The default http port for the PBSA service is 9000.
The default https port for the PBSA service is 9143.
The default https port for the PBSA data collector is 9343.
The default port for the PBSA MonetDB is 9200.
The default port for the Envision Tomcat-8 server is 9080.
The default https port for Envision is 9443
The default port for the PBSA MongoDB is 9700.
Security
Largest Collection of Breached data found
The largest collection of breached data in history has been discovered, comprising more than 770m email addresses and passwords posted to a popular hacking forum in mid-December…..
For more information, do take a look at https://www.theguardian.com/technology/2019/jan/17/breached-data-largest-collection-ever-seen-email-password-hacking
You can check whether your account is compromised b Security Researcher Troy Hunt who runs the Have I Been Pwned breach-notification service.
Alert on DNS Flag Day
For Full Details, see [SingCERT] Alert on DNS Flag Day
Background
Domain Name System (DNS) infrastructure operators and Internet service providers are taking part in the first DNS Flag Day [1] on 1 February 2019. This is a global initiative to promote the use of Extension Mechanism Protocol for DNS (EDNS) [2] where participants, software and service providers such as Google and Cloudflare, are going to remove non-standard DNS workarounds.
Affected
Authoritative nameservers that bypass and do not support the EDNS protocol and those with proprietary implementations of the DNS protocol, e.g. legacy load balancing appliances.
Impact
Internet users might experience slowness or inaccessibility issues when interacting with domains whose authoritative nameservers are affected, such as accessing websites or sending emails.
Alert on Linux Advanced Package Tool (APT) Remote Code Execution Vulnerability (CVE-2019-3462)
Background
A vulnerability (CVE-2019-3462) in the Linux Advanced Package Tool (APT) has been discovered. Successful exploitation of the vulnerability could result in arbitrary code execution with access to privileged administrator “root” on affected Linux systems. APT is a widely used utility that handles installation, update, upgrade and removal of software across many Linux operating system distributions. This vulnerability has been given a Common Vulnerability Score System version 3 severity base score of 8.1 out of 10.
Affected Software
APT versions 1.4.8 and older.
Impact
Successful exploitation of this vulnerability could lead to a full compromise of a user’s machine, allowing an attacker to perform malicious activities such as unauthorised installation of programs, creation of rogue administrator accounts and alteration of data.
Recommendations
Affected users and system administrators of Debian, Ubuntu, and other Linux distributions are advised to download and install the security updates immediately.
Article – Making sense of the Supermicro motherboard attack
“Crucially, because the BMC has the ability to install the operating system, it can disrupt the process that boots the operating system – and fetch potentially malicious implant code, maybe even over the Internet.”
An Interesting Read “Making sense of the Supermicro motherboard attack” from Light Blue Touchpaper