Month: noviembre 2020

by Michael Hawkins. The participants table download always included user emails, but should have only done so when users emails are not hidden.Severity/Risk:MinorVersions affected:3.9 to 3.9.2, 3.8 to 3.8.5 and 3.7 to 3.7.8Versions fixed:3.10, 3.9.3, 3.8.6 and 3.7.9Reported by:A. SchenkelCVE identifier:CVE-2020-25703Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69844Tracker issue:MDL-69844 The participants table download feature did not More info: https://moodle.org/mod/forum/discuss.php?d=413941&parent=1668777

Throughout 2020, Firefox users have been seeing fewer secure connection errors while browsing the Web. We’ve been improving connection errors overall for some time, and a new feature called Intermediate … Read moreThe post Preloading Intermediate CA Certificates into Firefox appeared first on Mozilla Security Blog. More info: https://blog.mozilla.org/security/2020/11/13/preloading-intermediate-ca-certificates-into-firefox/

OpenSMTPD vulnerability CVE-2020-7247 Security Advisory Security Advisory Description smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote ... More info: https://support.f5.com/csp/article/K34931053?utm_source=f5support&utm_medium=RSS

OpenSMTPD vulnerability CVE-2020-7247 Security Advisory Security Advisory Description smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote ... More info: https://support.f5.com/csp/article/K34931053?utm_source=f5support&utm_medium=RSS

Zoom has become a household name for most living and working through the global pandemic. A leading video-first unified communications platform, Zoom helps organizations and their distributed workforces stay connected. It helps ensure employee productivity and security regardless of work location or device. Recent data shows1 that there has been a 70% or more increase The post Zoom Trusts VMware to Securely Support its Distributed Workforce appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2020/10/zoom-trusts-vmware-to-securely-support-its-distributed-workforce.html?utm_source=rss&utm_medium=rss&utm_campaign=zoom-trusts-vmware-to-securely-support-its-distributed-workforce

GNU Binutils vulnerability CVE-2019-9077 Security Advisory Security Advisory Description An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific ... More info: https://support.f5.com/csp/article/K00056379?utm_source=f5support&utm_medium=RSS

During a routine investigation, we found yet another web skimmer that pretends to be related to Sucuri. One of our Remediation Analysts, Liam Smith, found the following code injected into the database of a Magento site. The first 109 lines of the malware don’t contain any content, which could be an attempt to avoid detection […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/SIGQvVPz6JU/another-credit-card-stealer-that-pretends-to-be-sucuri.html

Expat XML parser vulnerability CVE-2012-6702 Security Advisory Security Advisory Description Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it ... More info: https://support.f5.com/csp/article/K65460334?utm_source=f5support&utm_medium=RSS

We sometimes find malware code injections that contain strange code comments, which are normally used by programmers to annotate a section of code — for example, a short description of a feature or functionality for other developers to reference. Oftentimes, hackers aren’t interested in leaving comments describing how their injected malware works. Instead, they use […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/LkH8PIczo8g/code-comments-reveal-scp-173-malware.html

• La Europol ha trabajado en colaboración con las autoridades de Alemania, Francia, Mónaco, los Países Bajos y Suiza para acabar con un grupo de delincuencia organizada involucrado en delitos contra la propiedad intelectual.

Una operación conjunta entre las autoridades de Alemania, Francia, Mónaco, los Países Bajos y Suiza, en colaboración con la Europol, ha conseguido acabar con un grupo de delincuencia organizada involucrado en delitos contra la propiedad intelectual.

Tras esta operación, en la que los agentes llevaron a cabo nueve registros domiciliarios en todos los países involucrados, arrestaron a tres sospechosos y se incautaron de ocho cuentas bancarias en Suiza. Además, la policía de este país bloqueó el sitio web que distribuía ilegalmente el contenido multimedia.

Esta investigación se inició a raíz de las denuncias presentadas ante las autoridades suizas contra una empresa de dicho país que vendió un reproductor multimedia con más de 82.000 películas y series de televisión. La empresa utilizaba el sitio web que ya ha sido cerrado para compartir el contenido. Según la investigación, se llegaron a vender alrededor de 20.000 reproductores.

Europol (11/11/2020)