βΌ CVE-2021-20354 βΌ
π Read
via "National Vulnerability Database".
IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4933 βΌ
π Read
via "National Vulnerability Database".
IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191751.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28491 βΌ
π Read
via "National Vulnerability Database".
This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20446 βΌ
π Read
via "National Vulnerability Database".
IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196622.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28463 βΌ
π Read
via "National Vulnerability Database".
All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes & trustedHosts (see in Reportlab's documentation) Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos -> odyssey -> dodyssey 3. In the text file odyssey.txt that needs to be converted to pdf inject <img src="http://127.0.0.1:5000" valign="top"/> 4. Create a nc listener nc -lp 5000 5. Run python3 dodyssey.py 6. You will get a hit on your nc showing we have successfully proceded to send a server side request 7. dodyssey.py will show error since there is no img file on the url, but we are able to do SSRFπ Read
via "National Vulnerability Database".
βΌ CVE-2020-28490 βΌ
π Read
via "National Vulnerability Database".
The package async-git before 1.13.2 are vulnerable to Command Injection via shell meta-characters (back-ticks). For example: git.reset('atouch HACKEDb')π Read
via "National Vulnerability Database".
βΌ CVE-2021-23340 βΌ
π Read
via "National Vulnerability Database".
This affects the package pimcore/pimcore before 6.8.8. A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the CustomReportController class (bundles/AdminBundle/Controller/Reports/CustomReportController.php). An authenticated user can reach this function with a GET request at the following endpoint: /admin/reports/custom-report/download-csv?exportFile=&91;filename]. Since exportFile variable is not sanitized, an attacker can exploit a local file inclusion vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20445 βΌ
π Read
via "National Vulnerability Database".
IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due to insecure storeage of authentication credentials. IBM X-Force ID: 196621.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20443 βΌ
π Read
via "National Vulnerability Database".
IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library) from a source that is outside of the intended control sphere. IBM X-Force ID: 196619.π Read
via "National Vulnerability Database".
β Exploit Details Emerge for Unpatched Microsoft Bug β
π Read
via "Threat Post".
A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes.π Read
via "Threat Post".
Threat Post
Exploit Details Emerge for Unpatched Microsoft Bug
A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes.
π΄ Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy π΄
π Read
via "Dark Reading".
Multilayered infiltration involved custom malicious tooling, backdoors, and cloaked code, far beyond the skills of script kiddies.π Read
via "Dark Reading".
Dark Reading
Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy
Multilayered infiltration involved custom malicious tooling, backdoors, and cloaked code, far beyond the skills of script kiddies.
π¦Ώ Cybersecurity needs to be proactive with involvement from business leaders π¦Ώ
π Read
via "Tech Republic".
In a webinar Wednesday, former US Homeland Security director Christopher Krebs also suggested organizations have COVID workforce coordinators and that cloud mail providers activate MFA by default.π Read
via "Tech Republic".
TechRepublic
Cybersecurity needs to be proactive with involvement from business leaders
In a webinar Wednesday, former US Homeland Security director Christopher Krebs also suggested organizations have COVID workforce coordinators and that cloud mail providers activate MFA by default.
π¦Ώ LastPass password management app: A cheat sheet π¦Ώ
π Read
via "Tech Republic".
This comprehensive guide covers everything you need to know about password management app LastPass, including recent restrictions on free accounts.π Read
via "Tech Republic".
TechRepublic
LastPass password management app: A cheat sheet
This comprehensive guide covers everything you need to know about password management app LastPass, including recent restrictions on free accounts.
π DOJ Charges Two More North Korean Hackers in Global Attacks π
π Read
via "Digital Guardian".
The Department of Justice this week peeled back more layers on the North Korean military hacking unit Lazarus Group and its longtime cybercrime spree.π Read
via "Digital Guardian".
Digital Guardian
DOJ Charges Two More North Korean Hackers in Global Attacks
The Department of Justice this week peeled back more layers on the North Korean military hacking unit Lazarus Group and its longtime cybercrime spree.
βΌ CVE-2021-27335 βΌ
π Read
via "National Vulnerability Database".
KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27329 βΌ
π Read
via "National Vulnerability Database".
Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or HTTP requests to arbitrary domain names.π Read
via "National Vulnerability Database".
βΌ CVE-2019-18243 βΌ
π Read
via "National Vulnerability Database".
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27379 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21318 βΌ
π Read
via "National Vulnerability Database".
Opencast is a free, open-source platform to support the management of educational audio and video content. In Opencast before version 9.2 there is a vulnerability in which publishing an episode with strict access rules will overwrite the currently set series access. This allows for an easy denial of access for all users without superuser privileges, effectively hiding the series. Access to series and series metadata on the search service (shown in media module and player) depends on the events published which are part of the series. Publishing an event will automatically publish a series and update access to it. Removing an event or republishing the event should do the same. Affected versions of Opencast may not update the series access or remove a published series if an event is being removed. On removal of an episode, this may lead to an access control list for series metadata with broader access rules than the merged access rules of all remaining events, or the series metadata still being available although all episodes of that series have been removed. This problem is fixed in Opencast 9.2.π Read
via "National Vulnerability Database".
π΄ Microsoft Azure Front Door Gets a Security Upgrade π΄
π Read
via "Dark Reading".
New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.π Read
via "Dark Reading".
Darkreading
Microsoft Azure Front Door Gets a Security Upgrade
New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.
β Kia Motors Hit With $20M Ransomware Attack β Report β
π Read
via "Threat Post".
So far, Kia Motors America has publicly acknowledged an βextended system outage,β but ransomware gang DoppelPaymer claimed it has locked down the companyβs files in a cyberattack that includes a $20 million ransom demand. That $20 million will gain Kia a decryptor and a guarantee to not to publish sensitive data bits on the gangβs [β¦]π Read
via "Threat Post".
Threat Post
Kia Motors Hit With $20M Ransomware Attack β Report
DoppelPaymer ransomware gang claims credit for Kiaβs outage, demands $20 million in double-extortion attack.