βΌ CVE-2021-27186 βΌ
π Read
via "National Vulnerability Database".
Fluent Bit 1.6.10 has a NULL pointer dereference when an flb_malloc return value is not validated by flb_avro.c or http_server/api/v1/metrics.c.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28595 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13581 βΌ
π Read
via "National Vulnerability Database".
In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is smaller than the size used for the copy which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13585 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists in the PSD Header processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27250 βΌ
π Read
via "National Vulnerability Database".
In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow at Version/Instance 0x0005 and 0x0016. An attacker can entice the victim to open a document to trigger this vulnerability.π Read
via "National Vulnerability Database".
π΄ High-Severity Vulnerabilities Discovered in Multiple Embedded TCP/IP Stacks π΄
π Read
via "Dark Reading".
Flaw leaves millions of IT, OT, and IoT devices vulnerable to attack.π Read
via "Dark Reading".
Dark Reading
High-Severity Vulnerabilities Discovered in Multiple Embedded TCP/IP Stacks
Flaw leaves millions of IT, OT, and IoT devices vulnerable to attack.
βΌ CVE-2020-27871 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11902.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27874 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat 7.0.18. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM Decoder. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11580.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27870 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-11917.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2021-20335 βΌ
π Read
via "National Vulnerability Database".
For MongoDB Ops Manager 4.2.X with multiple OM application servers, that have SSL turned on for their MongoDB processes, the upgrade to MongoDB Ops Manager 4.4.X triggers a bug where Automation thinks SSL is being turned off, and can disable SSL temporarily for members of the cluster. This issue is temporary and eventually corrects itself after MongoDB Ops Manager instances have finished upgrading to MongoDB Ops Manager 4.4. In addition, customers must be running with clientCertificateMode=OPTIONAL / allowConnectionsWithoutCertificates=true to be impacted.π Read
via "National Vulnerability Database".
β Military, Nuclear Entities Under Target By Novel Android Malware β
π Read
via "Threat Post".
The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.π Read
via "Threat Post".
Threat Post
Military, Nuclear Entities Under Target By Novel Android Malware
The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.
β S3 Ep19: Chrome zero-day, coffee hacking and Perl.com stolen [Podcast] β
π Read
via "Naked Security".
Latest episode (includes 111,848 "free" cups of coffee) - listen now!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2021-23335 βΌ
π Read
via "National Vulnerability Database".
All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23334 βΌ
π Read
via "National Vulnerability Database".
All versions of package static-eval are vulnerable to Arbitrary Code Execution using FunctionExpressions and TemplateLiterals. PoC: var evaluate = require('static-eval'); var parse = require('esprima').parse; var src="(function (x) { return ${eval("console.log(global.process.mainModule.constructor._load('child_process').execSync('ls').toString())")} })()" var ast = parse(src).body[0].expression; evaluate(ast)π Read
via "National Vulnerability Database".
π΄ Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever π΄
π Read
via "Dark Reading".
Cloud-native deployments tend to be small, interchangeable, and easier to protect, but their software supply chains require closer attention.π Read
via "Dark Reading".
Dark Reading
Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever
Cloud-native deployments tend to be small, interchangeable, and easier to protect, but their software supply chains require closer attention.
β Various Malware Lurks in Discord App to Target Gamers β
π Read
via "Threat Post".
Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and token stealers.π Read
via "Threat Post".
Threat Post
Various Malware Lurks in Discord App to Target Gamers
Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and tokenβ¦
π AIDE 0.17.3 π
π Read
via "Packet Storm Security".
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.π Read
via "Packet Storm Security".
Packetstormsecurity
AIDE 0.17.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β How Email Attacks are Evolving in 2021 β
π Read
via "Threat Post".
The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.π Read
via "Threat Post".
Threat Post
How Email Attacks are Evolving in 2021
The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.
β Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims β
π Read
via "Threat Post".
The attackers ported victims' cell phone lines and then defeated 2FA to access accounts and apps.π Read
via "Threat Post".
Threat Post
Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims
The attackers ported victims' cell phone lines and then defeated 2FA to access accounts and apps.
π΄ Unemployment Fraud: As If Being Out of Work Wasn't Bad Enough π΄
π Read
via "Dark Reading".
With the pandemic as a backdrop, cybercriminals have recognized an unprecedented opportunity to steer billions of dollars in unemployment claims into the own accounts.π Read
via "Dark Reading".
Dark Reading
Unemployment Fraud: As If Being Out of Work Wasn't Bad Enough
With the pandemic as a backdrop, cybercriminals have recognized an unprecedented opportunity to steer billions of dollars in unemployment claims into the own accounts.
βΌ CVE-2020-8027 βΌ
π Read
via "National Vulnerability Database".
A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1.π Read
via "National Vulnerability Database".