UCSF IT Technology

Ubuntu released multiple security updates in November for various Ubuntu products. For a complete description of the vulnerabilities and affected systems go to Ubuntu November 2022 Archives by date. IT Security Read more about IT Security service offerings.

Suse released multiple security updates in November for various Suse products. 

Threat Alert: What to Watch For Cybercriminals have launched phishing attacks impersonating Twitter Services. The emails include links to lookalike landing pages that are designed to steal Twitter credentials and phone numbers. While the email display names make it appear the messages come from “Twitter Services,” the actual sending address is a Gmail account. The emails use the proposed change at Twitter of charging verified users a monthly fee to maintain their verification status.

Threat Alert: What to Watch For Cybercriminals have launched a series of malicious email attacks impersonating an Amazon package order confirmation. The attack uses Amazon-branded emails delivered from a Zoom sending address, as threat actors are abusing Zoom’s infrastructure. The emails prompt recipients to click a link to download an invoice for order details.

Please note that this is not an all-inclusive list of all of the phishing threats but rather ones that are typical of current threats and/or ones that were actually received by UCSF staff, faculty, and/or learners (must be logged in to MyAccess to view). Be diligent with all communications, and please, even if you think an email might be a phish, report it via Phish Alarm and find out almost instantly in most cases. Overreporting is never an issue!

H-ISAC reported that a vulnerability in Apache Batik has been Weaponized. The vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. For a complete description of the vulnerabilities and affected systems go to Apache Batik CVE-2022-40146. IT Security

Fortinet has released security advisory to address  vulnerabilities in Fortinet FortiTester. For a complete description of the vulnerabilities and affected systems go to: FortiTester - Unauthenticated command injection FortiTester - Missing account lockout on telnet port IT Security

A command injection vulnerability exists within Apache Kylin. For a complete description of the vulnerabilities and affected systems go to Apache Kylin CVE-2022-24697. IT Security Read more about IT Security service offerings.

A classic buffer overflow vulnerability exists within Aruba Networks InstantOS 8.10.0.1. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user.

An irrelevant code vulnerability exists within the example DAGs in Apache Airflow 2.3.4 and earlier that, when exploited, allows a remote attacker to execute arbitrary commands. Proof-of-concept (PoC) code is publicly available.   In 0.10.0 or older versions of Apache Pinot, Pinot query endpoint and realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support. For a complete description of the vulnerabilities and affected systems go to: