-看雪安全论坛 - pediy.com:2021-2-16 · 谢谢楼主的分享，不过有些已经不能上了。其实看雪就挺好的，先学习了基础，再上国外的论坛也不迟呀。 Slackware Security Team (Feb 20)
[slackware-security] proftpd (SSA:2020-051-01)

New proftpd packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/proftpd-1.3.6c-i586-1_slack14.2.txz: Upgraded.
No CVEs assigned, but this sure looks like a security issue:
Use-after-free vulnerability in memory pools during data transfer.
(* Security...

[SECURITY] [DSA 4628-1] php7.0 security update Moritz Muehlenhoff (Feb 19)
-------------------------------------------------------------------------
Debian Security Advisory DSA-4628-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
February 18, 2020 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php7.0
CVE ID : CVE-2019-11045 CVE-2019-11046...

[SECURITY] [DSA 4629-1] python-django security update Sebastien Delafond (Feb 19)
-------------------------------------------------------------------------
Debian Security Advisory DSA-4629-1 security () debian org
http://www.debian.org/security/ Sebastien Delafond
February 19, 2020 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : python-django
CVE ID : CVE-2020-7471
Debian Bug...

[TZO-18-2020] - Bitdefender Malformed Archive bypass (GZIP) Thierry Zoller (Feb 18)

[TZO-17-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN) Thierry Zoller (Feb 18)

[SECURITY] [DSA 4626-1] php7.3 security update Moritz Muehlenhoff (Feb 18)
-------------------------------------------------------------------------
Debian Security Advisory DSA-4626-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
February 17, 2020 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php7.3
CVE ID : CVE-2019-11045 CVE-2019-11046...

[SECURITY] [DSA 4627-1] webkit2gtk security update Moritz Muehlenhoff (Feb 18)
-------------------------------------------------------------------------
Debian Security Advisory DSA-4627-1 security () debian org
http://www.debian.org/security/ Alberto Garcia
February 17, 2020 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : webkit2gtk
CVE ID : CVE-2020-3862 CVE-2020-3864...

Web Application Firewall bypass via Bluecoat device RedTimmy Security (Feb 16)
Hi,
we have published a new post in our blog titled "How to hack a company by circumventing its WAF through the abuse of a
different security appliance and win bug bounties".

We basically have [ab]used a Bluecoat device behaving as a request forwarder to mask our malicious payload, avoid WAF
detection, hit an HTTP endpoint vulnerable to RCE and pop out a shell.

Full story is here:...

Security Basics — A high-volume list which permits people to ask "stupid questions" without being derided as "n00bs". I recommend this list to network security newbies, but be sure to read Bugtraq and other lists as well.

• Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

CarolinaCon-15 is April 26-28, 2019 in Charlotte NC - Call For Papers/Presenters is now open Vic Vandal (Feb 03)
We are pleased to announce that CarolinaCon-15 will be on April 26th-28th 2019 in Charlotte NC at the Renaissance
Charlotte Suites. All who are interested in speaking on any topic in the realm of hacking, cybersecurity, technology,
science, robotics or any related field are invited to submit a proposal to present at the con. Full disclosure that
technology or physical security exploitation type submissions are most desirable for this storied...

Penetration Testing — While this list is intended for "professionals", participants frequenly disclose techniques and strategies that would be useful to anyone with a practical interest in security and network auditing.

• Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

44CON 2018 - 12th-14th September, London (UK) Steve (Feb 28)
44CON 2018 is the UK's best annual Security Conference and Training event. The conference spans 2.5 days with training
on the 10th and 11th of September, a free evening event on the 12th of September, and a full two-day conference on the
13th and 14th of September. The event takes place at the ILEC Conference Centre near Earls Court, London. 44CON 2018
includes catering, private bus bar and Gin O'Clock breaks. Early Bird discounted...

用什么加速器可以免费上国外网站_好运百科:2021-6-5 · 话题：免费加速器能看外国网站的 问：急啊，要能用的啊 推荐回答：这里有，自己去下载吧，不过不是VPN，功效和VPN是相同的，不用安装设置，永久免费，简单好用。因各地网络情况不一样，软件的使用效果也不一样，请一个一个的试，哪个好用用哪个。 omarbv (Feb 11)
On the occasion of the ninth edition of RootedCON, the most important
computer security conference in the country, around 2,000 hackers will
meet to discuss new questions and researchs about the cybersecurity
world, with its risks and threats. National and international experts
have included in their agendas this mandatory appointment to discuss new
vulnerabilities, viruses, and other threats, they will also talk about
countermeasures in order...

Info Security News — Carries news items (generally from mainstream sources) that relate to security.

• Previous Month
•  Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Zoom private meeting passwords were easily crackable InfoSec News (Jul 30)
http://www.itnews.com.au/news/zoom-private-meeting-passwords-were-easily-crackable-551095

By Juha Saarinen
itnews.com.au
July 31, 2020

The automatically generated passwords protecting private Zoom meetings
could be cracked with relative ease, allowing access to sensitive
conferences, a researcher has discovered.

Web site developer Tom Anthony decided on March 31 this year to see if he
could crack the password for private Zoom meetings....

Pentagon needs access to defense companies' networks to hunt cyberthreats, says commission InfoSec News (Jul 30)
http://www.c4isrnet.com/cyber/2020/07/30/pentagon-needs-access-to-defense-companies-networks-to-hunt-cyberthreats-says-commission/

By Mark Pomerleau
C4ISRNET.com
July 30, 2020

WASHINGTON -- The Pentagon must be able to hunt cyberthreats on the
private networks of defense companies in order to strengthen national
cybersecurity, according to one of the leaders of the Cyber Solarium
Commission.

Rep. Mike Gallagher, R-Wis., who co-chairs the...

Volunteer hacker army boosts U.S. election cybersecurity InfoSec News (Jul 30)
http://www.nbcnews.com/tech/tech-news/volunteer-hacker-army-boosts-u-s-election-cybersecurity-n1235324

By Kevin Collier
NBC News
July 30, 2020

As election officials across the country prepare for November without
knowing if they'll receive additional federal funds, a new volunteer group
hopes to ease their cybersecurity concerns for free.

Some states pay private companies for cybersecurity, while others rely on
in-house staff or...

Government can avoid the ransomware question with strong cyber policy InfoSec News (Jul 30)
http://statescoop.com/corye-douglas-avoid-ransomware-question-strong-cyber-policy/

By Corye Douglas
STATESCOOP
July 30, 2020

As the number of coronavirus cases tops 4.4 million in the U.S., the shift
to remote work has provided an opportunity for bad actors to more
successfully conduct various types of cyberattacks, with ransomware
representing one of the most devastating threats.

Unvetted computers and home networks are now relied upon to...

Multiple Tor security issues disclosed, more to come InfoSec News (Jul 30)
http://www.zdnet.com/article/multiple-tor-security-issues-disclosed-more-to-come/

By Catalin Cimpanu
Zero Day
ZDNet.com
July 30, 2020

Over the past week, a security researcher has published technical details
about two vulnerabilities impacting the Tor network and the Tor browser.

In blog posts last week and today, Dr. Neal Krawetz said he was going
public with details on two alleged zero-days after the Tor Project has
repeatedly failed to...

North Korea's Lazarus brings state-sponsored hacking approach to ransomware InfoSec News (Jul 30)
http://arstechnica.com/information-technology/2020/07/north-korea-backed-hackers-dip-their-toes-into-the-ransomware-pool/

By Dan Goodin
Ars Technica
July 29, 2020

Lazarus—the North Korean state hacking group behind the WannaCry worm, the
theft of $81 million from a Bangladesh bank, and the attacks on Sony
Pictures—is looking to expand into the ransomware craze, according to
researchers from Kaspersky Lab.

Like many of Lazarus’ early...

