SecLists.Org Security Mailing List Archive

Any hacker will tell you that the latest news and exploits are not found on any web site—not even Insecure.Org. No, the cutting edge in security research is and will continue to be the full disclosure mailing lists such as Bugtraq. Here we provide web archives and RSS feeds (now including message extracts), updated in real-time, for many of our favorite lists. Browse the individual lists below, or search them all:

Insecure.Org Lists

Nmap Development — Unmoderated technical development forum for debating ideas, patches, and suggestions regarding proposed changes to Nmap and related projects. Subscribe here.

nc -kle 'cat largefile' doesn't transmit correctly Tobias Girstmair (Nov 27)
Hi folks,

I'm using ncat as a simple web server, as described in
https://nmap.org/ncat/guide/ncat-tricks.html#ncat-httpserv . The file
I'm serving is relatively large (80kB), and I noticed that it gets
mangled very often: a section of over a kilobyte is missing from the
middle (at packet boundaries; e.g. after 44888 bytes using 1448 sized
packets).

This seems to only happen when using --exec or --sh-exec; not when
piping the same file...

Re: smb NSE scripts with special characters password Carlos Gomes - FCHS (Nov 25)
Sorry, but both links are not working.

Also I did not understand what list are we talking about :D

Em qua., 24 de nov. de 2021 às 18:11, Oliver Aldridge <oliver () aldridge net>
escreveu:

Re: npcap-1.55.exe flaged as malicious Gordon Fyodor Lyon (Nov 24)
Hi Onno. Good question. Npcap Version 1.55 is absolutely not malicious or
infected by anything, but unfortunately there are a many garbage antivirus
engines out there which flood VirusTotal with false positives like this.
The latest VirusTotal report on Npcap 1.55
<https://www.virustotal.com/gui/file/0bcc56aef29b24985d7f658cd34013b08cb53ad5bf6b6ac2a982a5f6d4d95800>
shows
that only 2 of their 66 AV engines flag any issues.

If there are any...

problem starting the driver YouTube King (Nov 24)
Hello,

I've been trying to run "SelfishNet" but it gives a message "problem
starting the driver" then "problem installing the drivers, do you have
administrator privileges?" that after installing npcap.
Then I installed "winpcap" alone and rebooted but the program displays
nothing as if it's never stared.

Do you have any solution for this problem?

I know the program is old and not supported but...

Re: smb NSE scripts with special characters password Oliver Aldridge (Nov 24)
Good afternoon! Our managers generated required list and I send it to you. File can be found via this link:

1)vulkanvegas1000.fanalikhtiyar.com/veritatisdebitis/cumquedolorem-3181671

2)bitcoinguidebooklive.mydemosystems.com/similiquedolor/autalias-3181671

Hello Everyone

I'm trying to do a nmap scan using some smb nse scripts, mostly with authenticated shares parsing user / password
within the script-args.

But when the share uses...

NMAP PR #2397: IoTVAS connected device discovery and risk assessment script Behrang Fouladi (Nov 24)
Hello,

I'd like to contribute a NSE script that enables nmap to perform accurate device discovery and risk assessment of
IoT/connected devices such as IP cameras, printers and video conferencing devices. It does so by receiving the device
network service banners (snmp, http, ftp, telnet and upnp) from nmap engine and submitting it to the Firmalyzer's
IoTVAS API endpoint (link to the documentation and swagger UI : ...

npcap-1.55.exe flaged as malicious Rommen, Onno via dev (Nov 24)
Hi guys,

VirusTotal flags npcap-1.55.exe, as available on your site, as malicious. Are you aware of that and what is your
reaction on that please?

Hope to hear from you soon.

Sincerely,

Onno Rommen, Lloyd's Register
(Working days Monday, Tuesday, Wednesday & Thursday)

Senior Lead Auditor Information Security, LRQA
T +31 (0)10 2500 505 M +31 (0)6 1746 1166 E onno.rommen () lr org<mailto:onno.rommen () lr org>
Lloyd's...

nmap 7.92 build fails on Fedora 34 ndof () gmx li (Nov 24)
Hi developers,
building nmap on Fedora 33 works, but fails on Fedora 34 with:

make[1]: Leaving directory '/builddir/build/BUILD/nmap-7.92/libnetutil'
netutil.cc: In function 'const void* icmpv6_get_data(const icmpv6_hdr*,
unsigned int*)':
netutil.cc:756:13: error: invalid use of incomplete type 'const struct
icmpv6_hdr'
756 | if (icmpv6->icmpv6_type == ICMPV6_TIMEXCEED ||
icmpv6->icmpv6_type ==...

possibly a bug or MS voodoo Schmidt, Nathanael via dev (Nov 24)
Hello developer,

i have following Problem. I try to ping scan my local network using nmap, but it doesn't seem to find machines that are
for sure alive. It responses to Windows ping but not to nmap ping scan. I searched the problem in the internet. I don't
found a solution.

Results for ping (Transleted from German) :

Ping is executed for 172.27.97.21 with 32 bytes of data:
Reply from 172.27.97.21: Bytes=32 Time<1ms TTL=127
Reply...

Re: smb NSE scripts with special characters password Carlos Gomes - FCHS (Nov 02)
We updated our environment to use nmap 7.92, but still have the same issue
on escaping characters

Any help / tips are welcome :D

Em dom., 31 de out. de 2021 às 12:37, Carlos Gomes - FCHS <
carlos.henrique () unesp br> escreveu:

smb NSE scripts with special characters password Carlos Gomes - FCHS (Oct 31)
Hello Everyone

I'm trying to do a nmap scan using some smb nse scripts, mostly with
authenticated shares parsing user / password within the script-args.

But when the share uses special characters, the scan breaks and some escape
characters are needed within the arguments.

For example, this scan:
nmap -PE -PS80,69,443,3389,8080 -PP -PA21 -PU161,137-139,123 -sS -sU -sV -O
-d2 -vv -pT:0-65535,U:137,161 --script...

Won't switch to monitor mode on windows 10 Joshua Van Doren (Oct 27)

Nmap issue : Error compiling our pcap filter: expression rejects all packets Thuse, Saurabh (Sep 29)
Hi All,

We are getting below error with Nmap 7.91 while doing port scanning.

Issue :
Nmap port scan fails with Error compiling our pcap filter: expression rejects all packets

Description :
When we are running Nmap port scanning from Windows we get below error with details

nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p
T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 10.77.160.110 10.66.0.112...

How to set MTU for "Adapter for loopback capture" device? David Aldrich (Sep 16)
Hi

I am working on Windows and need to capture packets from a test app, using
Wireshark, via a loopback device. The goal is to test my Wireshark
dissector.

I understand that Wireshark's recommendation is to use the "Adapter for
loopback capture" device (\Device\NPF_Loopback). I am doing this and it
works fine.

I now need to test with large messages to see how my dissector handles
fragmented messages (in TCP).

To do this I need...

TypeError: encoded string too long (589, maximum length 519) error javinzatwarniski (Sep 16)
I am receiving this error every time I try to scan an IP with Zenmap on
Windows.

Version: 7.92

Traceback (most recent call last):

File "zenmapGUI\ScanInterface.pyo", line 389, in start_scan_cb

File "zenmapGUI\ScanInterface.pyo", line 465, in execute_command

File "zenmapCore\NmapCommand.pyo", line 173, in __init__

File "tempfile.pyo", line 307, in mkstemp

File "tempfile.pyo", line...

Nmap Announce — Moderated list for the most important new releases and announcements regarding the Nmap Security Scanner and related projects. We recommend that all Nmap users subscribe.

Nmap 7.92 Defcon Release! Gordon Fyodor Lyon (Aug 07)
Hi folks. Many of us can't attend Defcon in person this year due to global
pandemic, but we won't let that stop our traditional Defcon Nmap release!
We just posted Nmap 7.92 to https://nmap.org/download.html. It includes
dozens of performance improvements, feature enhancements, and bug fixes
that we've made over the last 10 months.

The biggest improvement (at least for Windows users) is the inclusion of
version 1.50 of Npcap (...

Npcap 1.50 Release Brings Nmap & Wireshark to Windows ARM devices Gordon Fyodor Lyon (Jun 28)
Hi folks. The Nmap Project is pleased to release Npcap version 1.50 at
https://npcap.org. There are many improvements in this release, but the
one we're most excited about is support for the ARM architecture! This
allows apps like Nmap and Wireshark to run for the first time on a newer
generation of hardware which often includes all-day battery life and
always-on LTE/5G capabilities. Devices vary from the $349 Samsung Galaxy
Book Go...

Npcap 1.30 Released: Raw WiFi + Better Performance Gordon Fyodor Lyon (Apr 12)
Hi folks. The Nmap Project is pleased to release Npcap Version 1.30 at
https://npcap.org. We hope Nmap and Wireshark users will be especially
happy with the raw WiFi improvements, since you tend to be particularly
savvy about low-level network inspection. It turns out that some of the
issues we thought were caused by lower level hardware drivers were actually
bugs in our driver. Oops! But at least that means we can fix them
ourselves, and we did....

Npcap 1.20 released Gordon Fyodor Lyon (Mar 16)
Nmap/Npcap Community:

I'm happy to report the release of version 1.20 of the Npcap Windows packet
capturing/sending driver! It's the first release of 2021 and includes
better capabilities for selecting timestamp methods as well as many other
improvements and bug fixes. These include updating the underlying libpcap
library to version 1.10 and building our installer now with NSIS 3. More
details on all this are available from the...

Nmap 7.91 Bugfix Release Gordon Fyodor Lyon (Oct 14)
Hello everyone. I'm glad Nmap 7.90 was so well received! There were so
many improvements that the official announcement (
https://seclists.org/nmap-announce/2020/1) was a bit unwieldy. So Daniel
Miller (who made most of those changes) Tweeted his top highlights at
https://twitter.com/bonsaiviking/status/1313247253197393920

While we do work hard to avoid bugs during development and to catch them
pre-release through continuous integration...

Nmap 7.90 Released! First release since August 2019. Gordon Fyodor Lyon (Oct 03)
Hello everyone. Hot on the heels of the big Npcap 1.00 release (
https://seclists.org/nmap-announce/2020/0), we're delighted to announce a
new Nmap--version 7.90! It's the first Nmap release since Defcon 2019, even
though we've made 16 Npcap releases since then. Raw packets are so
fundamental to Nmap that we really wanted to get it right. With the
production-ready and highly performant Npcap 1.00 driver included, we can
finally...

Npcap 1.00 was just released and a new Nmap is on the way! Gordon Fyodor Lyon (Sep 28)
Hello everyone. I hope you are all safe and well during this nasty
pandemic. I obviously haven't been wearing my marketing hat enough given
that this is my first mail to the Nmap Announcement list since last
August's Nmap 7.80 release. But we've been heads-down programming since
then and have great news to report!

The biggest news is that, after more than 7 years of development and 170
previous public releases, we're...

Full Disclosure — A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

Backdoor.Win32.Coredoor.10.a / Authentication Bypass RCE malvuln (Nov 30)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/4d10cd3fa86239ade05d2b741892b1e5.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Coredoor.10.a
Vulnerability: Authentication Bypass RCE
Description: The malware listens on TCP port 21000. Third-party attackers
who can reach infected systems can logon using any username/password
combination. Intruders may then...

Backdoor.Win32.Coredoor.10.a / Port Bounce Scan malvuln (Nov 30)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/4d10cd3fa86239ade05d2b741892b1e5_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Coredoor.10.a
Vulnerability: Port Bounce Scan
Description: The malware listens on TCP port 21000. Third-party attackers
who successfully logon can abuse the backdoor FTP server as a
man-in-the-middle machine allowing PORT Command...

Email-Worm.Win32.Deltad / Insecure Permissions malvuln (Nov 30)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/33f1dc8cf5987751ac0f063601f1c324.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Email-Worm.Win32.Deltad
Vulnerability: Insecure Permissions
Description: The malware writes an .EXE with insecure permissions under c:\
drive granting change (C) permissions to the authenticated user group.
Standard users can rename the executable...

Re: Responsible Full disclosure for LiquidFiles 3.5.13 Riccardo Spampinato (Nov 23)
Dear Full Disclosure Team,

This is to ask you to kindly update our responsible disclosure.
Following the updated advisory.

===============================================================================
title: LiquidFiles Privilege Escalation
product: LiquidFiles v3.5.13
vulnerability type: Privilege Escalation
severity: High
CVSSv3 score: 8.8
CVSSv3 vector:...

Backdoor.Win32.BlueAdept.02.a / Remote Buffer Overflow malvuln (Nov 21)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/694d21679cc212c59515584d1b65dc84.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.BlueAdept.02.a
Vulnerability: Remote Buffer Overflow
Description: The malware listens on TCP port 6969, after connecting to the
infected host TCP ports 6970, 6971 are then opened. The newly opened port
6970 is vulnerable allowing...

Backdoor.Win32.BNLite / Remote Heap Based Buffer Overflow malvuln (Nov 21)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/a8818da39c7d36d9b5497d1a875798b8.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.BNLite
Vulnerability: Remote Heap Based Buffer Overflow
Description: The malware listens on TCP port 5000. Third party attackers
who can reach the system can send a specially crafted payload to trigger a
heap based buffer overflow...

Backdoor.Win32.Agent.ad / Insecure Credential Storage malvuln (Nov 21)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/d2b933ebadd5c808ca4c68ae173e2d62.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.ad
Vulnerability: Insecure Credential Storage
Description: The malware listens on TCP port 87, its default password
"hoanggia" is stored in the Windows registry in cleartext under "clrprv.oo"
in...

Backdoor.Win32.Wollf.h / Hardcoded Cleartext Password malvuln (Nov 21)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/5494b78dcfaf16aa43b5dbd563dc5582.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Wollf.h
Vulnerability: Hardcoded Cleartext Password
Description: The malware listens on TCP port 7300 and runs with SYSTEM
integrity. Authentication is required for remote user access. However, the
password "grish5800" is...

Backdoor.Win32.Wollf.a / Weak Hardcoded Password malvuln (Nov 21)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/52d1341f73c34ba2638581469120b68a.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Wollf.a
Vulnerability: Weak Hardcoded Password
Description: The malware listens on TCP port 1698 and runs with SYSTEM
integrity. Authentication is required for remote user access. However, the
password "23706373" is weak...

Backdoor.Win32.Antilam.11 / Unauthenticated Remote Command Execution malvuln (Nov 21)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/290477c9707f64a316888493ae67b1ef.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Antilam.11
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP ports 29559, 47891. Third party
attackers who can reach infected systems can execute commands made
available by the backdoor....

Backdoor.Win32.Curioso.zp / Insecure Permissions malvuln (Nov 21)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/1ae08493913b2a0c8cbcb0541da5a8bc.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Curioso.zp
Vulnerability: Insecure Permissions
Description: The malware creates a dir with insecure permissions under c:\
drive granting change (C) permissions to the authenticated user group.
Standard users can rename the...

Backdoor.Win32.Acropolis.10 / Insecure Permissions malvuln (Nov 21)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/e865fc7225c84165d7aa0c7d8a1bcb77.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Acropolis.10
Vulnerability: Insecure Permissions
Description: The malware writes an .EXE with insecure permissions under c:\
drive granting change (C) permissions to the authenticated user group.
Standard users can rename the...

Open-Xchange Security Advisory 2021-11-19 Open-Xchange GmbH via Fulldisclosure (Nov 21)
Dear subscribers,

we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Product: OX App Suite
Vendor: OX Software GmbH

Internal reference: OXUIB-872
Vulnerability type: Cross-Site Scripting (CWE-80)
Vulnerable...

Open-Xchange Security Advisory 2021-11-18 Open-Xchange GmbH via Fulldisclosure (Nov 21)
Dear subscribers,

we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Product: OX App Suite, OX Documents
Vendor: OX Software GmbH

Internal reference: MWB-993
Vulnerability type: Cross-Site Scripting (CWE-80)...

CVE-2021-44033: Ionic Identity Vault PIN Unlock Lockout Bypass (Android & iOS) Emanuel DUSS (Nov 21)
#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: Identity Vault
# Vendor: Ionic
# CSNC ID: CSNC-2021-020
# CVE ID: CVE-2021-44033
# Subject: PIN Unlock Lockout Bypass (Android & iOS)
# Severity: Medium
# Effect: Authentication Bypass
# Author: Emanuel Duss...

Other Excellent Security Lists

Bugtraq — The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

Info Security News — Carries news items (generally from mainstream sources) that relate to security.

Daily Dave — This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.

Re: Active Directory - a clear and present danger Moses Frost via Dailydave (Jul 26)
I am always in shock when people cannot see the forests from the tree's even when talking to peers. First things first,
Azure AD and many IdP's are not impervious to attack. Through Oauth2 and other privilege abuse angles in the IdP
itself, backdooring systems are (and will continue to be) a thing. For those on defense, I hope you are checking on
those MS Graph enabled Service Principals while I am waving at the other end (hello)....

Re: Active Directory - a clear and present danger François Zöfel via Dailydave (Jul 26)
Speaking for a heavily regulated EU business here: a US cloud based solution will most probably not fit our needs. Both
GDPR and rules about not being dependent on 3rd party businesses to conduct our own mean we’re stuck with an on-prem AD.

I’m very interested to hear about any potential alternative.

François

Le dim., juil. 25, 2021 à 07:50, Peter Bance via Dailydave <dailydave () lists aitelfoundation org> a écrit :

Dailydave...

Re: Active Directory - a clear and present danger Peter Bance via Dailydave (Jul 25)
Funnily enough, I’ve just decommissioned our last Domain Controller - as you rightly say, AD is just too much pain/risk
to keep in place. Azure AD for us - still not 100% ideal, but rapidly improving, and transfers a lot of the
infrastructure/config pain to Microsoft themselves.

Obviously admins can still make horrible mistakes, but that’s easier to monitor than all config across an on-prem
forest, and it’s far simpler to limit (or even...

Active Directory - a clear and present danger Dave Aitel via Dailydave (Jul 24)
So I definitely have a different mental history of active directory than
most people, and recently I was doing a Glasshouse podcast with Pablo Breuer
<https://www.linkedin.com/in/pablobreuer/> and here
<https://youtu.be/Z0d6qNLevUY?t=2714> he says basically the same thing
everyone says, which is that it's impossible to move off of technology even
when that technology has a history of severe flaws, or a design flaw that
means it...

"Hack the Planet" Dave Aitel via Dailydave (May 20)
[image: image.png]

Ok ya'll - you're letting me down. There's a thousand ways you and your
friends can use 10k to improve the world - engineering a solution nobody
would pay for because it's not something you can put at a booth at RSAC.

EVERYONE ON THIS LIST needs to either submit for a grant, or find someone
who will submit for a grant. You're telling me not one of those
superhackers at Microsoft and Google can find a...

Plausible. Dave Aitel via Dailydave (Apr 11)
A while back I was chatting with someone at INFILTRATE, over fried
alligator and more alcohol than I probably should have imbibed, and he
said, "We're going to make fuzzing obsolete, because we have more CPUs on
the problem than anyone can reasonably duplicate, and we're going to
exhaust the space".

And it's PLAUSIBLE in a way. I've watched a few of the live streams that
Brandon Falk does, and you can see how like,...

PaulDotCom — General discussion of security news, research, vulnerabilities, and the PaulDotCom Security Weekly podcast.

BHIS Sorta Top Used Tools of 2018 John - Black Hills Information Security (Dec 06)
Free Webcast

Hello all,

For our next webcast we will cover some of the core tools we use all the time at Black Hills Information Security.
However, there will be a twist. We will not talk about Nessus, Nmap, or Metasploit. Why? Because there are a ton of new
(and older) tools we use that fall outside of the standard tools you see in every security book/blog out there.

Basically, we are trying to be edgy and different.

You may want to come...

BHIS Webcast - Tues 10/2 @ 11am MDT John Strand - Black Hills Information Security (Sep 26)
Hello All,

In this next webcast I want to cover what I am doing with the BHIS Systems team to create a C2/Implant/Malware test
bed. Testing our C2/malware solutions is important because vendors tend to lie or over-hype their capabilities. I will
cross reference some different malware specimens to the MITRE ATT&CK framework and we will cover how you can use these
techniques to test your defensive solutions at both the endpoint and the...

BHIS Webcast: The PenTest Pyramid of Pain 9/4 - 11am MDT Sierra - Black Hills Information Security (Aug 29)
Hello!

How are you all? We had a fantastic webcast last week with John Strand and Chris Brenton and we're still working
through some unexpected hiccups to get the recording up and posted. The podcast version is on our blog, and the YouTube
version will be posted shortly on the Active Countermeasures channel and blog as well. Thanks for all of you who
ventured over to attend!

Ready for another awesome BHIS webcast? Dakota is back and...

Webcast with CJ: Tues 7/24 at 11am Sierra - Black Hills Information Security (Jul 19)
Our upcoming webcast will be about POLICY...

Did you check out when you heard “policy”? Policy can often seem like a drudgery, but it’s also an important and
potentially overlooked part of business and procedure; it’s the framework on which security is really built!

CJ, our COO and Head of Sales has experience writing, assessing and implementing policies for many different kinds of
companies. And if you are worried it will be dry and...

Microsoft Sec Notification — Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products—note how most have a prominent and often-misleading "mitigating factors" section.

Microsoft Security Update Minor Revisions Microsoft (Dec 11)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: December 11, 2018
********************************************************************

Summary
=======

The following CVE has undergone a minor revision
increment:

* CVE-2018-8172

Revision Information:
=====================

- CVE-2018-8172 | Visual Studio Remote Code Execution
Vulnerability
-...

Microsoft Security Update Minor Revisions Microsoft (Nov 14)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: November 14, 2018
********************************************************************

Summary
=======

The following CVEs and advisory have undergone a minor revision
increment:

* CVE-2018-8454
* CVE-2018-8552
* ADV990001

Revision Information:
=====================

- CVE-2018-8454 | Windows Audio Service...

Microsoft Security Update Minor Revisions Microsoft (Oct 24)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: October 24, 2018
********************************************************************

Summary
=======

The following CVE has undergone a minor revision increment:

* CVE-2018-8512

Revision Information:
=====================

- CVE-2018-8512 | Microsoft Edge Security Feature Bypass
Vulnerability
-...

Microsoft Security Update Releases Microsoft (Oct 19)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 19, 2018
********************************************************************

Summary
=======

The following CVE been added to the October 2018 Security updates:

* CVE-2018-8569

Revision Information:
=====================

- CVE-2018-8569 | Yammer Desktop Application Remote Code Execution
Vulnerability
-...

Microsoft Security Update Releases Microsoft (Oct 17)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 17, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a major revision increment:

* CVE-2010-3190

Revision Information:
=====================

- CVE-2010-3190 | MFC Insecure Library Loading Vulnerability
-...

Microsoft Security Update Minor Revisions Microsoft (Oct 09)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: October 9, 2018
********************************************************************

Summary
=======

The following CVE has undergone a minor revision increment:

* CVE-2018-8531

Revision Information:
=====================

- CVE-2018-8531 | Azure IoT Device Client SDK Memory Corruption
Vulnerability
-...

Microsoft Security Update Releases Microsoft (Oct 09)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 9, 2018
********************************************************************

Summary
=======

The following CVE been added to the October 2018 Security updates:

* CVE-2018-8292

Revision Information:
=====================

- CVE-2018-8292 | .NET Core Information Disclosure Vulnerability
-...

Microsoft Security Update Releases Microsoft (Oct 09)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 9, 2018
********************************************************************

Summary
=======

The following bulletin has undergone a major revision increment:

* MS11-025

Revision Information:
=====================

- https://docs.microsoft.com/en-us/security-updates/
SecurityBulletins/2011/ms11-025:...

Microsoft Security Update Summary for October 9, 2018 Microsoft (Oct 09)
********************************************************************
Microsoft Security Update Summary for October 9, 2018
Issued: October 9, 2018
********************************************************************

This summary lists security updates released for October 9, 2018.

Complete information for the October 2018 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>.

Please note the...

Microsoft Security Update Releases Microsoft (Oct 02)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 2, 2018
********************************************************************

Summary
=======

The following CVE has undergone a major revision increment:

* CVE-2018-0952

Revision Information:
=====================

- CVE-2018-0952 | Diagnostic Hub Standard Collector Elevation of
Privilege Vulnerability
-...

Microsoft Security Advisory Notification Microsoft (Sep 12)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: September 12, 2018
********************************************************************

Security Advisories Released or Updated on September 12, 2018
===================================================================

* Microsoft Security Advisory ADV180022

- Title: Windows Denial of Service Vulnerability
-...

Microsoft Security Update Minor Revisions Microsoft (Sep 12)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: September 12, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a minor revision increment:

* CVE-2018-8421
* CVE-2018-8468

Revision Information:
=====================

- CVE-2018-8421 | .NET Framework Remote Code Execution
Vulnerability...

Microsoft Security Update Summary for September 11, 2018 Microsoft (Sep 11)
********************************************************************
Microsoft Security Update Summary for September 11, 2018
Issued: September 11, 2018
********************************************************************

This summary lists security updates released for September 11, 2018.

Complete information for the September 2018 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>....

Microsoft Security Update Releases Microsoft (Sep 11)
********************************************************************
Title: Microsoft Security Update Releases
Issued: September 11, 2018
********************************************************************

Summary
=======

The following CVE has undergone a major revision increment:

* CVE-2018-8154

Revision Information:
=====================

- CVE-2018-8154 | Microsoft Exchange Memory Corruption
Vulnerability
-...

Microsoft Security Advisory Notification Microsoft (Sep 11)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: September 11, 2018
********************************************************************

Security Advisories Released or Updated on September 11, 2018
===================================================================

* Microsoft Security Advisory ADV180002

- Title: Guidance to mitigate speculative execution...

Funsec — While most security lists ban off-topic discussion, Funsec is a haven for free community discussion and enjoyment of the lighter, more humorous side of the security community

Verizon: 1.5M of Contact Records Stolen, Now on Sale Jeffrey Walton (Mar 26)
http://www.mobipicker.com/verizon-1-5m-contact-records-stolen-now-sale/:

A business to business telecommunication giant,
Verizon Enterprise Solutions, a Basking Ridge,
New Jersey-based company, has been the latest
victim of a cyber crime that stole 1.5 million contact
records of the customers of Verizon...

I don't quite understand this double talk. Could someone explain to me:

A spokesperson from Verizon said that...

Statement on Lavabit Citation in Apple Case Jeffrey Walton (Mar 16)
(From John Young on another list):
http://www.facebook.com/KingLadar/posts/10156714933135038

As many of you already know, the government cited the Lavabit case in
a footnote. The problem is their description insinuates a precedent
that was never created. Obviously I was somewhat disturbed by their
misrepresentation. So I decided to draft a statement. And keep in
mind, these are the same people who say "trust us." Click continue to
read...

The NSA's back door has given every US secret to our enemies Jeffrey Walton (Feb 29)
http://www.businessinsider.com/john-mcafee-nsa-back-door-gives-every-us-secret-to-enemies-2016-2

Deng Xiaoping, in 1979 - his second year as supreme leader of China -
perceived a fundamental truth that has yet to be fully grasped by most
Western leaders: Software, if properly weaponized, could be far more
destructive than any nuclear arsenal.

Under Deng’s leadership, China began one of the most ambitious and
sophisticated meta- software...

Can Spies Break Apple Crypto? Jeffrey Walton (Feb 27)
Here's an interesting exchange between Cryptome and Michael Froomkin,
Law Professor at University of Miami, on the All Writs Act
(http://cryptome.org/2016/02/can-spies-break-apple-crypto.htm):

-----

A. Michael Froomkin:

The factual posture in the key Supreme Court precedent, New York
Telephone, involved a situation where only the subject of the order
was capable of providing the assistance at issue. This is the basis
for Apple's...

The FBI's iPhone Problem: Tactical vs. Strategic Thinking Jeffrey Walton (Feb 23)
http://www.technewsworld.com/story/83130.html

I'm an ex-sheriff, and I've been in and out of security jobs for much
of my life, so I've got some familiarity with the issues underlying
the drama between the FBI and Apple. FBI officials -- and likely those
in every other three-letter agency and their counterparts all over the
world -- would like an easier way to do their jobs. Wouldn't we all?

If they could put cameras in...

Wanted: Cryptography Products for Worldwide Survey Jeffrey Walton (Jan 01)
(http://www.schneier.com/crypto-gram/archives/2015/1215.html):

In 1999, Lance Hoffman, David Balenson, and others published a survey
of non-US cryptographic products. The point of the survey was to
illustrate that there was a robust international market in these
products, and that US-only export restrictions on strong encryption
did nothing to prevent its adoption and everything to disadvantage US
corporations. This was an important contribution...

CERT Advisories — The Computer Emergency Response Team has been responding to security incidents and sharing vulnerability information since the Morris Worm hit in 1986. This archive combines their technical security alerts, tips, and current activity lists.

Open Source Security — Discussion of security flaws, concepts, and practices in the Open Source community

Re: CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures Alan Coopersmith (Dec 01)
https://bugs.chromium.org/p/project-zero/issues/detail?id=2237 states that
"It's been 30 days since the initial thunderbird patches have been released".

Is there a corresponding Thunderbird patch/advisory/release distros should be
shipping as well?

CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures Dennis Jackson (Dec 01)
Summary:

NSS (Network Security Services) versions prior to 3.73 are vulnerable
to a heap overflow when handling DER-encoded DSA or RSA-PSS
signatures. Applications using NSS for handling signatures encoded
within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted.
Applications using NSS for certificate validation or other TLS, X.509,
OCSP or CRL functionality may be impacted, depending on how they
configure NSS.

This vulnerability does...

Re: IMA gadgets Jens Timmerman (Dec 01)
An attacker doesn't need to SUID a questionable binary, just any binary
that would then allow to execute commands. e.g. /usr/bin/bash or less
obvious but still obvious perl, python, vim, sudoedit, and 100's of
other default tools that could be used to an attackers advantage once
they are SUID.

Re: IMA gadgets Johannes Segitz (Dec 01)
It provides "the customer is happy" value. From a security POV it doesn't
help much (on a normal Linux system, can be different if you really strip
it down). But AMSI also doesn't help and people are still keen on enabling
it, despite bypasses being available all the time. Same will happen for
IMA.

Johannes

Re: IMA gadgets Grant Taylor (Dec 01)
Pre-script: I'm new to Linux's Integrity Measurement Architecture so my
comments below may be completely off base. Please gently correct me if
that's the case.

My understanding is that the signature which uses public & private keys
would be more resilient than just a hash in that the signature created
with the private key (which need not be on system) can be verified with
the public key on system. A simple hash...

IMA gadgets Florian Weimer (Nov 30)
There's an idea floating around that you can take an established Linux
distribution, create IMA signatures for all installed files in its
packages, and use those signatures to lock out bad content at run time
using IMA verification in the kernel.

I do not think this works in the sense that it can detect serve for more
than just detecting file corruption (as an unsigned hash would). First
of all, there is the issue that IMA signatures (at...

CVE-2021-4002: Linux kernel: Missing TLB flush on hugetlbfs Nadav Amit (Nov 25)
On Linux kernel 3.6 and later it is possible for an attacker to leak or change
data that resides on hugetlbfs. Such data can reside on hugetlbfs, for
instance, if the victim runs mmap() using the MAP_HUGETLB or shmget() with
SHM_HUGETLB. If a victim maps executable code onto hugetlbfs, the executable
can be modified as well.

The bug is caused due to a missing TLB flush when unmapping of a page of PMDs
is performed by clearing a PUD. While the...

