The VMware Threat Analysis Unit (TAU) continually monitors the latest threats and attacks affecting our customers and businesses worldwide. For years, TAU has reversed and emulated the network Command and Control (C2) protocols of high-profile malware families, especially used for cyber espionage, in order to discover active C2 servers on the Internet. One family that TAU has tracked for years is Winnti 4.0 malware. TAU reported last year The post Monitoring Winnti 4.0 C2 Servers for Two Years
More info:
https://blogs.vmware.com/security/2021/11/monitoring-winnti-4-0-c2-servers-for-two-years.html?utm_source=rss&utm_medium=rss&utm_campaign=monitoring-winnti-4-0-c2-servers-for-two-years
by Michael Hawkins. A remote code execution risk when restoring backup files was identified.Severity/Risk:SeriousVersions affected:3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versionsVersions fixed:3.11.4, 3.10.8 and 3.9.11Reported by:Paul HoldenCVE identifier:CVE-2021-3943Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-70823Tracker issue:MDL-70823 Remote code execution risk when restoring malformed backup file
More info:
https://moodle.org/mod/forum/discuss.php?d=429095&parent=1726798
by Michael Hawkins. The upstream Moodle machine learning backend and its reference in /lib/mlbackend/python/classes/processor.php were upgraded, which includes some security updates.Please note: If you are using Moodle Analytics, an upgrade to the mlbackend is required. See the Analytics settings documentation for more information about required versions and how to upgrade.Severity/Risk: Minor Versions affected: 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions
More info:
https://moodle.org/mod/forum/discuss.php?d=429096&parent=1726799
by Michael Hawkins. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.Severity/Risk:SeriousVersions affected:3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versionsVersions fixed:3.11.4, 3.10.8 and 3.9.11Reported by:starlabs_sgCVE identifier:CVE-2021-43558Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72571Tracker issue:MDL-72571 Reflected XSS in
More info:
https://moodle.org/mod/forum/discuss.php?d=429097&parent=1726802
by Michael Hawkins. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.Severity/Risk:SeriousVersions affected:3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versionsVersions fixed:3.11.4, 3.10.8 and 3.9.11Reported by:ostapbenderCVE identifier:CVE-2021-43559Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72370Tracker issue:MDL-72370 CSRF risk on delete
More info:
https://moodle.org/mod/forum/discuss.php?d=429099&parent=1726805
Ansible Engine vulnerability CVE-2020-14365 Security Advisory Security Advisory Description A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x ...
More info:
https://support.f5.com/csp/article/K52013062?utm_source=f5support&utm_medium=RSS
by Michael Hawkins. Insufficient capability checks made it possible to fetch other users calendar action events.Severity/Risk:MinorVersions affected:3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versionsVersions fixed:3.11.4, 3.10.8 and 3.9.11Reported by:0xkasperCVE identifier:CVE-2021-43560Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71918Tracker issue:MDL-71918 IDOR in a calendar web service allows fetching of
More info:
https://moodle.org/mod/forum/discuss.php?d=429100&parent=1726807
Apache DB DdlUtils vulnerability CVE-2021-41616 Security Advisory Security Advisory Description Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intended for use when migrating ...
More info:
https://support.f5.com/csp/article/K14234227?utm_source=f5support&utm_medium=RSS