Toll Group unveils year-long 'accelerated' cyber resilience program InfoSec News (Jul 30)
看外国网站加速器_看国外网站加速器_看国外视频网站加速 ...:加速器是一种使带电粒子增加速度（动能）的装置。 加速器可用于原子核实验、放射性医学、放射性化学、放射性同位素的制造、非破坏性探伤等。粒子增加的能量一般都在0.1兆电子伏以上。加速器的种类很多，有回旋加速器、直线加速器、静电加速器、粒子加速器、倍压加速器等。

By Ry Crozier
itnews.com.au
July 30, 2020

Toll Group is taking its first major action since recovering from two
devastating ransomware attacks, kicking off a one year “accelerated cyber
resilience program” run by a rebuilt security team across two countries.

The logistics giant unveiled the first details of the expansive program of...

Hackers Broke Into Real News Sites to Plant Fake Stories InfoSec News (Jul 30)
http://www.wired.com/story/hackers-broke-into-real-news-sites-to-plant-fake-stories-anti-nato/

By Andy Greenberg
SECURITY
Wired.com
07.29.2020

OVER THE PAST few years, online disinformation has taken evolutionary
leaps forward, with the Internet Research Agency pumping out artificial
outrage on social media and hackers leaking documents—both real and
fabricated—to suit their narrative. More recently, Eastern Europe has
faced a broad...

YOU... SHA-1 NOT PASS! Microsoft magics away demonic hash algorithm from Windows updates, apps InfoSec News (Jul 30)
http://www.theregister.com/2020/07/29/microsoft_windows_sha_1/

By Shaun Nichols in San Francisco
The Register
July 29, 2020

Microsoft is preparing to once and for all drop support for the SHA-1 hash
algorithm.

Redmond this week said that on Monday, August 3, Windows downloads signed
using SHA-1 will no longer be offered by the Windows app'n'updates
download center, the last step in a SHA-2 transition that has been going
on for...

US defense and aerospace sectors targeted in new wave of North Korean attacks InfoSec News (Jul 30)
http://www.zdnet.com/article/us-defense-and-aerospace-sectors-targeted-in-new-wave-of-north-korean-attacks/

By Catalin Cimpanu
Zero Day
ZDNet.com
July 30, 2020

While the world was in the midst of the COVID-19 pandemic, North Korean
hackers were targeting the US defense and aerospace sectors with fake job
offers in the hopes of infecting employees looking for better
opportunities and gaining a foothold on their organizations' networks....

Cloudflare denies data leak after 3M customer IP addresses found on the dark web 手机翻国外网站教程
http://siliconangle.com/2020/07/27/cloudflare-denies-data-leak-3m-customer-ip-addresses-found-dark-web/

By Duncan Riley
SiliconAngle.com
July 27, 2020

Network security firm Cloudflare Inc. today denied a report that it
suffered a data leak after the records of some 3 million customers were
found on the shady corner of the internet called the dark web.

The claim comes from the National Coordination Center for Cybersecurity at
the National...

Election Officials Are Vulnerable to Email Attacks, Report Shows 怎样浏览国外的网站
免翻，看国外网站YouTube - QQ技术教程网站_免费分享互 ...:2021-6-4 · 免翻，看国外网站YouTube 2021/6/4 小磊 手机软件 3940 0 软件适用于安卓系统，下载完了之后直接打开是没有内容的，需要用到进行加速才能登录，随便哪款都行，比如我推荐刚刚分享的那款腾讯加速 …

By Robert McMillan
The Wall Street Journal
July 26, 2020

Many of the thousands of county and local election officials who will be
administering November’s presidential election are running email systems
that could leave them vulnerable to online attacks, a new report has
found.

Cybersecurity vendor Area 1 Security Inc. tracked more...

在中国用什么浏览器访问外国网站最快-ZOL问答:搜狗的右下角“加速器”里有全网加速功能，不过适用于国内的不同网络环境互访。自己添加代理的话需要安某些软件，或在搜狗的菜单-工具-搜狗高速浏览器选项-网络连接-自定义代理。 InfoSec News (Jul 27)
【海龟加速器】海龟加速器 V9.3.7官方pc版官方免费下载 ...:2021-4-22 · 相关软件软件大小版本说明下载地址 雷神NN加速器 v6.1.2.0官方版27.8Mv6.1.2.0官方版查看 海龟加速器是一款可以帮助海外华人高速访问国内网络，海龟加速器电脑版一键连接国内网络，畅享国内视频、音乐、游戏。全球专线布局，海量线路

By Lily Hay Newman
Security
Wired.com
July 27, 2020

ON THURSDAY, HACKERS hit the navigation and fitness giant Garmin with a
ransomware attack that took down numerous services across the company.
Garmin Connect, the cloud platform that syncs user activity data, went
dark, as did portions of Garmin.com. But as athletes found themselves
unable to record runs and...

Internal source code from 50 high-profile companies including Microsoft, Disney, and Nintendo has been leaked and posted online for people to access InfoSec News (Jul 27)
http://www.businessinsider.com/software-source-code-leaked-microsoft-nintendo-2020-7

By Katie Canales
Business Insider
July 27, 2020

Internal software source code from more than 50 high-profile companies
across tech, finance, retail, and other sectors has been leaked online.

Originally reported by the tech site Bleeping Computer, a Swiss developer
named Tillie Kottmann was able to pull source code from the likes of
Microsoft, Nintendo,...

Energy Unveils Blueprint for Nationwide, 'Unhackable' Quantum Internet InfoSec News (Jul 27)
http://www.defenseone.com/technology/2020/07/energy-unveils-blueprint-nationwide-unhackable-quantum-internet/167219/

By Brandi Vincent
Staff Correspondent
Defense One
July 27, 2020

The Energy Department on Thursday released a strategic blueprint to
construct a potentially “unhackable” nationwide quantum internet.

The plan to develop a prototype that relies on quantum mechanics to
connect next-generation computers and sensors and...

Firewall Wizards — Tips and tricks for firewall administrators

• Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Revival? Paul Robertson (Sep 11)
Since the last few attempts to revive the list have failed, I'm going to attempt a Facebook group revival experiment.
It'll be a bit broader in scope, but I'm hoping we can discuss technical security matters. The new group is
Security-Wizards on Facebook.

Paul

IDS Focus — Technical discussion about Intrusion Detection Systems. You can also read the archives of a 哪些方法可以浏览国外网站

• Archived Posts
•  RSS Feed
•  About List

Web App Security — Provides insights on the unique challenges which make web applications notoriously hard to secure, as well as attack methods including SQL injection, cross-site scripting (XSS), cross-site request forgery, and more.

• Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Faraday Beta V3.0 Released Francisco Amato (Jul 04)
Faraday helps you to host your own vulnerability management platform
now and streamline your team in one place.

We are pleased to announce the newest version of Faraday v3.0. In this
new version we have made major architecture changes to adapt our
software to the new challenges of cyber security. We focused on
processing large data volumes and to making it easier for the user to
interact with Faraday in its environment.

To install it you can...

Daily Dave — This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.

• Current Quarter
•  Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

哪些方法可以浏览国外网站 Chuck McAuley via Dailydave (Jul 17)
Isn’t using a WAF an “investment in technology to stop constant attacks?”

-chuck
From: Greg Frazier <glfrazier () alum mit edu>
Date: Friday, July 17, 2020 at 3:46 PM
To: Don Ankney <dankney () hackerco de>
Cc: John Lampe <jlampe () tenable com>, Rafal Los <Rafal () ishackingyou com>, Chuck McAuley <chuck.mcauley () keysight
com>, "dailydave () lists aitelfoundation org" <dailydave () lists...

Re: [EXTERNAL] WAF Metrics 网易云音乐加速软件v1.1 安卓版 一键打卡310首歌 _软件工具 ...:2021-6-14 · 网易云音乐加速软件v1.1 安卓版 一键打卡310首歌 昨天更新的软件不能使用了 今天给大家重新修复了一下 记得卸载软件重新下载 提示乱码的 确认一下账号密码是否正确 多按几次 “签到打卡”
I'm not parsing your argument. If you knew the bug was there, you would fix
the bug. The WAF is there to mitigate the bugs that you are not aware of.
Further, web accesses that are out of scope of your intended functionality
but do not trigger a bug may be information gathering attacks that you
would, in hindsight, have wished your WAF had blocked. I would argue that
the WAF is not a stop-gap at all--it is an integral part of your...