Xen Security Advisory 388 v3 (CVE-2021-28704,CVE-2021-28707,CVE-2021-28708) - PoD operations on misaligned GFNs Xen . org security team (Nov 23)
Xen Security Advisory CVE-2021-28704,CVE-2021-28707,CVE-2021-28708 / XSA-388
version 3

PoD operations on misaligned GFNs

UPDATES IN VERSION 3
====================

Correct affected versions range.

Add CVE numbers to patches.

Public release.

ISSUE DESCRIPTION
=================

x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode,
to provide a way for them to later...

Xen Security Advisory 387 v2 (CVE-2021-28703) - grant table v2 status pages may remain accessible after de-allocation (take two) Xen . org security team (Nov 23)
Xen Security Advisory CVE-2021-28703 / XSA-387
version 2

grant table v2 status pages may remain accessible after de-allocation (take two)

UPDATES IN VERSION 2
====================

Public release.

ISSUE DESCRIPTION
=================

Guest get permitted access to certain Xen-owned pages of memory. The
majority of such pages remain allocated / associated with a guest for
its entire lifetime. Grant...

Xen Security Advisory 389 v3 (CVE-2021-28705,CVE-2021-28709) - issues with partially successful P2M updates on x86 Xen . org security team (Nov 23)
Xen Security Advisory CVE-2021-28705,CVE-2021-28709 / XSA-389
version 3

issues with partially successful P2M updates on x86

UPDATES IN VERSION 3
====================

Add CVE numbers to patches.

Public release.

ISSUE DESCRIPTION
=================

x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode,
to provide a way for them to later easily have more memory assigned.

Guests are...

Xen Security Advisory 385 v2 (CVE-2021-28706) - guests may exceed their designated memory limit Xen . org security team (Nov 23)
Xen Security Advisory CVE-2021-28706 / XSA-385
version 2

guests may exceed their designated memory limit

UPDATES IN VERSION 2
====================

Add CVE numbers to patches.

Public release.

ISSUE DESCRIPTION
=================

When a guest is permitted to have close to 16TiB of memory, it may be
able to issue hypercalls to increase its memory allocation beyond the
administrator...

[CVE-2021-44140] Apache JSPWiki Arbitrary file deletion on logout Juan Pablo Santos Rodríguez (Nov 23)
Severity
Critical

Vendor
The Apache Software Foundation

Versions Affected
Apache JSPWiki up to 2.11.0.M8

Description
Remote attackers may delete arbitrary files in a system hosting a
JSPWiki instance by using a carefuly crafted http request on logout,
given that those files are reachable to the user running the JSPWiki
instance.

Mitigation
Apache JSPWiki users should upgrade to 2.11.0 or later.

Credit
This issue was discovered by haby0...

[CVE-2021-40369] Apache JSPWiki Cross-site scripting vulnerability on Denounce plugin Juan Pablo Santos Rodríguez (Nov 23)
Severity
Medium

Vendor
The Apache Software Foundation

Versions Affected
Apache JSPWiki up to 2.11.0.M8

Description
A carefully crafted plugin link invocation could trigger an XSS
vulnerability on Apache JSPWiki, related to the Denounce plugin, which
could allow the attacker to execute javascript in the victim's browser
and get some sensitive information about the victim.

Mitigation
Apache JSPWiki users should upgrade to 2.11.0 or later....

Re: CVE-2021-43557: Apache APISIX: Path traversal in request_uri variable Zhiyuan Ju (Nov 23)
Hi,

Thanks to Marcin, and Apache APISIX's Website just published his blog about
this CVE[1].

Welcome to read this post :)

[1] https://apisix.apache.org/blog/2021/11/23/cve-2021-43557-research-report

Best Regards!
@ Zhiyuan Ju <https://github.com/juzhiyuan>

Zexuan Luo <spacewander () apache org> 于2021年11月22日周一下午2:30写道：

Re: CVE-2021-43557: Apache APISIX: Path traversal in request_uri variable Marcin Niemiec (Nov 22)
Hi,

Looks good to me.

It's really awesome that you verified this issue and provided fix so
quickly!

Best,
Marcin

pon., 22 lis 2021 o 07:30 Zexuan Luo <spacewander () apache org> napisał(a):

Educause Security Discussion — Securing networks and computers in an academic environment.

Internet Issues and Infrastructure

NANOG — The North American Network Operators' Group discusses fundamental Internet infrastructure issues such as routing, IP address allocation, and containing malicious activity.

Re: private 5G networks? James Jun (Dec 01)
[ snip ]

The public transit market of rail industry has been in discussions for a while re:
mitigation measures (such as licensed band) against possible interference on CBTC
signalling data links. It is however a standardization issue (much like we here
in internet infrastructure continue to discuss improvements to BGP and its lingering
security issues, nothing is perfect in every industry I suppose..).

Moreover, the degree of disruption to...

Re: private 5G networks? Tom Beecher (Dec 01)
Thanks for sharing that. Excellent read, really interesting stuff.

Couple quick takeaways:

- The design is clearly well thought out to account for the environment of
tunnels and moving trains.
- They have designed redundancy and diversity into the systems that would
really make it difficult to execute a prolonged attack.
- Certain aspects of the underground environment actually make some things
easier than a wide open area.

Re: private 5G networks? Tom Beecher (Dec 01)
Even with a security perimeter, a cantenna or yagi can easily bridge the
gap.

While you are correct that it's just as illegal to intentionally interfere
with the unlicensed wifi bands as it is with CBRS, the difference is that
the FCC and regulatory bodies are much more likely to investigate and take
action against intentional interference in these frequency ranges than they
would be in the unlicensed wifi bands.

On Tue, Nov 30, 2021 at...

IMPORTANT - Fwd: [arin-announce] Retirement of ARIN Non-Authenticated IRR on 31 March 2022 John Curran (Dec 01)
Network Operators -

Please read and take note that ARIN’s Non-Authenticated IRR service will be retired on 31 March 2022.

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

Begin forwarded message:

From: ARIN <info () arin net<mailto:info () arin net>>
Subject: [arin-announce] Retirement of ARIN Non-Authenticated IRR on 31 March 2022
Date: 1 December 2021 at 8:32:30 AM EST
To: arin-announce...

Re: private 5G networks? Baldur Norddahl (Dec 01)
This should give a good overview:

https://backend.orbit.dtu.dk/ws/files/128950142/COMST2661384.pdf

It is in fact quite interesting.

And yes these are low bandwidth but on the other hand often stretch wifi to
the very limits on the distance between bases. I am not claiming this is
the same use case as a warehouse. I am pointing out that the argument that
a system critical implementation _must_ be based on licensed frequencies
does not hold as...

Re: private 5G networks? Shane Ronan (Nov 30)
Sorry, I wasn't sure what you meant by 3rd tier, but yes, we are talking
about GAA.

The important bit is as I stated is "or that nobody currently is
transmitting on"

And yes, the CBRS Radio, called a CBSD must be configured ahead of time to
making freq grant requests to the SAS. This happens via the Mgmt.
connection of the CBSD and is done via TLS over HTTP.

Shane

Re: private 5G networks? John Gilmore (Nov 30)
Michael Thomas <mike () mtcc com> wrote:

https://en.wikipedia.org/wiki/Citizens_Broadband_Radio_Service

it has 3 tiers:

* Incumbent access, primarily government and military radars, plus some
pre-existing band users.

* 3550 to 3650 MHz in 10MHz chunks, allocated for priority users by census
tracts for up to 3 years, with up to 7 Priority Access Licenses per tract.
Competitive bidding for getting these licenses.

* General Authorized...

Re: private 5G networks? sronan (Nov 30)
My understanding is those systems require very little bandwidth, so barring a full “jam” of the full spectrum, it can
still operate.

This is not the same use case as most private 5G implementations.

Shame

Re: private 5G networks? James Jun (Nov 30)
He's talking about CBTC running on 2.4Ghz band for DCS. And yes he is right, numerous metro subway systems use this.

For heavy rail deployments, ETCS Level 2 uses GSM-R.

James

Re: private 5G networks? Shane Ronan (Nov 30)
Please provide details on public transit systems that are controlled via
Wifi, I find that very interesting.

Shane

On Tue, Nov 30, 2021 at 5:43 PM Baldur Norddahl <baldur.norddahl () gmail com>
wrote:

Re: private 5G networks? Shane Ronan (Nov 30)
I'm sorry Anthony, but you are just plain wrong. You do not have protection
rights which means that people can infringe, but the SAS will only provide
you a channel that others haven't already been granted. This is very
different from protection rights which are guaranteed to higher class
users. If this were the case, there would be no need for a SAS registration
in the GAA space as it would be a free for all.

And because it is still...

Re: private 5G networks? Baldur Norddahl (Nov 30)
tir. 30. nov. 2021 23.19 skrev Tom Beecher <beecher () beecher cc>:

If we are talking about wifi 6E on 6 GHz sitting in a parking lot trying to
cause harmful interference within legal limits will not successfully harm
the operation within a building, especially not if the owner has a security
perimeter. Harmful interference on purpose is not legal in any case.

On the other hand, saboteurs rarely care about legal and can easily jam
either...

Re: private 5G networks? Anthony (Nov 30)
Opps,

Replied direct this is a bit one sided of the conversation but I want to
make certain the community is clear on this as CBRS is a valuable spectrum.

Unfortunately Shane this is incorrect. GAA is not significantly
different then any unlicensed spectrum as to interference avoidance.
But the SAS will typically have tools that will give you some info on
how to avoid channels already in use. This is truly useful.

As a CBRS GAA...

Re: private 5G networks? Tom Beecher (Nov 30)
Nothing illegal about someone sitting in a parking lot next door with a
pineapple turned up to 11 that's washing out all the normal wifi spectrum.

It would be illegal to do that with CBRS.

On Tue, Nov 30, 2021 at 4:57 PM Baldur Norddahl <baldur.norddahl () gmail com>
wrote:

Re: private 5G networks? Baldur Norddahl (Nov 30)
tir. 30. nov. 2021 22.09 skrev Shane Ronan <shane () ronan-online com>:

In my view there is no practical difference. The owner has full control of
his warehouse and it would be very illegal for any outside party to install
any device at all including unauthorised wifi devices.

For comparison, consider that many city train systems are operating
signaling using wifi equipment.

Regards

Baldur

Interesting People — David Farber moderates this list for discussion involving internet governance, infrastructure, and any other topics he finds fascinating

Mejoramos tu Wifi en toda tu casa Wifix (Dec 01)

 

 

 

 

OPTIMIZAMOS LA COBERTURA DE TU RED WIFI

 

 

 

 

 

 ...

Cambio de Cheques y Ahora Tambien e-cheqs, Cheques Electronicos Unicheques (Nov 30)

Consultas al Whatsapp aqui

Ahora tambien e-chqs

 

Si te gusto este Newsletter

hace click aquí para reenviar este email a un amigo

 

*Enviamos tu Campaña a Nuestras Bases* 

podes ver nuestros Trabajos y BASES haciendo click aqui

 

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le pedimos disculpas, el mismo posee una opcion...

Emprendimientos, Palermo, Belgrano, Nuñez, Saavedra, Caballito, Parque Centenario, etc La Capitana (Nov 29)

Emprendimientos

 

 

 

 

 

 

 

 

 

 

Mas Emprendimientos haciendo click aqui

 

 

 

 

La Capitana Real Estate de Marisa G. Snatman

Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA

3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 ...

Beneficios Exclusivos clientes de CLARO Movistar Negocios (Nov 26)

@font-face{
font-family:"Times New Roman";
}

@font-face{
font-family:"宋体";
}

@font-face{
font-family:"Calibri";
}

@font-face{
font-family:"Calibri";
}

@font-face{
font-family:"Wingdings";
}

@font-face{
font-family:"Calibri";
}

@font-face{
font-family:"Arial";
}

p.MsoNormal{
mso-style-name:Normal;
mso-style-parent:"";...

Altos de Nuñez desde us1700 el m2 La Capitana Real Estate (Nov 25)

desde u$s 1700 el m2

Mas Proyectos haciendo click aqui

 

La Capitana Real Estate de Marisa G. Snatman,

Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA,

3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 

 

Si te Gusto este Newsletter

hace click aquí para reenviar este email a un amigo

 

 

Si este Correo Electronico le ha llegado y...

Termometros Digitales Infrarrojo, COVID Articsa (Nov 24)

🌡 Termometros Digitales Infrarrojos - COVID 👁

consultar por mas cantidades

Pedidos a este 11-5794-1082, Whatsapp

 

 

 

hace click aquí para reenviar este email a un amigo

 

*Enviamos tu Campaña a Nuestras Bases*

podes ver nuestros Trabajos aqui

 

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le pedimos disculpas, el mismo...

a Estrenar Nuñez con MUCHA ONDA, HORMIGON, ACERO y VIDRIO La Capitana (Nov 23)

5to Piso, monoambiente contrafrente a Pulmon de Manzana

1er Piso, monoambiente con patio

3er Piso,  2 ambientes contrafrente a Pulmon de Manzana

 

 

La Capitana Real Estate de Marisa G. Snatman,

Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA,

3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 

Te Gusto este Newsletter ?

hace click aquí para...

Oportunidades en Departamentos a ESTRENAR Auge Propiedades de Hernan Iradi (Nov 19)

Depto Juan B. Alberdi mas informacion haciendo click aqui

Depto Riglos mas informacion haciendo click aqui

 

 

 

Saludos cordiales

4816 - 7272 / 1154524215
contacto () augepropiedades com ar
www.augepropiedades.com.ar

Auge Propiedades

 

 

hace click aquí para reenviar este email a un amigo

 

*Enviamos tu Campaña a Nuestras Bases*

podes ver nuestros Trabajos y Bases...

Pre-Venta en Almagro con Piscina, Sum Sauna Gym y Parrilla La Capitana Real Estate (Nov 18)

La Capitana Real Estate de Marisa G. Snatman

Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA

3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 

 

 

Si te Gusto este Newsletter

 

hace click aquí para reenviar este email a un amigo

 

 

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le...

Cambio de Cheques y Ahora Tambien e-cheqs, Cheques Electronicos Unicheques (Nov 17)

Consultas al Whatsapp aqui

Ahora tambien e-chqs

 

Si te gusto este Newsletter

hace click aquí para reenviar este email a un amigo

 

*Enviamos tu Campaña a Nuestras Bases* 

podes ver nuestros Trabajos y BASES haciendo click aqui

 

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le pedimos disculpas, el mismo posee una opcion...

Cuotas en Pesos sin Banco, MUY FACIL, podes obtener el credito con el desarrollista directo La Capitana Real Estate (Nov 16)

CUOTAS en PESOS sin Banco, MUY FACIL

podes obtener tu CREDITO con el CONSTRUCTOR DIRECTAMENTE

Hasta 240 cuotas 7 % anual mas UVAS con 30% al boleto

 

La Capitana Real Estate de Marisa G. Snatman,

Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA,

3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 

Te Gusto este Newsletter ?

hace click aquí para reenviar este...

Mejoramos tu Wifi en toda tu casa Wifix (Nov 15)

 

 

 

 

OPTIMIZAMOS LA COBERTURA DE TU RED WIFI

 

 

 

 

 

 ...

Belgrano 1, 2 y 3 ambientes, PREMIUM Full Amenties, desde u$s 89.000 La Capitana (Nov 12)

PREMIUM Full Amenties, Belgrano 1, 2 y 3 ambientes

 

Grupo Electrógeno de Emergencia para servicios generales, asegurando el funcionamiento de 1 ascensor, luces de garaje,
rutas de fuga y bomba de agua.

 

El mismo está ubicado en el corazón del barrio de Belgrano y comenzó su construcción en el mes de Febrero de 2021

El emprendimiento contará con Excelentes Amenities ubicados en el 10° piso, acordes con la...

