Jump to content


Member Since 18 May 2004
Offline Last Active Today, 11:17 AM

Topics I've Started

Intel Firmware Vuln

21 November 2017 - 01:10 PM


Intel Firmware Vuln
> https://www.us-cert....e-Vulnerability
Nov 21, 2017 - "Intel has released recommendations to address vulnerabilities in the firmware of the following Intel products: Management Engine, Server Platform Services, and Trusted Execution Engine. An attacker could exploit some of these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the Intel links below and refer to their original equipment manufacturers (OEMs) for mitigation strategies and updated firmware."

Intel Security Advisory INTEL-SA-00086
> https://security-cen...anguageid=en-fr
Rev 1.2 - 22-November-2017 - Updated links to online support page

Support Article
> https://www.intel.co...9/software.html
Last Reviewed: 22-Nov-2017

Detection Tool
> https://downloadcent.../download/27150


Western Union scams - refunds thru FTC

20 November 2017 - 12:17 PM


Western Union scams - refunds thru FTC
- https://krebsonsecur...-western-union/
Nov 20, 2017 - "If you, a friend or loved one lost money in a scam involving Western Union, some or all of those funds may be recoverable thanks to a more than half-billion dollar program set up by the U.S. Federal Trade Commission. In January 2017, Englewood, Colo.-based Western Union settled a case with the FTC and the Department of Justice wherein it admitted to multiple criminal violations, including willfully failing to maintain an effective anti-money laundering program and aiding and abetting wire fraud. As part of the settlement, the global money transfer business agreed to forfeit $586 million. Last week, the FTC announced* that individuals who lost money to scammers who told them to pay via Western Union’s money transfer system between January 1, 2004 and January 19, 2017 can now file a claim to get their money back by going to FTC.gov/WU** -before- February 12, 2018...
* https://www.ftc.gov/...m-western-union
** https://www.ftc.gov/...settlement-faqs
Scammers tend to rely on money transfer businesses like Western Union and MoneyGram because once the money is sent and picked up by the recipient the transaction is generally irreversible. Such scams include transfers made for fraudulent lottery and prizes, family emergencies, advance-fee loans, and online dating, among others.
Affected consumers can visit FTC.gov/WU** to file claims, learn more, or get updates on the claims process, which could take up to a year. The graphic below seeks to aid victims in filing claims:
> https://krebsonsecur...17/11/ftcwu.png
... The agency emphasized that filing a claim is -free- so consumers should -not- pay anyone to file a claim on their behalf..."


Oracle Security Alert CVE-2017-10269

15 November 2017 - 10:31 AM


Oracle Security Alert CVE-2017-10269 released
- https://blogs.oracle...-10269-released
Nov 14, 2017 - "Oracle just released Security Alert CVE-2017-10269 to address a number of vulnerabilities affecting the Jolt Server within Oracle Tuxedo. The maximum reported CVSS Base Score for these vulnerabilities is 10.0.
Note that the Oracle Jolt client is not affected by these vulnerabilities.
However, Oracle PeopleSoft products include and make use of Oracle Tuxedo and as a result, PeopleSoft customers should apply the patches provided by this Security Alert. Oracle strongly recommends affected Oracle Customers apply this Security Alert as soon as possible. The Advisory for Security Alert CVE-2017-10269 is located at:
> http://www.oracle.co...69-4021872.html

Oracle Fusion Middleware
> http://www.oracle.co...021892.html#FMW

- https://www.us-cert....-Security-Alert
Nov 16, 2017

:ninja: :ninja:

MS Security Updates - Nov 2017

14 November 2017 - 01:22 PM


November 2017 security update release
- https://blogs.techne...update-release/
Nov 14, 2017 - "Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically..."

> https://portal.msrc....e5-000d3a32fc99
Nov 14, 2017 - "The November security release consists of security updates for the following software:
    Internet Explorer
    Microsoft Edge
    Microsoft Windows
    Microsoft Office and Microsoft Office Services and Web Apps
    ASP.NET Core and .NET Core
    Chakra Core ...

Known Issues:
- https://support.micr...s/help/4048954/
- https://support.micr...s/help/4048953/
- https://support.micr...us/help/4048955
- https://support.micr...s/help/4048952/
- https://support.micr...us/help/4048956
- https://support.micr...us/help/4048958
- https://support.micr...us/help/4048961
- https://support.micr...us/help/4048957
- https://support.micr...us/help/4048960

Security Update Summary
> https://portal.msrc....curity-guidance

- https://www.askwoody...-black-tuesday/
"... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it..."

- https://www.us-cert....ecurity-Updates
Nov 14, 2017

ghacks.net: https://www.ghacks.n...r-2017-release/
Nov 14, 2017 - "Microsoft released security updates for Microsoft Windows, Microsoft Office, and other company products on the November 2017 Patch Day...
Executive Summary:
    Microsoft released security updates for all supported versions of Windows (client and server), and Internet Explorer, Microsoft Edge, Microsoft Office, .Net Core and ASP.NET Core, and Chakra Core.
    No critical updates for Windows, but for IE 11 and Microsoft Edge.
    Lots of known issues. <<
Operating System Distribution:
    Windows 7: 12 vulnerabilities of which 12 are rated important
    Windows 8.1: 11 vulnerabilities of which 11 are rated important
    Windows 10 version 1607: 12 vulnerabilities of which 12 are rated important
    Windows 10 version 1703: 12 vulnerabilities of which 12 are rated important
    Windows 10 version 1709: 9 vulnerabilities of which 9 are rated important
Windows Server products:
    Windows Server 2008: 11 vulnerabilities of which 11 are rated important
    Windows Server 2008 R2: 12 vulnerabilities of which 12 are rated important
    Windows Server 2012 and 2012 R2: 11 vulnerabilities of which 11 are rated important.
    Windows Server 2016: 12 vulnerabilities of which 12 are rated important
Other Microsoft Products
    Internet Explorer 11: 13 vulnerabilities, 8 critical, 4 important, 1 moderate
    Microsoft Edge: 24 vulnerabilities, 16 critical, 8 important ..."