Re: [EXTERNAL] WAF Metrics Don Ankney via Dailydave (Jul 15)
So far, this conversation focuses on how effectively WAFs block malicious HTTP requests. I'd argue that this is both a
red herring and an abuse of WAF technology. A WAF only protects the enterprise when it blocks a request that would
trigger an actual bug. If there's no bug present, all that's really happening is that likely malicious requests are
being logged at a much higher costs than if it were simply allowed to sit in the...

哪些方法可以浏览国外网站 Chuck McAuley via Dailydave (Jul 15)
This isn’t directly related to John’s observation below, but it got me motivated to further clarify some of the
challenges involved in testing WAFs.

I’ve seen many implementations over the years that try to determine the decision making process of an IPS, WAF, or
similar device by simply interrogating it from the client side only. The realities of test of measurement is that it
requires the user to implement both a client and server...

Re: [EXTERNAL] WAF Metrics John Lampe via Dailydave (Jul 13)
Yeah, I guess the way I would envision it going would be:

1) web app scanner sees XSS vuln on /path/to/foo.php
2) my integration ties that web app scan into a format to pass to WAF
3) WAF sets up anti-xss rules on /path/to/foo.php (we had to actually
create a static mapping for this step)
4) measure how many hits the waf blocks to that endpoint for the XSS

John

手机浏览国外网站的方法 Chuck McAuley via Dailydave (Jul 13)
We’ve released a mid-pandemic product that is designed to test production deployed WAF’s by doing exactly what
@ranger_cha is describing.

It will run tests that include both known/existing attacks that a WAF should stop and common patterns that all WAF’s
should recognize and stop. Separately and clearly, so the use can see the impact of stopping both sets of assessments
separately.

http://www.ixiacom.com/products/threat-simulator

The...

WAFs: HTTP Desynchronization as a Metric Dave Aitel via Dailydave (Jul 13)
So one thing people don't have any scope of measuring - (maybe as a set
diagram finite states?) - is the difference between two parsers for the
same protocol. Ten years ago a lot of the security community had a
discussion about "LangSec <看国外网站加速软件>" which turns out to have
been entirely correct in retrospect.

NCCGroup's recently released analysis of the F5 bug is a key example of
this principle in action:...

Re: [EXTERNAL] WAF Metrics Rafal Los via Dailydave (Jul 13)
John,
Can you expand on #2? How do you measure the number of attacks stifled?

_--
Rafal
_Mobile: (404) 606-6056
_Email: Rafal.Los@Seventy7.Consulting<mailto:Rafal.Los@Seventy7.Consulting>

From: John Lampe via Dailydave <dailydave () lists aitelfoundation org>
Reply-To: John Lampe <jlampe () tenable com>
Date: Saturday, July 11, 2020 at 9:52 PM
To: Dave Aitel <dave.aitel () gmail com>
Cc: "dailydave () lists...

Re: WAF Metrics Moses Frost via Dailydave (Jul 11)
I guess some of us who grew up mapping ports and protocols into their neat
buckets will need to live with that fact that everything will eventually
ride over a multiplexed 443 socket, just something to think about before
the rant.

TL;DR - The answer to your question about measurement and effectiveness is
going to come down: "how long before you can see what I'm doing".

WAF's are a rather complex beast, but I guess they do...

看国外网站加速软件 John Lampe via Dailydave (Jul 11)
So, I recently did an integration for a company that took their web app
scanner results and mapped those to existing WAF rules. I can think of 2
metrics based off that

1) How many real-world vulns have a corresponding check in the WAF? and
2) Once the WAF rules have been put in place to protect actually-vulnerable
endpoints, how many attacks were actually stifled?

John

WAF Metrics Dave Aitel via Dailydave (Jul 11)
So I'm making a video on metrics, of all things, and I wanted to post both this
question <http://twitter.com/daveaitel/status/1281629327776522242?s=20>and
the best answer so far to the list to see if anyone had any other ideas or
followups.

-dave

[image: image.png]

[image: image.png]

Re: Brad gets real! Konrads Smelkovs via Dailydave (Jul 06)
Linux has too many stakeholders for a sensible equities process to happen
which is why treating everyone poorly (bugs are bugs) is fairer than
coordinating disclosure. In an example, if an earth shattering Linux bug
was to emerge, why would RedHat be in the know while Russian defence
contractors who build their countries’ systems on local Linux distros would
be excluded ?

Re: Brad gets real! Shawn Webb via Dailydave (Jul 06)
Fully agreed with you there. I also dislike the culture of treating
security vulnerabilities as "just another bug." I feel there's some
form of newspeak with regards to security and the Linux kernel. There
is indeed a formalized method to report security-related bugs to the
Linux kernel (emailing security _AT _ kernel _DOT_ org). Yet Linux
developer culture says "all bugs are bugs, regardless of security
impact. A security bug...

Re: Brad gets real! Dave Aitel via Dailydave (Jul 06)
This is possibly true, although an Android vs iOS comparison here might be
more apt, from a technical perspective? But what Brad truly nails in his
talk is an overarching culture around the process of Linux kernel
development that is decidedly non-optimal when it comes to security.

For example, when proposing security features, a healthy community would
take a suggested patch and debate "What were you trying to accomplish? What
is the best...

Re: Brad gets real! Shawn Webb via Dailydave (Jul 06)
It's also hard to innovate without a userland that is tightly
integrated with the kernel (like the BSDs). On the BSD side, we're
able to ship an entire ecosystem with exploit mitigations applied
because a basic userland is shipped and integrated with the kernel.

The way in which the BSDs are structured enables innovation across the
entire ecosystem. We at HardenedBSD are able to test and deploy
exploit mitigations across the base...

PaulDotCom — General discussion of security news, research, vulnerabilities, and the PaulDotCom Security Weekly podcast.

• Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

BHIS Sorta Top Used Tools of 2018 John - Black Hills Information Security (Dec 06)
Free Webcast

Hello all,

For our next webcast we will cover some of the core tools we use all the time at Black Hills Information Security.
However, there will be a twist. We will not talk about Nessus, Nmap, or Metasploit. Why? Because there are a ton of new
(and older) tools we use that fall outside of the standard tools you see in every security book/blog out there.

Basically, we are trying to be edgy and different.

You may want to come...

BHIS Webcast - Tues 10/2 @ 11am MDT John Strand - Black Hills Information Security (Sep 26)
Hello All,

In this next webcast I want to cover what I am doing with the BHIS Systems team to create a C2/Implant/Malware test
bed. Testing our C2/malware solutions is important because vendors tend to lie or over-hype their capabilities. I will
cross reference some different malware specimens to the MITRE ATT&CK framework and we will cover how you can use these
techniques to test your defensive solutions at both the endpoint and the...

BHIS Webcast: The PenTest Pyramid of Pain 9/4 - 11am MDT 怎样上国外网站相关的IT服务-云市场 – 阿里云:阿里云云市场为您提供和怎样上国外网站相关的IT服务；阿里云云市场是软件交易和交付平台；目前云市场上有九大分类：包括基础软件、服务、安全、企业应用、建站、解决方案、API、IOT及数据智能市场。关于怎样上国外网站相关的服务有：基础软件,服务,安全,企业应用,建站，如果您想查看更多 ...
Hello!

How are you all? We had a fantastic webcast last week with John Strand and Chris Brenton and we're still working
through some unexpected hiccups to get the recording up and posted. The podcast version is on our blog, and the YouTube
version will be posted shortly on the Active Countermeasures channel and blog as well. Thanks for all of you who
ventured over to attend!

Ready for another awesome BHIS webcast? Dakota is back and...

Webcast with CJ: Tues 7/24 at 11am 怎样上国外网站相关的IT服务-云市场 – 阿里云:阿里云云市场为您提供和怎样上国外网站相关的IT服务；阿里云云市场是软件交易和交付平台；目前云市场上有九大分类：包括基础软件、服务、安全、企业应用、建站、解决方案、API、IOT及数据智能市场。关于怎样上国外网站相关的服务有：基础软件,服务,安全,企业应用,建站，如果您想查看更多 ...
Our upcoming webcast will be about POLICY...

