โผ CVE-2020-12374 โผ
๐ Read
via "National Vulnerability Database".
Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-22703 โผ
๐ Read
via "National Vulnerability Database".
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device.๐ Read
via "National Vulnerability Database".
๐ด Attackers Already Targeting Apple's M1 Chip with Custom Malware ๐ด
๐ Read
via "Dark Reading".
A proof-of-concept program infects systems with ARM64-compiled binaries and then reaches out to download additional functionality.๐ Read
via "Dark Reading".
Dark Reading
Attackers Already Targeting Apple's M1 Chip with Custom Malware
A proof-of-concept program infects systems with ARM64-compiled binaries and then reaches out to download additional functionality.
๐ฆฟ How to find details about user logins on Linux ๐ฆฟ
๐ Read
via "Tech Republic".
If you need to gather information on user logins for your Linux servers, Jack Wallen has just the tool for you.๐ Read
via "Tech Republic".
TechRepublic
How to find details about user logins on Linux
If you need to gather information on user logins for your Linux servers, Jack Wallen has just the tool for you.
๐ฆฟ New malformed URL phishing technique can make attacks harder to spot ๐ฆฟ
๐ Read
via "Tech Republic".
Hackers are now sending messages that hide fake links in the HTTP prefix, bypassing email filters, says security firm GreatHorn.๐ Read
via "Tech Republic".
TechRepublic
New malformed URL phishing technique can make attacks harder to spot
Hackers are now sending messages that hide fake links in the HTTP prefix, bypassing email filters, says security firm GreatHorn.
โ Mysterious Silver Sparrow Malware Found Nesting on 30K Macs โ
๐ Read
via "Threat Post".
A second malware that targets Macs with Apple's in-house M1 chip is infecting machines worldwide -- but it's unclear why.๐ Read
via "Threat Post".
Threat Post
Mysterious Silver Sparrow Malware Found Nesting on 30K Macs
A second malware that targets Macs with Apple's in-house M1 chip is infecting machines worldwide โ but it's unclear why.
โ Credential-Stuffing Attack Targets Regional Internet Registry โ
๐ Read
via "Threat Post".
RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service.๐ Read
via "Threat Post".
Threat Post
Credential-Stuffing Attack Targets Regional Internet Registry
RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service.
โผ CVE-2021-21512 โผ
๐ Read
via "National Vulnerability Database".
Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. A locally authenticated high privileged Cyber Recovery user may potentially exploit this vulnerability leading to the takeover of the notification email account.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-9050 โผ
๐ Read
via "National Vulnerability Database".
Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-25171 โผ
๐ Read
via "National Vulnerability Database".
The affected Fuji Electric V-Server Lite versions prior to 3.3.24.0 are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-13549 โผ
๐ Read
via "National Vulnerability Database".
An exploitable local privilege elevation vulnerability exists in the file system permissions of Sytech XL Reporter v14.0.1 install directory. Depending on the vector chosen, an attacker can overwrite service executables and execute arbitrary code with privileges of user set to run the service or replace other files within the installation folder, which would allow for local privilege escalation.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-23342 โผ
๐ Read
via "National Vulnerability Database".
This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1) When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking place in the sidebar. 2) The isURL external check can be bypassed by inserting more รขโฌœ////รขโฌ๏ฟฝ characters๐ Read
via "National Vulnerability Database".
๐ฆฟ Kia outage may be the result of ransomware ๐ฆฟ
๐ Read
via "Tech Republic".
A week-long outage for Kia is reportedly connected to a ransomware attack from the DoppelPaymer gang, says BleepingComputer.๐ Read
via "Tech Republic".
TechRepublic
Kia outage may be the result of ransomware
A week-long outage for Kia is reportedly connected to a ransomware attack from the DoppelPaymer gang, says BleepingComputer.
โ Malformed URL Prefix Phishing Attacks Spike 6,000% โ
๐ Read
via "Threat Post".
Sneaky attackers are flipping backslashes in phishing email URLs to evade protections, researchers said.๐ Read
via "Threat Post".
Threat Post
Malformed URL Prefix Phishing Attacks Spike 6,000%
Sneaky attackers are flipping backslashes in phishing email URLs to evade protections, researchers said.
โผ CVE-2021-27351 โผ
๐ Read
via "National Vulnerability Database".
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-35499 โผ
๐ Read
via "National Vulnerability Database".
A NULL pointer dereference flaw in kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a special user privilege to crash the system (DOS) or leak kernel internal information.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-20588 โผ
๐ Read
via "National Vulnerability Database".
Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA Engineering Software(C Controller module setting and monitoring tool all versions, CPU Module Logging Configuration Tool all versions, CW Configurator all versions, Data Transfer all versions, EZSocket all versions, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GT SoftGOT1000 Version3 all versions, GT SoftGOT2000 Version1 all versions, GX Configurator-DP versions 7.14Q and prior, GX Configurator-QP all versions, GX Developer all versions, GX Explorer all versions, GX IEC Developer all versions, GX LogViewer all versions, GX RemoteService-I all versions, GX Works2 versions 1.597X and prior, GX Works3 versions 1.070Y and prior, M_CommDTM-HART all versions, M_CommDTM-IO-Link all versions, MELFA-Works all versions, MELSEC WinCPU Setting Utility all versions, MELSOFT EM Software Development Kit (EM Configurator) all versions, MELSOFT Navigator all versions, MH11 SettingTool Version2 all versions, MI Configurator all versions, MT Works2 all versions, MX Component all versions, Network Interface Board CC IE Control utility all versions, Network Interface Board CC IE Field Utility all versions, Network Interface Board CC-Link Ver.2 Utility all versions, Network Interface Board MNETH utility all versions, PX Developer all versions, RT ToolBox2 all versions, RT ToolBox3 all versions, Setting/monitoring tools for the C Controller module all versions, SLMP Data Collector all versions) allows a remote unauthenticated attacker to cause a DoS condition of the software products, and possibly to execute a malicious program on the personal computer running the software products although it has not been reproduced, by spoofing MELSEC, GOT or FREQROL and returning crafted reply packets.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-27328 โผ
๐ Read
via "National Vulnerability Database".
Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-26713 โผ
๐ Read
via "National Vulnerability Database".
A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession. This is caused by a signedness comparison mismatch.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-27214 โผ
๐ Read
via "National Vulnerability Database".
A Server-side request forgery (SSRF) vulnerability in the ProductConfig servlet in Zoho ManageEngine ADSelfService Plus through 6013 allows a remote unauthenticated attacker to perform blind HTTP requests or perform a Cross-site scripting (XSS) attack against the administrative interface via an HTTP request, a different vulnerability than CVE-2019-3905.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-20587 โผ
๐ Read
via "National Vulnerability Database".
Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (C Controller module setting and monitoring tool all versions, CPU Module Logging Configuration Tool all versions, CW Configurator all versions, Data Transfer all versions, EZSocket all versions, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GT SoftGOT1000 Version3 all versions, GT SoftGOT2000 Version1 all versions, GX Configurator-DP version 7.14Q and prior, GX Configurator-QP all versions, GX Developer all versions, GX Explorer all versions, GX IEC Developer all versions, GX LogViewer all versions, GX RemoteService-I all versions, GX Works2 version 1.597X and prior, GX Works3 version 1.070Y and prior, M_CommDTM-HART all versions, M_CommDTM-IO-Link all versions, MELFA-Works all versions, MELSEC WinCPU Setting Utility all versions, MELSOFT EM Software Development Kit (EM Configurator) all versions, MELSOFT Navigator all versions, MH11 SettingTool Version2 all versions, MI Configurator all versions, MT Works2 all versions, MX Component all versions, Network Interface Board CC IE Control utility all versions, Network Interface Board CC IE Field Utility all versions, Network Interface Board CC-Link Ver.2 Utility all versions, Network Interface Board MNETH utility all versions, PX Developer all versions, RT ToolBox2 all versions, RT ToolBox3 all versions, Setting/monitoring tools for the C Controller module all versions and SLMP Data Collector all versions) allows a remote unauthenticated attacker to cause a DoS condition of the software products, and possibly to execute a malicious program on the personal computer running the software products although it has not been reproduced, by spoofing MELSEC, GOT or FREQROL and returning crafted reply packets.๐ Read
via "National Vulnerability Database".