Terrazas de Nuñez, TRIPLE FRENTE, Amenities desde u$s 1.788 el m2 La Capitana (Nov 11)

Mas Emprendimientos haciendo click aqui

 

La Capitana Real Estate de Marisa G. Snatman

Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA

3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 

 

 

Te Gusto este Newsletter ?

hace click aquí para reenviar este email a un amigo

 

 

Para remover su dirección de esta lista...

Oportunidades en Departamentos a ESTRENAR Auge Propiedades de Hernan Iradi (Nov 10)

Depto Juan B. Alberdi mas informacion haciendo click aqui

Depto Riglos mas informacion haciendo click aqui

 

 

 

Saludos cordiales

4816 - 7272 / 1154524215
contacto () augepropiedades com ar
www.augepropiedades.com.ar

Auge Propiedades

 

 

hace click aquí para reenviar este email a un amigo

 

*Enviamos tu Campaña a Nuestras Bases*

podes ver nuestros Trabajos y Bases...

The RISKS Forum — Peter G. Neumann moderates this regular digest of current events which demonstrate risks to the public in computers and related systems. Security risks are often discussed.

Risks Digest 32.93 RISKS List Owner (Nov 22)
RISKS-LIST: Risks-Forum Digest Monday 22 November 2021 Volume 32 : Issue 93

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.93>
The current issue can also be found at
<...

Risks Digest 32.92 RISKS List Owner (Nov 06)
RISKS-LIST: Risks-Forum Digest Saturday 6 November 2021 Volume 32 : Issue 92

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.92>
The current issue can also be found at
<...

Risks Digest 32.91 RISKS List Owner (Oct 30)
RISKS-LIST: Risks-Forum Digest Saturday 30 October 2021 Volume 32 : Issue 91

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.91>
The current issue can also be found at
<...

Risks Digest 32.90 RISKS List Owner (Oct 17)
RISKS-LIST: Risks-Forum Digest Sunday 17 October 2021 Volume 32 : Issue 90

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.90>
The current issue can also be found at
<...

Risks Digest 32.89 RISKS List Owner (Oct 03)
RISKS-LIST: Risks-Forum Digest Sunday 3 October 2021 Volume 32 : Issue 89

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.89>
The current issue can also be found at
<...

Risks Digest 32.88 RISKS List Owner (Sep 18)
RISKS-LIST: Risks-Forum Digest Saturday 18 September 2021 Volume 32 : Issue 88

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.88>
The current issue can also be found at
<...

Risks Digest 32.87 RISKS List Owner (Sep 11)
RISKS-LIST: Risks-Forum Digest Saturday 11 September 2021 Volume 32 : Issue 87

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.87>
The current issue can also be found at
<...

Risks Digest 32.86 RISKS List Owner (Sep 05)
RISKS-LIST: Risks-Forum Digest Sunday 5 September 2021 Volume 32 : Issue 86

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.86>
The current issue can also be found at
<...

Risks Digest 32.85 RISKS List Owner (Sep 01)
RISKS-LIST: Risks-Forum Digest Wednesday 1 September 2021 Volume 32 : Issue 85

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.85>
The current issue can also be found at
<...

Risks Digest 32.84 RISKS List Owner (Aug 26)
RISKS-LIST: Risks-Forum Digest Thursday 26 August 2021 Volume 32 : Issue 84

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.84>
The current issue can also be found at
<...

Risks Digest 32.83 RISKS List Owner (Aug 19)
RISKS-LIST: Risks-Forum Digest Thursday 19 August 2021 Volume 32 : Issue 83

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.83>
The current issue can also be found at
<...

Risks Digest 32.82 RISKS List Owner (Aug 13)
RISKS-LIST: Risks-Forum Digest Friday 13 August 2021 Volume 32 : Issue 82

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.82>
The current issue can also be found at
<...

Risks Digest 32.81 RISKS List Owner (Aug 07)
RISKS-LIST: Risks-Forum Digest Saturday 7 August 2021 Volume 32 : Issue 81

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.81>
The current issue can also be found at
<...

Risks Digest 32.80 RISKS List Owner (Aug 05)
RISKS-LIST: Risks-Forum Digest Thursday 5 August 2021 Volume 32 : Issue 80

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.80>
The current issue can also be found at
<...

Risks Digest 32.79 RISKS List Owner (Aug 02)
RISKS-LIST: Risks-Forum Digest Monday 2 August 2021 Volume 32 : Issue 79

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.79>
The current issue can also be found at
<...

BreachExchange — BreachExchange focuses on all things data breach. Topics include actual data breaches, cyber insurance, risk management, metrics and more. This archive includes its predecessor, the Data Loss news and discussion lists.

Open Source Tool Development

Wireshark — Discussion of the free and open source Wireshark network sniffer. No other sniffer (commercial or otherwise) comes close. This archive combines the Wireshark announcement, users, and developers mailing lists.

How to allow Wireshark to stop extcap on Windows? Jirka Novak (Dec 01)
Hi,

I'm working on ciscodump extcap tool. I'm touching issue with allow
the tool to cleanup when Wireshark stops the capture.

When a extcap tool is started, Wireshark just creates a pipe, starts
the application and reads the pipe. The application feeds packets and
when it decides, it stops (e.g. expected count of packets reached) and
exits. Wireshark notice it and that is done.
When Wireshark needs to stop the capture, it closes...

Re: How to troubleshoot extcap applications? Jirka Novak (Dec 01)
Hi Roland,

I think there is no README.extcap. There is just extcap.adoc, but it is
about application, not about code/API. BTW I'm missing it.

Or do you think any other specific document?

I tested it with Wireshark/Qt. I can retest it with tshark too, good point.

I tested my try on Windows, but plan is to retest it on all three
platforms (Linux/Mac/Windows) before merge.

Best regards,...

Re: How to troubleshoot extcap applications? João Valverde (Dec 01)
This is almost certainly my fault when integrating extcap with wslog.
Thanks for looking into it.

I'm not sure disabling every message to stderr is a good idea. The
problem space is the same as with dumpcap and that already works seamlessly.

But for now muting stderr with extcap --debug is probably good enough
and I can look into it later, if you prefer.

Re: How to troubleshoot extcap applications? Roland Knall (Dec 01)
Could we additionally add a note to README.extcap? Just in case, some
external extcap tools sumble across this as well?

Also, one more thing, have you tested with tshark only or also using qt? Qt
in general redirects all std... pipes, which should not matter as we are
started through dumpcap.

Also, please test on Windows, as it behaves a little different from
Linux/mac in the case of pipes/standard pipes

Change is fine by me

regards
Roland...

Re: How to troubleshoot extcap applications? Dario Lombardo (Dec 01)
I'm ok with this change. I can give you direct support for the extcaps I
wrote (sshdump/ciscodump, udpdump, randpktdump), and do my best with the
others.

How to troubleshoot extcap applications? Jirka Novak (Dec 01)
Hi,

I noticed issue below and I propose a solution for it. Can I ask for
comments?

Every extcap tool has --debug and --debug-file options, but when they
are used, it do "nothing". File is created, but it is empty.
Later I found that it must be used with --log-level=debug to really
log messages.
The issue is that when you increase --log-level, it logs to console
(STDERR). So when extcap is started from Wireshark, it mixes log...

Review Merge Request 4895 Ismael Mendez via Wireshark-dev (Nov 30)
Hi,

Recently I implemented a change for allowing dissection of compressed user
data in the protocol RTPS. It has been a while since the merge request
<https://gitlab.com/wireshark/wireshark/-/merge_requests/4895> was created
but is still inactive. Could you please have a look at it? Or in case there
is something wrong with it that must be fixed before start reviewing it
please let me know and I'll fix it as soon as possible. Thanks....

Re: last touches for custom Lua dissector Ariel Burbaickij (Nov 30)
Hello Pascal,
cool, it works. Thank you very much for your fast response. Genuinely
appreciated! Will take a look at the updated(?) dissector now.