Did you check out when you heard “policy”? Policy can often seem like a drudgery, but it’s also an important and
potentially overlooked part of business and procedure; it’s the framework on which security is really built!

CJ, our COO and Head of Sales has experience writing, assessing and implementing policies for many different kinds of
companies. And if you are worried it will be dry and...

Honeypots — Discussions about tracking attackers by setting up decoy honeypots or entire honeynet networks.

• Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Honeypot malware archives Matteo Cantoni (Feb 14)
Hello everyone,

I would like share with you for educational purposes and without any
commercial purpose, data collected by the my homemade honeypot.
Nothing new, nothing shocking, nothing sensational... but I think can
be of interest to newcomers to the world of analysis of malware,
botnets, etc... maybe for a thesis.

The files collected are divided into zip archives, in alphabetical
order, with password (which must be request via email). Some...

看国外网站加速软件 — Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products—note how most have a prominent and often-misleading "mitigating factors" section.

• Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Microsoft Security Update Minor Revisions Microsoft (Dec 11)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: December 11, 2018
********************************************************************

Summary
=======

The following CVE has undergone a minor revision
increment:

* CVE-2018-8172

Revision Information:
=====================

- CVE-2018-8172 | Visual Studio Remote Code Execution
Vulnerability
-...

Microsoft Security Update Minor Revisions 手机怎样看国外网站
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: November 14, 2018
********************************************************************

Summary
=======

The following CVEs and advisory have undergone a minor revision
increment:

* CVE-2018-8454
* CVE-2018-8552
* ADV990001

Revision Information:
=====================

- CVE-2018-8454 | Windows Audio Service...

Microsoft Security Update Minor Revisions Microsoft (Oct 24)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: October 24, 2018
********************************************************************

Summary
=======

The following CVE has undergone a minor revision increment:

* CVE-2018-8512

Revision Information:
=====================

- CVE-2018-8512 | Microsoft Edge Security Feature Bypass
Vulnerability
-...

Malus加速器唯一官方网站 - 海外必备，一键回国，50万用户 ...:开始使用Malus来加速访问中国的音视频和网站，简单快速好用，帮你解锁优酷B站腾讯视频等国内各种服务.海棠Malus回国加速器致力于帮助海外华人和留学生提供加速中国大陆音视频的服务，可以在海外流畅使用中国的网站和音视频服务，提供专业稳定的全球回国线路和回国节点。 Microsoft (Oct 19)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 19, 2018
********************************************************************

Summary
=======

The following CVE been added to the October 2018 Security updates:

* CVE-2018-8569

Revision Information:
=====================

- CVE-2018-8569 | Yammer Desktop Application Remote Code Execution
Vulnerability
-...

Microsoft Security Update Releases 手机浏览国外网站的方法
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 17, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a major revision increment:

* CVE-2010-3190

Revision Information:
=====================

- CVE-2010-3190 | MFC Insecure Library Loading Vulnerability
-...

Microsoft Security Update Minor Revisions 大陆怎么浏览外国网站
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: October 9, 2018
********************************************************************

Summary
=======

The following CVE has undergone a minor revision increment:

* CVE-2018-8531

Revision Information:
=====================

- CVE-2018-8531 | Azure IoT Device Client SDK Memory Corruption
Vulnerability
-...

Microsoft Security Update Releases 手机浏览国外网站的方法
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 9, 2018
********************************************************************

Summary
=======

The following CVE been added to the October 2018 Security updates:

* CVE-2018-8292

Revision Information:
=====================

- CVE-2018-8292 | .NET Core Information Disclosure Vulnerability
-...

Microsoft Security Update Releases Microsoft (Oct 09)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 9, 2018
********************************************************************

Summary
=======

The following bulletin has undergone a major revision increment:

* MS11-025

Revision Information:
=====================

- http://docs.microsoft.com/en-us/security-updates/
SecurityBulletins/2011/ms11-025:...

Microsoft Security Update Summary for October 9, 2018 Microsoft (Oct 09)
********************************************************************
Microsoft Security Update Summary for October 9, 2018
Issued: October 9, 2018
********************************************************************

This summary lists security updates released for October 9, 2018.

Complete information for the October 2018 security update release can
Be found at
<http://portal.msrc.microsoft.com/en-us/security-guidance>.

Please note the...

Microsoft Security Update Releases Microsoft (Oct 02)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 2, 2018
********************************************************************

Summary
=======

The following CVE has undergone a major revision increment:

* CVE-2018-0952

Revision Information:
=====================

- CVE-2018-0952 | Diagnostic Hub Standard Collector Elevation of
Privilege Vulnerability
-...

Microsoft Security Advisory Notification Microsoft (Sep 12)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: September 12, 2018
********************************************************************

Security Advisories Released or Updated on September 12, 2018
===================================================================

* Microsoft Security Advisory ADV180022

- Title: Windows Denial of Service Vulnerability
-...

Microsoft Security Update Minor Revisions Microsoft (Sep 12)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: September 12, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a minor revision increment:

* CVE-2018-8421
* CVE-2018-8468

Revision Information:
=====================

- CVE-2018-8421 | .NET Framework Remote Code Execution
Vulnerability...

Microsoft Security Update Summary for September 11, 2018 Microsoft (Sep 11)
********************************************************************
Microsoft Security Update Summary for September 11, 2018
Issued: September 11, 2018
********************************************************************

This summary lists security updates released for September 11, 2018.

Complete information for the September 2018 security update release can
Be found at
<网易云音乐加速软件v1.1 安卓版 一键打卡310首歌 _软件工具 ...:2021-6-14 · 网易云音乐加速软件v1.1 安卓版 一键打卡310首歌 昨天更新的软件不能使用了 今天给大家重新修复了一下 记得卸载软件重新下载 提示乱码的 确认一下账号密码是否正确 多按几次 “签到打卡”>....

Microsoft Security Update Releases Microsoft (Sep 11)
********************************************************************
Title: Microsoft Security Update Releases
Issued: September 11, 2018
********************************************************************

Summary
=======

The following CVE has undergone a major revision increment:

* CVE-2018-8154

Revision Information:
=====================

- CVE-2018-8154 | Microsoft Exchange Memory Corruption
Vulnerability
-...

Microsoft Security Advisory Notification Microsoft (Sep 11)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: September 11, 2018
********************************************************************

Security Advisories Released or Updated on September 11, 2018
===================================================================

* Microsoft Security Advisory ADV180002

- Title: Guidance to mitigate speculative execution...

Funsec — While most security lists ban off-topic discussion, Funsec is a haven for free community discussion and enjoyment of the lighter, more humorous side of the security community

• Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Verizon: 1.5M of Contact Records Stolen, Now on Sale Jeffrey Walton (Mar 26)
http://www.mobipicker.com/verizon-1-5m-contact-records-stolen-now-sale/:

A business to business telecommunication giant,
Verizon Enterprise Solutions, a Basking Ridge,
New Jersey-based company, has been the latest
victim of a cyber crime that stole 1.5 million contact
records of the customers of Verizon...

I don't quite understand this double talk. Could someone explain to me:

A spokesperson from Verizon said that...

Statement on Lavabit Citation in Apple Case 手机怎样看国外网站
(From John Young on another list):
http://www.facebook.com/KingLadar/posts/10156714933135038

As many of you already know, the government cited the Lavabit case in
a footnote. The problem is their description insinuates a precedent
that was never created. Obviously I was somewhat disturbed by their
misrepresentation. So I decided to draft a statement. And keep in
mind, these are the same people who say "trust us." Click continue to
read...

The NSA's back door has given every US secret to our enemies Jeffrey Walton (Feb 29)
http://www.businessinsider.com/john-mcafee-nsa-back-door-gives-every-us-secret-to-enemies-2016-2

Deng Xiaoping, in 1979 - his second year as supreme leader of China -
perceived a fundamental truth that has yet to be fully grasped by most
Western leaders: Software, if properly weaponized, could be far more
destructive than any nuclear arsenal.

Under Deng’s leadership, China began one of the most ambitious and
sophisticated meta- software...

Can Spies Break Apple Crypto? Jeffrey Walton (Feb 27)
Here's an interesting exchange between Cryptome and Michael Froomkin,
Law Professor at University of Miami, on the All Writs Act
(http://cryptome.org/2016/02/can-spies-break-apple-crypto.htm):

-----

A. Michael Froomkin:

The factual posture in the key Supreme Court precedent, New York
Telephone, involved a situation where only the subject of the order
was capable of providing the assistance at issue. This is the basis
for Apple's...

The FBI's iPhone Problem: Tactical vs. Strategic Thinking Jeffrey Walton (Feb 23)
http://www.technewsworld.com/story/83130.html

I'm an ex-sheriff, and I've been in and out of security jobs for much
of my life, so I've got some familiarity with the issues underlying
the drama between the FBI and Apple. FBI officials -- and likely those
in every other three-letter agency and their counterparts all over the
world -- would like an easier way to do their jobs. Wouldn't we all?

If they could put cameras in...

Wanted: Cryptography Products for Worldwide Survey Jeffrey Walton (Jan 01)
(http://www.schneier.com/crypto-gram/archives/2015/1215.html):

In 1999, Lance Hoffman, David Balenson, and others published a survey
of non-US cryptographic products. The point of the survey was to
illustrate that there was a robust international market in these
products, and that US-only export restrictions on strong encryption
did nothing to prevent its adoption and everything to disadvantage US
corporations. This was an important contribution...

CERT Advisories — The Computer Emergency Response Team has been responding to security incidents and sharing vulnerability information since the Morris Worm hit in 1986. This archive combines their technical security alerts, tips, and current activity lists.

• Current Year
•  Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Mozilla Releases Security Update for Thunderbird US-CERT (Jul 17)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Mozilla Releases Security Update for Thunderbird [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/17/mozilla-releases-security-update-thunderbird ] 07/17/2020
10:50 AM EDT
Original release date: July 17, 2020

Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. An attacker could exploit
some of these...

Microsoft Releases Security Update for Edge US-CERT (Jul 17)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Microsoft Releases Security Update for Edge [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/17/microsoft-releases-security-update-edge ] 07/17/2020 10:53 AM
EDT
Original release date: July 17, 2020

Microsoft has released a security update to address a vulnerability in Edge (Chromium-based). An attacker could exploit
this vulnerability to drop...

怎样上国外网站相关的IT服务-云市场 – 阿里云:阿里云云市场为您提供和怎样上国外网站相关的IT服务；阿里云云市场是软件交易和交付平台；目前云市场上有九大分类：包括基础软件、服务、安全、企业应用、建站、解决方案、API、IOT及数据智能市场。关于怎样上国外网站相关的服务有：基础软件,服务,安全,企业应用,建站，如果您想查看更多 ... US-CERT (Jul 17)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation [
http://us-cert.cisa.gov/ncas/alerts/aa20-198a ] 07/16/2020 08:09 AM EDT
Original release date: July 16, 2020

Summary

"This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) and Pre-ATT&CK
frameworks....

CISA Releases Emergency Directive on Critical Microsoft Vulnerability US-CERT (Jul 16)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

CISA Releases Emergency Directive on Critical Microsoft Vulnerability [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/16/cisa-releases-emergency-directive-critical-microsoft-vulnerability
] 07/16/2020 03:28 PM EDT
Original release date: July 16, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive...

【VPN】免费无限制访问所有国外网站-自带VpN加速功能最 ...:2021-5-21 · 软件不用什么设置，进去输入你想进的网站网址就可以了[勉强][玫瑰] 【应用名称】：Tenta 浏览器汉化版 【应用版本】：3.1.6 US-CERT (Jul 16)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Apple Releases Security Updates [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/16/apple-releases-security-updates ] 07/16/2020 11:17 AM EDT
Original release date: July 16, 2020

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of
these vulnerabilities to take control of an...

这个网站，国外应用、软件免费下载，还可以观看最新上映 ...:2021-2-7 · 这个网站，国外应用、软件免费下载，还可以观看最新上映电影 震惊！国外黑科技！？一个能自动上色的网站！不点进来我就 ... US-CERT (Jul 16)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Malicious Activity Targeting COVID-19 Research, Vaccine Development [
用什么加速器可以免费上国外网站_好运百科:2021-6-5 · 话题：买什么加速器能访问国外的网站 推荐回答：华悦可以 话题：急求能上外国网站的免费加速器! 推荐回答：您要的能上国外网站的软件和教程已发送到私信，见你百度知道右上角的私信，不用安装设置，永久免费。话题：急求能上外国网站的免费加速器!
] 07/16/2020 07:16 AM EDT
Original release date: July 16, 2020

In response to malicious activity targeting COVID-19 research and vaccine development in the United...

Cisco Releases Security Updates for Multiple Products US-CERT (Jul 15)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Cisco Releases Security Updates for Multiple Products [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/15/cisco-releases-security-updates-multiple-products ]
07/15/2020 03:19 PM EDT
Original release date: July 15, 2020

Cisco has released security updates to address vulnerabilities affecting multiple products. An unauthenticated, remote
attacker...

Oracle Releases July 2020 Security Bulletin US-CERT (Jul 14)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Oracle Releases July 2020 Security Bulletin [
电脑怎么浏览国外网站:2021-6-13 · 用VPN.在我的百度空间有一款,你看看,个人一直在用,速度不错,有6个IP可选,建议先不买,免费用用先,好的再买.包年的话会比包月划算好多,电脑,手机IPHONE,上Facebook,推特等国外网站或者国外游戏服务器加速都可以了上.当然免费的也可以用到手机上的.呵呵 ] 07/14/2020
05:21 PM EDT
Original release date: July 14, 2020

Oracle has released its Critical Patch Update for July 2020 to address 433 vulnerabilities across multiple products. A
remote attacker could...

怎样上国外网站相关的IT服务-云市场 – 阿里云:阿里云云市场为您提供和怎样上国外网站相关的IT服务；阿里云云市场是软件交易和交付平台；目前云市场上有九大分类：包括基础软件、服务、安全、企业应用、建站、解决方案、API、IOT及数据智能市场。关于怎样上国外网站相关的服务有：基础软件,服务,安全,企业应用,建站，如果您想查看更多 ... US-CERT (Jul 14)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Google Releases Security Updates for Chrome [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/14/google-releases-security-updates-chrome-0 ] 07/14/2020 04:51
PM EDT
Original release date: July 14, 2020

Google has released Chrome version 84.0.4147.89 for Windows, Mac, and Linux. This version addresses vulnerabilities
that an attacker could exploit...

Google Releases Security Updates for Chrome 如何进入外国网站
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Google Releases Security Updates for Chrome [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/14/google-releases-security-updates-chrome ] 07/14/2020 02:45 PM
EDT
Original release date: July 14, 2020

Google has released Chrome version 84.0.4147.89 for Windows, Mac, and Linux. This version addresses vulnerabilities
that an attacker could exploit to...

Microsoft Releases July 2020 Security Updates 手机翻国外网站教程
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Microsoft Releases July 2020 Security Updates [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/14/microsoft-releases-july-2020-security-updates ] 07/14/2020
02:13 PM EDT
Original release date: July 14, 2020

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could
exploit some of these...

Microsoft Addresses 'Wormable' RCE Vulnerability in Windows DNS Server US-CERT (Jul 14)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Microsoft Addresses 'Wormable' RCE Vulnerability in Windows DNS Server [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/14/microsoft-addresses-wormable-rce-vulnerability-windows-dns-server
] 07/14/2020 02:14 PM EDT
Original release date: July 14, 2020

Microsoft has released a security update to address a remote code execution (RCE)...

Adobe Releases Security Updates for Multiple Products US-CERT (Jul 14)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Adobe Releases Security Updates for Multiple Products [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/14/adobe-releases-security-updates-multiple-products ]
07/14/2020 01:18 PM EDT
Original release date: July 14, 2020

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit
some of...