Qualys analysis: https://blog.qualys....ve-adobe-update
Nov 14, 2017 - "This November Patch Tuesday is moderate in volume, and in severity.  Microsoft released patches to address -53- unique vulnerabilities, with 25 focused on Remote Code Execution fixes. Windows OS gets 14 patches, while the lion’s share is focused on Browsers, Microsoft Office, and Adobe. According to Microsoft, there do not appear to be any actively attacked vulnerabilities in the wild in this patch release.
Interestingly enough, none of the Windows OS patches are listed as Critical this month, but we do recommend focusing on CVE-2017-11830 and CVE-2017-11847, as they address a Security Feature Bypass, and a Privilege Elevation respectively. It should also be noted that CVE-2017-11848,CVE-2017-11827,CVE-2017-11883,CVE-2017-8700 have public exploits, but they do not appear to be used in any active campaigns.
From a prioritization standpoint, focus on the fixes for CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11871, and CVE-2017-11873, which all address the Scripting Engine in Edge and Internet Explorer, especially on laptops, and other workstation-type systems where the logged in user may have administrative privileges. Microsoft lists exploitation as More Likely for these vulnerabilities, especially if a user is tricked into viewing a malicious site or opening an attachment. While Microsoft lists the fix for CVE-2017-11882 as Important, there may be POC code for this vulnerability, so it is recommended that you give the Office updates attention this month as well. It should also be noted that last Patch Tuesday, Microsoft quietly released the fix for CVE-2017-13080, widely known as the KRACK vulnerability in WPA2 wireless protocol, but did not make it known until a week later, when the vulnerability was publicly disclosed. Therefore, it is recommended you ensure last month’s security patches are fully addressed. Alternatively, you can install this month’s Monthly Rollups, as they should include this fix.
Adobe has also released patches for 9 advisories, fixing a stunning -62- CVEs for Acrobat and Reader alone, so ensure that you are updating Adobe across your environment to stay protected."

:ninja: :ninja: :ninja:

Oracle Critical Patch Update Advisory - Oct 2017

18 October 2017 - 07:24 AM


Oracle Critical Patch Update Advisory - October 2017
- http://www.oracle.co...17-3236626.html
Oct 17, 2017 - "... This Critical Patch Update contains 252 new security fixes across the product families listed below..."
- https://www.oracle.c...calPatchUpdates

Text Form of Oracle Critical Patch Update - October 2017 Risk Matrices
- http://www.oracle.co...se-3236627.html

Oracle Database Server
- http://www.oracle.co...3236627.html#DB
Oracle Communications Applications
- http://www.oracle.co...36627.html#CGBU
Oracle Construction and Engineering Suite
- http://www.oracle.co...236627.html#PVA
Oracle E-Business Suite
- http://www.oracle.co...236627.html#EBS
Oracle Enterprise Manager Grid Control
- http://www.oracle.co...3236627.html#EM
Oracle Financial Services Applications
- http://www.oracle.co...36627.html#IFLX
Oracle Fusion Middleware
- http://www.oracle.co...236627.html#FMW
Oracle Health Sciences Applications
- http://www.oracle.co...36627.html#HCAR
Oracle Hospitality Applications
- http://www.oracle.co...36627.html#HOSP
Oracle Hyperion
- http://www.oracle.co...236627.html#HYP
Oracle Java SE
- http://www.oracle.co...36627.html#JAVA
Oracle JD Edwards Products
- http://www.oracle.co...236627.html#JDE 
Oracle MySQL
- http://www.oracle.co...36627.html#MSQL
Oracle PeopleSoft Products
- http://www.oracle.co...3236627.html#PS
Oracle Retail Applications
- http://www.oracle.co...36627.html#RAPP
Oracle Siebel CRM
- http://www.oracle.co...36627.html#SECR
Oracle Sun Systems Products Suite
- http://www.oracle.co...36627.html#SUNS
Oracle Supply Chain Products Suite
- http://www.oracle.co...236627.html#SCP
Oracle Virtualization
- http://www.oracle.co...36627.html#OVIR

Oracle downloads: https://www.oracle.c...oads/index.html

- https://www.us-cert....curity-Bulletin
Oct 17, 2017

Oracle Security Alert CVE-2017-10151 released
- https://blogs.oracle...-10151-released
Oct 27, 2017

Oracle Fusion Middleware - Oracle Identity Manager
- http://www.oracle.co...tml#AppendixFMW

- https://isc.sans.edu/diary/rss/22984

- https://www.us-cert....curity-Bulletin
Oct 30, 2017

> https://nvd.nist.gov.../CVE-2017-10151
Last revised: 11/01/2017
Oracle Identity Manager

:ninja: :ninja:

Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!