Bug (CVE-2018-7642) found GNU Binutils 2.30 on 24th Feb 2018. GNU Binary Utilities, or binutils, are a set of programming tools for creating and managing binary programs, object files, libraries, profile data, and assembly source code. The GNU compiler Collection (gcc) play a important role of software development. If a bug will be happened in compiler. We might imagine that it will effect the software development life cycle (SDLC). A bug found earlier this year on GNU Binutils hits system crash. But bug found on April 2018 looks expanded and not only system crash. Should you have interest, please refer below url for reference.

CVE-2018-12700 – https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454

CVE-2018-12700 – https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454

CVE-2018-12699 – https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454

CVE-2018-12641 – https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85452

CVE-2018-12698 – https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454

Bug found GNU Binutils 2.30 on 24th Feb 2018

CVE-2018-7642 – GNU Binutils 2.30

Will satellites be affected by a buffer overflow vulnerability? Heard that hacker interested of the satellite device. This news let you imagine that it is a APT attack, right? It looks that political issues run around the world. Who’s right? Who’s wrong? Perhaps god also doesn’t know. On 16th Jan 2018, the confirmation of Solaris and SPARC Spectre vulnerabilities comes as Oracle delivers its Meltdown/Spectre patches for its x86 servers. Meldown and Spectre look like a AIDS or ebola disease.

The CDMU (Command and Data Management Unit) is used for spacecraft control especially satellities. It is composed of the following functional element. The LEON-3 CPU, developed by Gaisler Research, is a 32 bit synthesisable processor core based on the SPARC V8 architecture. Oh! As far as I know, hacker can be exploiting SPARC Buffer Overflow vulnerabilities. Perhaps it is not easy to do the patch management on the sky? Should you have interest of this topic, please refer below url for references.

http://www.nspo.narl.org.tw/en2016/aboutNSPO/gs.html

Sometimes we review the vulnerability check list. We are aim to address high severity of vulnerabilities items in first piority. From technical point of view it looks correct. Since some medium vulnerabilities especially cookie or cross site scripting issue may spend more time to do the remediation. A security advisories announced by VMware on 15th May 2018 bring to my attentions. That is CVE-2018-6961 (see attached diagram). It looks that the orginal Web UI function is a dilemma! Web UI in frequent have design weakness thus let attacker do the code injection. Since there is no prefect item in the world. The attacker might relies on CVE-2018-6961 execute Use-After-Free vulnerability. As a result it affected drag-and-drop functionality and triggered through the Backdoor RPC interface.

Remark:  Staying alert of this directory (lib/include/backdoor_def.h)

Reference – Unauthenticated Command Injection vulnerability in VMware NSX SD-WAN by VeloCloud :

https://www.vmware.com/security/advisories/VMSA-2018-0011.html

US Homeland security has announcement three times within this year ( April 16, 2018,May 29, 2018 and June 14, 2018) thus to urge the world staying alert malicious attack.Perhaps the industrial sector especailly oil and gas, power supplier facilities has detective and preventive control in placed. Hacker will be facing difficulties for attack. As far as we know, OPC source code on GitHub contains a flaw let remote attacker use the Server’s private key to decrypt and sign messages by using information obtained by sending invalid UserIdentityTokens encrypted with the Basic128Rsa15 security policy. The successful result could allow an attacker to decrypt passwords even if they are encrypted with another security policy such as Basic256Sha256. This flaw found on April this year and remediation has been announced. However, I believe that cyber security attacks exploit of this vulnerability will be happened soon.

Official announcement (OPC Foundation Security Bulletin Security Update for the OPC UA Stacks – April 2018)

https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-7559.pdf

Node.js runs on top of a Javascript engine therefore it is portable to any platform in computer world. Deploy a Node.js web application environment using AWS Elastic Beanstalk and Amazon DynamoDB. Elastic Beanstalk provisions and manages the underlying infrastructure.
Solutions Infini is the Leading Bulk SMS & Cloud Telephony service provider. But the front end AWS Lamda function powered by node.js platform.
The organization of node.js announced that node.js (6.x – 10.x) has vulnerabilities occurs.
Official announcement and remediation step shown url below:

https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/