Apache Releases Security Advisories for Apache Tomcat US-CERT (Jul 14)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

Apache Releases Security Advisories for Apache Tomcat [
http://us-cert.cisa.gov/ncas/current-activity/2020/07/14/apache-releases-security-advisories-apache-tomcat ]
07/14/2020 11:33 AM EDT
Original release date: July 14, 2020

The Apache Software Foundation has released security advisories to address multiple vulnerabilities in Apache Tomcat.
An attacker...

AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java US-CERT (Jul 13)
Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:

AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java [ http://us-cert.cisa.gov/ncas/alerts/aa20-195a ]
07/13/2020 07:07 PM EDT
Original release date: July 13, 2020

Summary

On July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287 [
旗舰VPN新一代网络加速软件 - IT168:2021-2-19 · 旗舰加速器是一款可以全球互联网络加速器软件 ，提供国际用户免费使用。 旗舰加速器在中国不同网络骨干节点，海外各国骨干节点部署大量专用服务器。 采用最新的VPN虚拟专用网络连接方式，加密和认证技术。让用户通过在公用网络(因特网 ... ],...

Open Source Security — Discussion of security flaws, concepts, and practices in the Open Source community

• Current Quarter
•  Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Re: Multiple Security Issues in the TrouSerS tpm1.2 tscd Daemon Marco Benatto (Aug 03)
Hello,

Is there any follow up already for this issue in upstream (CVE
assigned or upstream commits)?

Thanks,

Marco Benatto
Red Hat Product Security
secalert () redhat com for urgent response

ansi escape sequence injection into ubuntu's add-apt-repository Jason A. Donenfeld (Aug 03)
Hi,

I've found a rather low grade concern: I'm able to inject ANSI escape
sequences into PPA descriptions on Launchpad, and then have them
rendered by add-apt-repository *before* the user consents to actually
adding that repository. There might be some sort of trust barrier
issue with that. This could be used to clear the screen and imitate a
fresh bash prompt, upload files, dump the current screen to a file, or
other classic...

Fwd: X.Org security advisory: July 31, 2020: Xserver Matthieu Herrb (Jul 31)
----- Forwarded message from Matthieu Herrb <matthieu () herrb eu> -----

Date: Fri, 31 Jul 2020 15:44:44 +0200
From: Matthieu Herrb <matthieu () herrb eu>
To: xorg-announce () lists x org
Cc: xorg-devel () lists x org
Subject: X.Org security advisory: July 31, 2020: Xserver

X.Org security advisory: July 31, 2020

X Server Pixel Data Uninitialized Memory Information Disclosure...

Fwd: X.Org security advisory: July 31, 2020: libX11 手机翻国外网站教程
----- Forwarded message from Matthieu Herrb <matthieu () herrb eu> -----

Date: Fri, 31 Jul 2020 15:37:55 +0200
From: Matthieu Herrb <matthieu () herrb eu>
To: xorg-announce () lists x org
Cc: xorg-devel () lists x org
Subject: X.Org security advisory: July 31, 2020: libX11

X.Org security advisory: July 31, 2020

Heap corruption in the X input method client in libX11
======================================================...

看国外网站加速软件 H.J. Lu (Jul 30)
FWIW, we can introduce a different CET PLT as long as it is compatible
with the past, current and future binaries.

Re: Alternative CET ABI Szabolcs Nagy (Jul 30)
The 07/30/2020 18:41, Jann Horn wrote:

ld.so only needs to generate one plt entry
for a function in a process and that entry
can provided the canonical address that is
loaded from some got entry when the address
is used, so there is double indirection, but
it works.

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you
are not the intended recipient, please notify the sender...

Re: Alternative CET ABI Florian Weimer (Jul 30)
* Jann Horn:

Same as today. ELF already deals with this by picking one canonical
function address per process.

Some targets already need PLTs for inter-DSO calls, so the problem is
not new. It happens even on x86 because the main program can refer to
its PLT stubs without run-time relocations, so those determine the
canonical address of those functions, and not the actual implementation
in a shared object.

Hopefully not, because that would...

怎样浏览国外的网站 Jann Horn (Jul 30)
How would this interact with function pointer comparisons? As in, if
library A exports a function func1 without referencing it, and
libraries B and C both take references to func1, would they end up
with different function pointers (pointing to their respective PLT
entries)? Would this mean that the behavior of a program that compares
function pointers obtained through different shared libraries might
change?

I guess you could maybe canonicalize...

Alternative CET ABI 如何进入外国网站
CET (and Arm BTI) restrict targets for indirect jumps and calls to
landing pads which start with specially-formatted NOP instruction
dedicated to this purpose (endrb64 in the x86-64 case).

The traditional way of implementing ELF on top of this is to have every
global function start with that NOP, and also use these NOPs in PLT
stubs in the main program (which may provide the canonical address of
functions, i.e. there address may be taken).

The...

Re: UEFI SecureBoot bypass fixes rolled out to kernels below radar John Haxby (Jul 30)
Yep. I mentioned these in my post yesterday but I didn't go into any detail as they've been public for some little
while. The various vendor updates are patching both CVEs, as you noted. Ubuntu punlished an advisory for these a few
days ago (http://ubuntu.com/security/notices/USN-4440-1), we, and others, rolled the kernel fixes in with the rest of
the changes.

Important and necessary as these fixes are they're not the main...

UEFI SecureBoot bypass fixes rolled out to kernels below radar Jason A. Donenfeld (Jul 30)
Hi,

I thought I should mention that yesterday's UEFI SecureBoot bypass
headlines neglected to mention the bugs I found over a month ago (with
the exception of Debian's announcement, which got some details wrong
initially but those have since been rectified).

It appears that Linux vendors are now releasing fixes for:

- CVE-2019-20908
http://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language.sh...

Re: [CVE-2020-14331] Linux Kernel: buffer over write in vgacon_scrollback_update 张云海 (Jul 30)
Hi All,

I update the patch as Zhang Xiao points out that the check should use >
instead of >=,
otherwise the last line will be skip.

Regards,
Yunhai Zhang / NSFOCUS Security Team

From: Yunhai Zhang <zhangyunhai () nsfocus com>
Date: Tue, 28 Jul 2020 09:58:03 +0800
Subject: [PATCH] Fix for missing check in vgacon scrollback handling

vgacon_scrollback_update() always left enbough room in the scrollback
buffer for the next call, but...

multiple secure boot grub2 and linux kernel vulnerabilities John Haxby (Jul 29)
[This message expands slightly on the post to the distros list on 2020-07-20.]

Hello All,

There are several CVEs both in GRUB2 and the Linux kernel (details
below) that compromise UEFI Secure boot and kernel lockdown.

* These bugs allow unsigned code to be booted and run on hardware
configured to prevent that.

* Affected vendors will be publishing fixed, re-signed shim, grub and
kernels to allow systems to continue to boot...

Re: [CVE-2020-14331] Linux Kernel: buffer over write in vgacon_scrollback_update Solar Designer (Jul 29)
That was in 2006.

Wow. I suppose the biggest risk here is services that just happen to
run on the console (or able to access it if they re-open /dev/tty) as a
result of normal system startup. Since an ioctl() is required at least
to trigger CVE-2020-14331, at least this one is limited to attacks by
someone who already got code execution within one of such services, but
I suppose it could in some cases be used to gain ring 0 access from a...

海外游加速器_海外永久免费软件加速器_神龟加速器官网:2021-2-26 · 海外加速器 - 非凡软件站 2021年2月26日 - 关键字是海外加速器 ,共有相关软件1个,查看更多相关内容 [网游加速] 迅游国际版加速器 v4.4810.18500 更新时间:2021-02-26缩略 【VPN】免费无限制访问所有国外网站-自带VpN加速功能最 ...:2021-5-21 · 软件不用什么设置，进去输入你想进的网站网址就可以了[勉强][玫瑰] 【应用名称】：Tenta 浏览器汉化版 【应用版本】：3.1.6
------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2020-0007
------------------------------------------------------------------------

Date reported : July 29, 2020
Advisory ID : WSA-2020-0007
WebKitGTK Advisory URL : http://webkitgtk.org/security/WSA-2020-0007.html
WPE WebKit Advisory URL :...

