❌ DeathStalker APT Spices Things Up with PowerPepper Malware ❌
📖 Read
via "Threat Post".
A raft of obfuscation techniques turn the heat up for the hacking-for-hire operation.📖 Read
via "Threat Post".
Threat Post
DeathStalker APT Spices Things Up with PowerPepper Malware
A raft of obfuscation techniques turn the heat up for the hacking-for-hire operation.
🕴 Researchers Bypass Next-Generation Endpoint Protection 🕴
📖 Read
via "Dark Reading".
Machine learning-based products can be tricked to classify malware as a legitimate file, new findings show.📖 Read
via "Dark Reading".
Dark Reading
Researchers Bypass Next-Generation Endpoint Protection
Machine learning-based products can be tricked to classify malware as a legitimate file, new findings show.
🕴 US Officials Take Action Against 2,300 Money Mules 🕴
📖 Read
via "Dark Reading".
Eight federal law enforcement agencies participated in the Money Mule Initiative, a global crackdown on money laundering.📖 Read
via "Dark Reading".
Dark Reading
US Officials Take Action Against 2,300 Money Mules - Dark Reading
Eight federal law enforcement agencies participated in the Money Mule Initiative, a global crackdown on money laundering.
🕴 Cloud Security Threats for 2021 🕴
📖 Read
via "Dark Reading".
Most of these issues can be remediated, but many users and administrators don't find out about them until it's too late.📖 Read
via "Dark Reading".
Dark Reading
Cloud Security Threats for 2021
Most of these issues can be remediated, but many users and administrators don't find out about them until it's too late.
‼ CVE-2020-13524 ‼
📖 Read
via "National Vulnerability Database".
An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27760 ‼
📖 Read
via "National Vulnerability Database".
In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciprocal()` to prevent the divide-by-zero from occurring. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13542 ‼
📖 Read
via "National Vulnerability Database".
A local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation. Depending on the vector chosen, an attacker can either replace the service binary or replace DLL files loaded by the service, both which get executed by a service thus executing arbitrary commands with System privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27763 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-14351 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13525 ‼
📖 Read
via "National Vulnerability Database".
The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable to SQL injection in ProcessMaker 3.4.11. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-23726 ‼
📖 Read
via "National Vulnerability Database".
There is a local denial of service vulnerability in Wise Care 365 5.5.4, attackers can cause computer crash (BSOD).📖 Read
via "National Vulnerability Database".
‼ CVE-2020-23735 ‼
📖 Read
via "National Vulnerability Database".
In Saibo Cyber Game Accelerator 3.7.9 there is a local privilege escalation vulnerability. Attackers can use the constructed program to increase user privileges📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13543 ‼
📖 Read
via "National Vulnerability Database".
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-23727 ‼
📖 Read
via "National Vulnerability Database".
There is a local denial of service vulnerability in the Antiy Zhijia Terminal Defense System 5.0.2.10121559 and an attacker can cause a computer crash (BSOD).📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27759 ‼
📖 Read
via "National Vulnerability Database".
In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 7.0.8-68.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28251 ‼
📖 Read
via "National Vulnerability Database".
NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27783 ‼
📖 Read
via "National Vulnerability Database".
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27761 ‼
📖 Read
via "National Vulnerability Database".
WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instead to avoid this issue. Red Hat Product Security marked the Severity as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to ImageMagick 7.0.9-0.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25711 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations. When authz is enabled, any user with authentication can perform operations like shutting down the server without the ADMIN role.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28923 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior to 2.8.0 that used the Play Java API to serialize classes with protected or private fields to JSON.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27764 ‼
📖 Read
via "National Vulnerability Database".
In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 6.9.10-69.📖 Read
via "National Vulnerability Database".