Kind Regards
Ariel Burbaickij

Re: last touches for custom Lua dissector Pascal Quantin (Nov 30)
Hi Ariel,

Le mar. 30 nov. 2021 à 14:12, Ariel Burbaickij <ariel.burbaickij () gmail com>
a écrit :

The lte-rrc.dl.dcch registered dissector historically does not update the
protocol column. You might want to use lte_rrc.dl_dcch instead, which will
update the protocol column with LTE RRC DL_DCCH instead. See
epan/dissectors/packet-lte-rrc.c file for more details.

The NR RRC dissector always updates the info column.

Best regards,...

last touches for custom Lua dissector Ariel Burbaickij (Nov 30)
Hello community,
I have written a custom dissector for LTE related protocols and it runs
fine but there is one last piece that I would like to add to it. Context is
such: there is a wrapper (generic name) protocol and I call LTE dissector
in this manner:

local myrrc = Dissector.get("lte-rrc.dl.dcch")
local rrc_dl_dcch = myrrc:call(buffer(wrapper_protocol.length()):tvb(),
pinfo, tree)

or this

myrrc =...

Re: Parameters for extcap Jirka Novak (Nov 30)
Dear Roland,

I expect so, but it makes issues during use :-(

Yes, but e.g. many our Cisco devices do not support identity file use :-(
Nevertheless, is password stored in memory during runtime so big issue?

I'm thinking about multiple approaches:
a) Allow to store password in memory during runtime
b) Keep 'password' as it is for backward compatibility and create
'runtime-password' type which will store password during...

Re: Extcap Rust library Roland Knall (Nov 30)
That is great. Would you mind sending a pull request mentioning the library
in README.extcap? Currently we only provide the python example, and this is
by design. But we should at least mention other implementations in the
documentation.

regards
Roland

Am Di., 30. Nov. 2021 um 07:28 Uhr schrieb Tomáš Kukosa <keksa () email cz>:

Re: Parameters for extcap Roland Knall (Nov 30)
Both issues where done so by design.

For the password, there was a reasonable concern, that passwords may be
read-out. Now, you could argue, that monitoring the cumpcap call gives you
the password anyway, which is correct. The intended usecase originally was
to use the password together with ssh, which was later superseded by using
the identity file, which can be stored normally.

As for empty values, we have no possibility to detect, if the...

Extcap Rust library Tomáš Kukosa (Nov 29)
Hi,

I have released small library to help writing extcap plugins in Rust

See https://crates.io/crates/extcap

The shortest example is shown here https://docs.rs/extcap/0.3.0/extcap/

Few more real examples how to use it are also available in the repository.

Best regards,

Tomas

Parameters for extcap Jirka Novak (Nov 29)
Hi,

Wireshark is able to run external captures (extcap). Extcap tools can
provide configuration description which Wireshark shows as dialog and
stores in advanced properties.
I'm observing two strange things I understood as bug.

1) If the tools provides as type of setting 'password', it is not stored
permanently. It is correct.
The issue is, that password is not remembered over runtime. So if I run
extcap twice in row, second...

Snort — Everyone's favorite open source IDS, Snort. This archive combines the snort-announce, snort-devel, snort-users, and snort-sigs lists.

Snort Subscriber Rules Update 2021-11-30 Research (Nov 30)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the file-other,
file-pdf, malware-cnc, os-windows and server-webapp rule sets to
provide coverage for emerging threats from these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories

Re: Question about negation (!) in rules Joel Esler (jesler) via Snort-sigs (Nov 28)
Yes. It’s possible.

—
Sent from my  iPhone

Dear community,
Is it possible to use negation in destination IP address??

Example:
alert tcp $EXTERNAL_NET any -> !172.16.0.0/12 $HTTP_PORTS

Or use variable declared in .conf file – but main question is can I negate destination IP?
I saw in examples negating source IP, I saw negating ports but not destination IP. Is it possible?

Best Regards
Michał Wójcicki
Specjalista IT

tel....

Question about negation (!) in rules Wojcicki, Michal via Snort-sigs (Nov 28)
Dear community,
Is it possible to use negation in destination IP address??

Example:
alert tcp $EXTERNAL_NET any -> !172.16.0.0/12 $HTTP_PORTS

Or use variable declared in .conf file - but main question is can I negate destination IP?
I saw in examples negating source IP, I saw negating ports but not destination IP. Is it possible?

Best Regards
Michał Wójcicki
Specjalista IT

tel. +48 430 26 00
tel. kom. +48 792 802 705
michal.wojcicki ()...

Snort Subscriber Rules Update 2021-11-25 Research (Nov 25)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Microsoft Vulnerability CVE-2021-42321:
A remote code execution vulnerability exists in Microsoft Exchange
Server for which exploit code is publicly available.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 58637 through 58639.

Talos has added and modified...

Snort Subscriber Rules Update 2021-11-23 Research (Nov 23)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
In this release a number of rules have been added to the security
policy as part of ongoing policy rebalancing efforts.

Microsoft Vulnerability CVE-2021-41379:
A coding deficiency exists in Microsoft Windows Installer that may lead
to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included...

Snort Subscriber Rules Update 2021-11-18 Research (Nov 18)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
In this release a number of rules have been added to the security
policy as part of ongoing policy rebalancing efforts.

Talos has added and modified multiple rules in the browser-chrome,
browser-firefox, browser-ie, browser-other, browser-plugins,
browser-webkit, exploit-kit, file-flash, file-image, file-java,
file-multimedia,...

Snort Subscriber Rules Update 2021-11-16 Research (Nov 16)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the exploit-kit,
file-image, file-multimedia, file-other, malware-cnc, netbios,
os-mobile, os-solaris, policy-other, protocol-imap, server-mysql and
server-webapp rule sets to provide coverage for emerging threats from
these technologies.

For a complete list of new and modified rules...

Snort Subscriber Rules Update 2021-11-10 Research (Nov 10)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the browser-ie and
server-webapp rule sets to provide coverage for emerging threats from
these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories

Snort Subscriber Rules Update 2021-11-09 Research (Nov 09)
Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Vulnerability CVE-2021-38666:
A coding deficiency exists in Remote Desktop Client that may lead to
remote code execution.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 58541.

Microsoft Vulnerability CVE-2021-42292:
A coding...

Snort Subscriber Rules Update 2021-11-04 Research (Nov 04)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the browser-chrome,
malware-cnc, malware-other and server-webapp rule sets to provide
coverage for emerging threats from these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories

Snort Blog: Snort 3.1.16.0 has been released! Joel Esler (jesler) via Snort-sigs (Nov 03)
https://blog.snort.org/2021/11/snort-31160-has-been-released.html

Snort 3.1.16.0 has been released!

[cid:6301FA0D-D1C2-43B6-A042-6A208EA7AD75]

The SNORTⓇ team recently released a new version of Snort 3 on Snort.org<https://snort.org/snort3> and the Snort 3
GitHub<https://github.com/snort3/snort3/releases/tag/3.1.13.0>.

<...

Snort Subscriber Rules Update 2021-11-02 Research (Nov 02)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the malware-cnc,
malware-other, policy-other and server-webapp rule sets to provide
coverage for emerging threats from these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories

Snort Subscriber Rules Update 2021-10-28 Research (Oct 28)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the file-multimedia,
indicator-scan, malware-cnc, malware-other, server-apache and
server-webapp rule sets to provide coverage for emerging threats from
these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories

Snort Subscriber Rules Update 2021-10-26 Research (Oct 26)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the malware-cnc,
pua-adware and server-webapp rule sets to provide coverage for emerging
threats from these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories

Re: [Snort-users] If i put my snort 3 server on a dmz i will bring the back of my screen since the server i speak ? Dorian ROSSE via Snort-devel (Oct 21)
This is a try and an ask,

I hope don't need spend money for replace a new server!

Regards.

Dorian Rosse.
________________________________
From: Joel Esler (jesler) <jesler () cisco com>
Sent: Tuesday, October 19, 2021 7:09:31 PM
To: Dorian ROSSE <dorianbrice () hotmail fr>
Cc: Jeremy Hines <Jeremy () priceapples com>; snort-users () lists snort org <snort-users () lists snort org>;
snort-devel () lists snort org...

More Lists

Related Resources

We're always looking for great network security related lists to archive. To suggest one, mail Fyodor.