Secure Coding — The Secure Coding list (SC-L) is an open forum for the discussion on developing secure applications. It is moderated by the authors of Secure Coding: Principles and Practices.

• Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Silver Bullet 123: Yanek Korff Gary McGraw (Jul 06)
hi sc-l,

The latest installment of Silver Bullet was posted this morning. Silver Bullet episode 123 features a conversation
with Yanek Korff. Yanek worked for many years at Cigital as a system administrator back in the early days. He then
moved on to operational security work at AOL and running managed security services at Mandiant.

We talk about managing technical people in this episode. We also discuss operational security. Have a...

Educause Security Discussion — Securing networks and computers in an academic environment.

• Current Quarter
•  Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Registration now open for cyberinfrastructure/cybersecurity workshop, August 18 and 20 Stone, Todd A (Aug 03)
Registration is now open for the inaugural Cyberinfrastructure/Cybersecurity
workshop, August 18 and 20, 2020.

This unique event will focus on the cybersecurity and cyberinfrastructure
needs of research facilities and projects. This is a small, "how-to" event
designed to provide actionable strategies, tactics, and techniques.
Registration is limited so as to maximize connection and interaction, and
will include interactive training,...

Re: [External Email] [SECURITY] online harassment Michael J Behun (Aug 03)
Every situation is unique but I prefer to take a health and safety
approach. If appropriate, we bring in university police to assist the
person in identifying the difference between free speech and criminal
activity. Being able to identify an escalation and a safety threat can be
difficult, so identify campus or LEO resources for them to contact. The
next step may be to bring in any other campus entities human resources,
Title IX, employee...

MFA - DUO on Macs for NIST 800-171 control 3.5.3 Penn, Blake C (Aug 03)
Is anyone using DUO to implement MFA for local access to privileged accounts on Macs?

If so, then I would like to talk to you about it as we are having a few issues with this.

Best regards,

Blake Penn
Information Security Policy and Compliance Manager
Cyber Security
Georgia Institute of Technology
(404) 385-5480
blake.penn () security gatech edu

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If...

online harassment Kristen Dietiker (Aug 03)
Colleagues, do any of you provide support to faculty or staff at your
institutions who become the target of online harassment campaigns? For
example, faculty who publish on hot button topics and get doxed. If so,
what resources or support do you provide?

Thank you,

Banner Single Sign On via Azure AD with 2FA Hart, Michael (Jul 30)
My applications services team (Not members of this constituent group) reached out to some peers on another forum. I
thought I would forward to this group to see if there were any member experienced with this, who would be willing to
provide some input. If so, please let me know and I can share their contact info.

Here's the message from our Applications Services director:

Hi folks,

We're working to diagnose a configuration...

免翻，看国外网站YouTube - QQ技术教程网站_免费分享互 ...:2021-6-4 · 免翻，看国外网站YouTube 2021/6/4 小磊 手机软件 3940 0 软件适用于安卓系统，下载完了之后直接打开是没有内容的，需要用到进行加速才能登录，随便哪款都行，比如我推荐刚刚分享的那款腾讯加速 … Theresa Semmens (Jul 30)
Same here, good luck on this.

Theresa

Theresa Semmens
Chief Information Security Officer
Nevada System of Higher Education
4505 S Maryland Parkway (MS 4016)
Las Vegas, NV 89154-4016
tsemmens () nshe nevada edu<mailto:tsemmens () nshe nevada edu>
702-720-3318

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of David Escalante
Sent: Tuesday, July 28, 2020 2:00 PM
To: SECURITY ()...

Re: Opportunity to influence the future of Information Security Ben Marsden (Jul 28)
David, you should totally take my spot, you can contribute *so much* more
than I ever could! As it turns out, I'll be in transit during the Panel's
scheduled time on Thursday, so I can't be there live...

-- Ben

On Tue, Jul 28, 2020 at 5:00 PM David Escalante <david.escalante () bc edu>
wrote:

Re: Opportunity to influence the future of Information Security David Escalante (Jul 28)
Sorry, missed the deadline on this and the form is down.  Thought it was
the end of the month.  Good luck!

Higher Education (Understanding Legal Liability Protections) Brian Kelly (Jul 28)
I thought this upcoming webinar hosted by Pillsbury Winthrop Shaw Pittman would be of interest.

“As places of higher learning begin welcoming students back on campus, questions remain regarding the scope of
liability schools may face in connection with COVID-19. In addition, there are uncertainties regarding what steps they
can take to protect their community, finances and reputation.”

Topics will include:

* Guidelines for reopening...

如何加速访问国外服务器? -「云杰通信」:今天 · 企业用户在与海外企业对接时，访问海外服务器遇到了十分严重的问题。对于大部分之前一直访问国内服务器，甚至是没国外服务器的用户。在访问国外服务器的时候总会有很多的顾虑，不知道哪种国外服务器访问专线更稳定，能达到自身产品运行所需要的实际服务器环境。 James Valente (Jul 28)
We ran into this late last year up until a few months ago. The “fix” itself was simple but the business decision
around getting that in place was a nightmare. Someone had decided that anyone wishing to take a non-credit course
should be able to just register immediately without any input from our side. This, per policy, also gave them a
university email address (because they didn’t want non-campus addresses used for billing).

As a...

Re: [External] [SECURITY] Faculty / Staff Account De-provisioning Kevin Ledbetter (Jul 27)
Thanks for the responses. I tend to agree with those who cite the FERPA
regulations as a reason to revoke access sooner rather than later. We just
get push-back for those who feel "inconvenienced" by quickness to take
action.

Kevin

Re: Fake Student Applications/Registrations Tomassetti, Tina (Jul 27)
I remembered this happening here too so I got some info from our Asst. Dir
of Administrative Information Systems:

Yes. We shut down all of the instant admission channels such as Banner
Self Service Non Matriculated applications and those now are done via
Wufoo. We also added a Re-Captcha to the Wufoo form, and advised the
Registrar's Office on what to watch for on those forms that would indicate
an invalid application. If they recognize...

Re: [External] [SECURITY] Faculty / Staff Account De-provisioning 如何进入外国网站
For the University of Washington:

免翻，看国外网站YouTube - QQ技术教程网站_免费分享互 ...:2021-6-4 · 免翻，看国外网站YouTube 2021/6/4 小磊 手机软件 3940 0 软件适用于安卓系统，下载完了之后直接打开是没有内容的，需要用到进行加速才能登录，随便哪款都行，比如我推荐刚刚分享的那款腾讯加速 …

http://itconnect.uw.edu/connect/productivity-platforms/uw-office-365/account-lifecycle/

Joshua Webb
________________________________
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Gregg,
Christopher S. <csgregg () STTHOMAS EDU>
Sent: Friday, July 24, 2020...

Re: Fake Student Applications/Registrations Von Welch (Work) (Jul 24)
Nathan,

In addition to .edu email addresses, I’ve seen cases of attackers fredulently getting EDU accounts and abusing those
accounts through federated identity, e.g. InCommon, to abuse remote resources that are open to higher ed users. If your
organization is an InCommon IdP, I suggest checking with your IdP operator (probably in your IdM group), for signs of
outgoing abuse.

Best,

Von

Segregating Servers Security (Jul 24)
I am interested in how you segregate your servers. How do you separate and
control traffic between servers? For example, Internet facing servers and
internal servers?
Do you use vlans, routing, internal firewall, none of the above, all of
the above?

Thanks,
Matt Prescott, Security Analyst
Information Technology
(o) 325-674-2882
Abilene Christian University
[image: Abilene Christian University]

**********
Replies to EDUCAUSE Community Group...

如何进入外国网站 — The North American Network Operators' Group discusses fundamental Internet infrastructure issues such as routing, IP address allocation, and containing malicious activity.

• Current Month
•  Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

Suggestiins for DIA link in Alamo,CA area Nathanael Cariaga (Aug 03)
Guys, I'm looking for 300-500Mbps DIA circuit (with /28 IPs) to be
installed in Alamo, CA. Any suggestions?

