Cybersecurity Updates For Week 17 of 2022

New Nimbuspwn Linux vulnerability gives hackers root privileges

A new set of vulnerabilities collectively tracked as Nimbuspwn could let local attackers escalate privileges on Linux systems to deploy malware ranging from backdoors to ransomware.

Read more:

Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators

On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm. Read on to learn more about the impact to GitHub, npm, and our users.

Read more:

Millions of Java Apps Remain Vulnerable to Log4Shell

Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over systems, researchers found.

Read More:

Other news worth mentioning:

Quantum ransomware seen deployed in rapid network attacks
Over 18.8 million IPs vulnerable to Middlebox TCP reflection DDoS attacks
Cybercriminals Using New Malware Loader ‘Bumblebee’ in the Wild
Synopsys to Acquire White Hat Security in $330M All-Cash Deal
Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers

Patch Tuesday February 2016

Yet another patch Tuesday has come upon us.
Microsoft released 13 updates, some of which fix critical issues, to address vulnerabilities in their product line. Adobe on the other hand has released patches which address 22 vulnerabilities for their Adobe Flash and Adobe Acrobat/Reader products.
Oracle also pushed out a new update – Java SE 8, Update 73.


Oracle fixes vulnerabilities

Oracle have released fifty one vulnerabilities, where twelve are critical.

Oracle Java SE: 51
Oracle Database Server: 4
Oracle Fusion Middleware: 17
Oracle Enterprise Manager Grid Control: 4
Oracle E-Business Suite: 1
Oracle Supply Chain Products Suite: 2
Oracle PeopleSoft Products: 8
Oracle Siebel CRM: 9
Oracle iLearning: 2
Oracle Industry Applications: 6
Oracle Financial Services Software: 1
Oracle Primavera Products Suite: 2
Oracle and Sun Systems Products Suite: 12
Oracle Virtualization: 2
Oracle MySQL: 12

More information:

Oracle Patches JDK/JRE

Oracle have released information about multiple critical Java vulnerabilities which affects JDK/JRE.

Affected product releases and versions
JDK and JRE 7 Update 21 and earlier
JDK and JRE 6 Update 45 and earlier
JDK and JRE 5.0 Update 45 and earlier
JavaFX 2.2.21 and earlier

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 40 new security fixes across Java SE products of which 4 are applicable to server deployments of Java.

More information:

Apple OS X – Java 2013-003 1.0 and Safari 6.0.4

Apple have released updates for Java and Safari. These are security updates, so users are advised to update as soon as possible by going to “Software Update”.

More information:

Java 7 update 17 / Java 6 update 43

Oracle has released updates to fix the latest zero day vulnerabilities being exploited in the wild for Java.

We do however suggest that users follow the guide lines in this post before installing said update:

You can find the download here:

More information:

Java, the gift that keeps on giving

Security researchers have released information about two exploits affecting Java 7 that when combined allows an attacker to completely bypass the Java sandbox to install malware etc.
There is at this time no fix from Oracle for this issue.
We suggest that users follow the guide lines in this post:

More information:

Basefarm SIRT Newsletter #4

Year – Week: 2013 – 08

Weekly Summary
This week, a lot of high profile companies have come forward about being victims of attacks. Companies like Apple and Facebook fell victims of Java exploits when browsing a well-known iOS developer forum, causing their computers to be taken over by attackers. This once again goes to show the importance of keeping your systems updated as much as you can and removing software you don’t need. If there’s need for a browser plugin such as Java or Adobe Acrobat Reader, then don’t have it activated in your primary browser but simply keep it enabled in a secondary browser for those specific Java websites. was also compromised this week, causing everyone visiting the site (many tens of thousands) to be redirected to a site serving malware. The malware exploited previously known Java and Adobe Acrobat Reader vulnerabilities to take control over the victim’s computers.

There’s also been reported by The New York Times that a unit within the Chinese Army is seen as tied to hacking against the U.S. China in turn denied this accusation.

On the good side of things, Google have released information that they have reduced the number of compromised accounts by 99.7% since their peak in 2011.

We have also launched a website for those interested in reading up on Basefarm SIRT. You can find the page here:


Important Software Security updates
Java 7 / Java 6:
Mozilla updates (Firefox, Thunderbird, Seamonkey):
Google Chrome:
Adobe Acrobat Reader:

Security tips
In light of the latest breaches, we’d like to suggest that you have a look at the software and browser plugins you have installed on your system(s).
Unfortunately, depending on an antivirus just doesn’t cut it, as malware is transforming and mutating which means your antivirus won’t find the reported malware signature. Attackers are also applying vulnerabilities faster and faster, which means that the time between disclosure of a vulnerability to the time when it’s being exploited through ad networks or hijacked sites is much shorter these days.

The first step is to simply check which software you have installed, and uninstalling the ones you don’t have an explicit need for.
Once you have uninstalled the applications and browser plugins you don’t need, it’s time to update them.

You can check your browser plugins up-to-date status on the following page:

As for your software, it’s a matter of visiting the developer’s webpage and verifying that you’re using the latest version of their software.
To keep your OS automatically patched through Windows Update or Mac’s Software Update goes without saying.

Security news
Chinese Army unit is seen as tied to hacking against U.S.

China says U.S. hacking accustations lack proof

DDoS attack on on bank hid $900,000 Cyberheist

Freezing Android devices break disk encryption

February 1st – 16th cyber attacks timeline

Java 7 update 15 / Java 6 update 41

A new version of Java has been released (version 7 update 15 and version 6 update 41), fixing four “Highly Critical” security vulnerabilities.
You can download the latest version here:
Those running Windows can either chose to turn on automatic updates to be sure to always have the latest version:
Remember to delete any previous installed Java versions from your system when you update. See for assistance with this.
This is the final public release of java 1.6.0 and Oracle will not provide more free security fixes for version 6.

We also suggest that users follow the guide lines in this post:

More information:

Java (1.7.0_13) update fixes 50 security vulnerabilities

Oracle has released another update of Java (1.7.0_13). For those who need Java, it is strongly advised to update as soon as you can.
You can download the latest version here:
Those running Windows can either chose to turn on automatic updates to be sure to always have the latest version:
Remember to delete any previous installed Java versions from your system when you update. See for assistance with this.

We’d like to remind everyone about these three points though:
If you don’t need Java at all – uninstall it:

If you need Java for stand-alone applications such as Minecraft, disable Java in your browsers:

If you need Java in your browser, disable it in your Primary browser and keep it active in a secondary browser. This way, you will only have Java activated in the secondary browser when you have the need to visit your banking site or such:

If you need it for stand-alone applications such as Minecraft, disable Java in browsers
In Firefox, select “Tools” from the main menu, then “Add-ons,” then click the “Disable” button next to any Java plug-ins.
In Safari, click “Safari” in the main menu bar, then “Preferences,” then select the “Security” tab and uncheck the button next to “Enable Java.”
In Chrome, type or copy “Chrome://Plugins” into your browser’s address bar, then click the “Disable” button below any Java plug-ins.
In Internet Explorer, follow these instructions for disabling Java in all browsers via the Control Panel. There is no way to completely disable Java specifically in IE.

More info: