βΌ CVE-2020-23209 βΌ
π Read
via "National Vulnerability Database".
A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "List Description" field under the "Edit A List" module.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23205 βΌ
π Read
via "National Vulnerability Database".
A stored cross site scripting (XSS) vulnerability in Monstra CMS version 3.0.4 allows attackers to execute arbitrary web scripts or HTML via crafted a payload entered into the "Site Name" field under the "Site Settings" module.π Read
via "National Vulnerability Database".
π΄ GitHub Unveils AI Tool to Speed Development, but Beware Insecure Code π΄
π Read
via "Dark Reading".
The company has created an AI system, dubbed Copilot, to offer code suggestions to developers, but warns that any code produced should be tested for defects and vulnerabilities.π Read
via "Dark Reading".
Dark Reading
GitHub Unveils AI Tool to Speed Development, but Beware Insecure Code
The company has created an AI system, dubbed Copilot, to offer code suggestions to developers, but warns that any code produced should be tested for defects and vulnerabilities.
βΌ CVE-2021-26920 βΌ
π Read
via "National Vulnerability Database".
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource.π Read
via "National Vulnerability Database".
β CISA Offers New Mitigation for PrintNightmare Bug β
π Read
via "Threat Post".
CERT urges administrators to disable the Windows Print spooler service in Domain Controllers and systems that donβt print, while Microsoft attempts to clarify RCE flaw with a new CVE assignment.π Read
via "Threat Post".
Threat Post
CISA Offers New Mitigation for PrintNightmare Bug
CERT urges administrators to disable the Windows Print spooler service in Domain Controllers and systems that donβt print, while Microsoft attempts to clarify RCE flaw with a new CVE assignment.
βΌ CVE-2021-27455 βΌ
π Read
via "National Vulnerability Database".
Delta Electronics DOPSoft Versions 4.0.10.17 and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to disclose information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35029 βΌ
π Read
via "National Vulnerability Database".
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.π Read
via "National Vulnerability Database".
β US email hacker gets his βcomputer trespassβ conviction reversed β
π Read
via "Naked Security".
Court says that we need to "avoid a construction that makes some language mere surplusage."π Read
via "Naked Security".
Naked Security
US email hacker gets his βcomputer trespassβ conviction reversed
Court says that we need to βavoid a construction that makes some language mere surplusage.β
π¦Ώ Container security: How to get the most out of best practices π¦Ώ
π Read
via "Tech Republic".
Containers are complex virtual entities that provide proven benefits to the business but also require strong security guidelines. Learn how to get the most out of container security best practices.π Read
via "Tech Republic".
π΄ WFH: A Smart Time to Revisit Employee Use of Social Media π΄
π Read
via "Dark Reading".
Employers have their hands full when it comes to monitoring online activities that could hurt the brand or violate the organization's core values.π Read
via "Dark Reading".
π Friday Five 7/2 π
π Read
via "".
Ransomware venture capital, VPN shutdowns, and the latest from Fancy Bear - catch up on all of the week's infosec news with the Friday Five!π Read
via "".
Digital Guardian
Friday Five 7/2
Ransomware venture capital, VPN shutdowns, and the latest from Fancy Bear - catch up on all of the week's infosec news with the Friday Five!
βΌ CVE-2021-36130 βΌ
π Read
via "National Vulnerability Database".
An XSS issue was discovered in the SocialProfile extension in MediaWiki through 1.36. Within several gift-related special pages, a privileged user with the awardmanage right could inject arbitrary HTML and JavaScript within various gift-related data fields. The attack could easily propagate across many pages for many users.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36132 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the FileImporter extension in MediaWiki through 1.36. For certain relaxed configurations of the $wgFileImporterRequiredRight variable, it might not validate all appropriate user rights, thus allowing a user with insufficient rights to perform operations (specifically file uploads) that they should not be allowed to perform.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3606 βΌ
π Read
via "National Vulnerability Database".
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe).π Read
via "National Vulnerability Database".
π΄ 5 Mistakes That Impact a Security Team's Success π΄
π Read
via "Dark Reading".
The way we work and treat each other go a long way in improving our organizations' security posture.π Read
via "Dark Reading".
Dark Reading
5 Mistakes That Impact a Security Team's Success
The way we work and treat each other go a long way in improving our organizations' security posture.
β TrickBot Spruces Up Its Banking Trojan Module β
π Read
via "Threat Post".
After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game.π Read
via "Threat Post".
Threat Post
TrickBot Spruces Up Its Banking Trojan Module
After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game.
βΌ CVE-2021-27950 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through 1.2.3.12 allows an authenticated attacker to execute arbitrary SQL commands via the id parameter to mesdocs.ajax.php in azurWebEngine/eShop. By default, the query is executed as DBA.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32735 βΌ
π Read
via "National Vulnerability Database".
Kirby is a content management system. In Kirby CMS versions 3.5.5 and 3.5.6, the Panel's `ListItem` component (used in the pages and files section for example) displayed HTML in page titles as it is. This could be used for cross-site scripting (XSS) attacks. Malicious authenticated Panel users can escalate their privileges if they get access to the Panel session of an admin user. Visitors without Panel access can use the attack vector if the site allows changing site data from a frontend form. Kirby 3.5.7 patches the vulnerability. As a partial workaround, site administrators can protect against attacks from visitors without Panel access by validating or sanitizing provided data from the frontend form.π Read
via "National Vulnerability Database".
π Suricata IDPE 6.0.3 π
π Read
via "Packet Storm Security".
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.π Read
via "Packet Storm Security".
Packetstormsecurity
Suricata IDPE 6.0.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ SOC Investment Improves Detection and Response Times, Data Shows π΄
π Read
via "Dark Reading".
A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.π Read
via "Dark Reading".
Dark Reading
SOC Investment Improves Detection and Response Times, Data Shows
A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.
π΄ Microsoft Issues New CVE for 'PrintNightmare' Flaw π΄
π Read
via "Dark Reading".
Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.π Read
via "Dark Reading".
Dark Reading
Microsoft Issues New CVE for 'PrintNightmare' Flaw
Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.