Re: RPKI TAs Randy Bush (Aug 03)
uh, i want a trustable downlad of trust anchors. and it ain't from
vendors.

but yes, arin's legal dos it typical arin. but, if i ignore the bumph,
i can connect to their web site dnssec, tls, ... and get a viable TAL
which meets RFC specs. that seems to me more than one can say for some
other RIRs.

randy

Re: BGP full feed for testing purposes Josh Luthman (Aug 03)
Greg Sowell helps you out here:

http://gregsowell.com/?page_id=5771

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

Re: BGP full feed for testing purposes Brendan Carlson (Aug 03)
Set up a Vultr instance and you can get a full feed from them for testing.
I've done this for a route collector and it worked well.

BGP full feed for testing purposes Blažej Krajňák (Aug 03)
Hello,

I'm wondering, if there is any public service I can get full BGP feed
from for testing purposes.

I admin multi-homed AS50242 with two default routes for now (fail-over).
I'm going to prepare new routing setup with extended validation so reall
full BGP feed would be usefull. Yes, I can ask my upstream provider for
it, but I don't want to change settings in production setup.

Thanks

Regards,
Blažej Krajňák

Re: RPKI TAs Matt Corallo (Aug 03)
While I certainly agree with you, I have a certainly-naive question - what the difference is between ARIN and RIPE's
T&C:

Aug 3 19:07:15 rpki-validator rpki-client[16164]: The RIPE NCC Certification Repository is subject to Terms and
Conditions
Aug 3 19:07:15 rpki-validator rpki-client[16164]: See
http://www.ripe.net/lir-services/ncc/legal/certification/repository-tc

As far as I understand, to use RIPE's RPKI repo I have to...

Re: RPKI TAs Owen DeLong (Aug 03)
I was able to download it just now without any authentication, lawyers, contracts,
or anything else… What more is it you are asking for?

I just obtained the ARIN TAL without ever signing an RPA. What am I missing?

All I did was follow the URL John provided.

Owen

Re: RPKI TAs Randy Bush (Aug 03)
no, you are supposed to get TRUST material from alex's secret stash.
sigh.

it should be a dnssec lookup of ripe.net, tls secured lookup, find a TAL
as defind in the RFCs, and fetch it via tls.

randy

Re: BGP route hijack by AS10990 Mark Tinka (Aug 03)
That's a really nasty bug.

Loss of an RTR session shouldn't kill the box, even if you are running
only one validator. If you can share details about why this happens when
you get them, that would be most helpful.

I'd be curious to know whether this is dependent on a specific
validator, or all of them.

Are there bits in Junos 20 that you can't get in fixed versions of 19?

Mark.

Re: BGP route hijack by AS10990 Baldur Norddahl (Aug 03)
We suffered a series of crashes that led to JTAC recommending disabling
RPKI. We had a core dump which matches PR1332626 which is confidential, so
I have no idea what it is about. Apparently what happened was the server
running the RPKI validation server rebooted and the service was not
configured to automatically restart. Also we did not have it redundant nor
did we monitor the service. So we had no working RPKI validation server and
that...

Re: BGP route hijack by AS10990 Mark Tinka (Aug 03)
You just reminded me of the defense's strategy in the court case against
HealthSouth's CEO Richard Scrushy, when they used a picture of a rat
carrying Swiss cheese (full of holes) in their closing arguments to the
jurors, to discredit the prosecution :-).

Mark.

Re: BGP route hijack by AS10990 Mark Tinka (Aug 03)
I think we've now gone past Telia's mistake and are considering what we
can all do as BGP actors to prevent this particular issue from making a
reprise.

Agreed, we all have bits we need to prioritize our time on. But the BGP
requires concerted effort of all actors on the Internet. How an operator
in Omsk works with BGP has a potentially direct impact on another
operator in Ketchikan. So whether I choose to spend more time on
attending...

Re: RPKI TAs Job Snijders (Aug 03)
I dunno, 'straightforward' to me would mean the ARIN TA is installed by
default when you install a RPKI Cache Validator implementation, all
without requiring lawyers well-versed in both your native language AND
in the American legal system.

I can do DNSSEC, RPKI ROV, Signify, Web PKIs like TLS - all without
kludges. Here is a video (10 min) where I show how you can bootstrap a
system from 0 to 100 without relying party agreements:...

Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) 哪些方法可以浏览国外网站
Dear Ryan,

I have come to believe this is a Noction IRP specific issue.

I am not exaggerating when I say that *ONLY* the name of this software
is mentioned when incidents like this happen. Other route manipulation
tools either use different (safer) technologies and/or mark routes with
NO_EXPORT.

Every few weeks I am in phone calls with new people who happened
originated hijacks which existed for traffic engineering purposes and
without fail it...

Re: BGP route hijack by AS10990 Job Snijders (Aug 03)
My take on PR1461602 is that it can be ignored, as it appears to only
manifest itself in a mostly cosmetic way: initial RTR session
establishment takes multiple minutes, but once RTR sessions are up
things work smoothly.

Under no circumstances should you enable RPKI ROV functionality on boxes
that suffer from PR1309944. That one is a real showstopper.

Kind regards,

Job

Interesting People — David Farber moderates this list for discussion involving internet governance, infrastructure, and any other topics he finds fascinating

• Previous Month
•  Archived Posts
•  RSS Feed
•  About List
•  Show Latest PostsHide Latest Posts

怎样上国外网站相关的IT服务-云市场 – 阿里云:阿里云云市场为您提供和怎样上国外网站相关的IT服务；阿里云云市场是软件交易和交付平台；目前云市场上有九大分类：包括基础软件、服务、安全、企业应用、建站、解决方案、API、IOT及数据智能市场。关于怎样上国外网站相关的服务有：基础软件,服务,安全,企业应用,建站，如果您想查看更多 ... Derick Denicola � (Jul 31)
hi

here it is, ad rotator cheap traffic
Pictus(看图软件)下载_Pictus(看图软件)官方下载-太平洋下载中心:2021-6-14 · Pictus看图软件是一款国外流行的免费图片查看软件，支持多种常用的图片格式，包括PSDPSPTGATIFF与WBMP等等，能快速打开快速浏览，界面#8203;小清新 ...

Pricelist attached

Regards
Derick Denicola  

http://www.mgdots.co/unsubscribe/
001 (516) 926-1772
18 Richmond St, Albany, New York

cheap viagra to grow your penis u-canbadge.com (Jul 30)
order today, cheap viagra
http://www.u-canbadge.com/

unsubscribe
http://forms.icann.org/en/resources/compliance/registries/abuse-contact/fo
rm

fw: put ranks down for any website Negative SEO (Jul 28)
negative seo that works
http://www.liftmyrank.co/negative-seo-services/index.html

Domain Authority 50 for your website = 69 usd only - Guaranteed Service Peter (Jul 24)
We`ll get your website to have Domain Authority 50 or we`ll refund you every
cent

for only 69 usd, you`ll have DA50 for your website, guaranteed

Order it today:
http://www.str8-creative.co/product/moz-da-seo-plan/

thanks
Peter

看国外网站加速软件 Merlene Prater (Jul 22)
www.liftmyrank.co

cheap viagra to grow your penis u-canbadge.com (Jul 21)
order today, cheap viagra
http://www.u-canbadge.com/

unsubscribe
http://forms.icann.org/en/resources/compliance/registries/abuse-contact/fo
rm

网易云音乐加速软件v1.1 安卓版 一键打卡310首歌 _软件工具 ...:2021-6-14 · 网易云音乐加速软件v1.1 安卓版 一键打卡310首歌 昨天更新的软件不能使用了 今天给大家重新修复了一下 记得卸载软件重新下载 提示乱码的 确认一下账号密码是否正确 多按几次 “签到打卡” Jamaal Jardine � (Jul 21)
Increase sales and ranks with our targeted traffic
http://bulkwebtraffic.io

Check the pricelist attached

Regards
Jamaal Jardine  

Unsubscribe option is available on the);