βΌ CVE-2021-32751 βΌ
π Read
via "National Vulnerability Database".
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. This may impact those who use `gradlew` on Unix-like systems or use the scripts generated by Gradle in thieir application on Unix-like systems. For this vulnerability to be exploitable, an attacker needs to be able to set the value of particular environment variables and have those environment variables be seen by the vulnerable scripts. This issue has been patched in Gradle 7.2 by removing the use of `eval` and requiring the use of the `bash` shell. There are a few workarounds available. For CI/CD systems using the Gradle build tool, one may ensure that untrusted users are unable to change environment variables for the user that executes `gradlew`. If one is unable to upgrade to Gradle 7.2, one may generate a new `gradlew` script with Gradle 7.2 and use it for older versions of Gradle. Fpplications using start scripts generated by Gradle, one may ensure that untrusted users are unable to change environment variables for the user that executes the start script. A vulnerable start script could be manually patched to remove the use of `eval` or the use of environment variables that affect the application's command-line. If the application is simple enough, one may be able to avoid the use of the start scripts by running the application directly with Java command.π Read
via "National Vulnerability Database".
βΌ CVE-2021-1098 βΌ
π Read
via "National Vulnerability Database".
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. This flaw allows a malicious guest to perform operations by reusing those resources, which may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).π Read
via "National Vulnerability Database".
βΌ CVE-2021-2451 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS Base Score depend on the software that uses Outside In Technology. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology, but if data is not received over a network the CVSS score may be lower. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N).π Read
via "National Vulnerability Database".
βΌ CVE-2021-1100 βΌ
π Read
via "National Vulnerability Database".
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).π Read
via "National Vulnerability Database".
β MacOS Being Picked Apart by $49 XLoader Data Stealer β
π Read
via "Threat Post".
Cheap, easy & prolific, the new version of the old FormBook form-stealer and keylogger has added Mac users to its hit list, and itβs selling like hotcakes.π Read
via "Threat Post".
Threat Post
MacOS Being Picked Apart by $49 XLoader Data Stealer
Cheap, easy and prolific, the new version of the old FormBook form-stealer and keylogger has added Mac users to its hit list, and itβs selling like hotcakes.
βΌ CVE-2021-23409 βΌ
π Read
via "National Vulnerability Database".
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header.π Read
via "National Vulnerability Database".
π¦Ώ Moving OT to the cloud means accounting for a whole new host of security risks π¦Ώ
π Read
via "Tech Republic".
ICS systems managed via cloud software are open to exploits that could be destructive enough to cause physical damage to industrial systems. Here's how to protect your operational technology network.π Read
via "Tech Republic".
TechRepublic
Moving OT to the cloud means accounting for a whole new host of security risks
ICS systems managed via cloud software are open to exploits that could be destructive enough to cause physical damage to industrial systems. Here's how to protect your operational technology network.
π¦Ώ Cybersecurity lags behind as IoT devices proliferate, according to a new report π¦Ώ
π Read
via "Tech Republic".
About one-quarter of respondents do not incorporate any of the listed measures to protect these devices and many feel as though consumers are not responsible for smart and IoT device security.π Read
via "Tech Republic".
TechRepublic
Cybersecurity lags behind as IoT devices proliferate, according to a new report
About one-quarter of respondents do not incorporate any of the listed measures to protect these devices and many feel as though consumers are not responsible for smart and IoT device security.
β Tracking Malware and Ransomware Domains in 2021 β
π Read
via "Threat Post".
Ransomware is the threat of 2021. Itβs impacting everything from large enterprises, hospitals, to other aspects of our critical infrastructure. Here, weβll take a look at actual malware domain traffic and how it correlates to ransomware attacks in the news.π Read
via "Threat Post".
Threat Post
Tracking Malware and Ransomware Domains in 2021
Ransomware is the threat of 2021. Itβs impacting everything from large enterprises, hospitals, to other aspects of our critical infrastructure. Here, weβll take a look at actual malware domain traffic and how it correlates to ransomware attacks in the news.
β French Launch NSO Probe After Macron Believed Spyware Target β
π Read
via "Threat Post".
Fourteen world leaders were among those found on list of NSO believed targets for its Pegasus spyware.π Read
via "Threat Post".
Threat Post
French Launch NSO Probe After Macron Believed Spyware Target
Fourteen world leaders were among those found on list of NSO believed targets for its Pegasus spyware.
π Catch Up With Digital Guardian Virtually at Black Hat 2021 π
π Read
via "".
We're looking forward to seeing you online at Black Hat next month!π Read
via "".
Digital Guardian
Catch Up With Digital Guardian Virtually at Black Hat 2021
We're looking forward to seeing you online at Black Hat next month!
π¦Ώ Cybersecurity risk: The number of employees going around IT security may surprise you π¦Ώ
π Read
via "Tech Republic".
The findings detail a complex security balancing act between IT teams and users; especially in the age of remote work and virtual collaboration at scale.π Read
via "Tech Republic".
TechRepublic
Cybersecurity risk: The number of employees going around IT security may surprise you
The findings detail a complex security balancing act between IT teams and users; especially in the age of remote work and virtual collaboration at scale.
π¦Ώ The space wide web is ready to launch π¦Ώ
π Read
via "Tech Republic".
There is even more to space innovation than the fledgling space tourism sector. Somewhat out of the public eye, there is a fast-growing space tech industry.π Read
via "Tech Republic".
TechRepublic
The space wide web is ready to launch
There is even more to space innovation than the fledgling space tourism sector. Somewhat out of the public eye, there is a fast-growing space tech industry.
β Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows β
π Read
via "Threat Post".
Misconfigured permissions for Argo's web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers.π Read
via "Threat Post".
Threat Post
Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows
Misconfigured permissions for Argo's web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers.
β Windows βHiveNightmareβ bug could leak passwords β hereβs what to do! β
π Read
via "Naked Security".
Windows "hives" contain registry data, some of it secret. The nightmare is that these files aren't properly protected against snooping.π Read
via "Naked Security".
Naked Security
Windows βHiveNightmareβ bug could leak passwords β hereβs what to do!
Windows βhivesβ contain registry data, some of it secret. The nightmare is that these files arenβt properly protected against snooping.
βΌ CVE-2021-2361 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite (component: SDK client integration). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Advanced Inbound Telephony. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Advanced Inbound Telephony accessible data as well as unauthorized access to critical data or complete access to all Oracle Advanced Inbound Telephony accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).π Read
via "National Vulnerability Database".
βΌ CVE-2021-2429 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).π Read
via "National Vulnerability Database".
βΌ CVE-2021-2390 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).π Read
via "National Vulnerability Database".
βΌ CVE-2021-2398 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Region Mapping). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Advanced Outbound Telephony. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Advanced Outbound Telephony accessible data as well as unauthorized access to critical data or complete access to all Oracle Advanced Outbound Telephony accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).π Read
via "National Vulnerability Database".
βΌ CVE-2021-2418 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).π Read
via "National Vulnerability Database".
βΌ CVE-2021-2345 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Commerce Guided Search / Oracle Commerce Experience Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Commerce Guided Search / Oracle Commerce Experience Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Commerce Guided Search / Oracle Commerce Experience Manager accessible data as well as unauthorized read access to a subset of Oracle Commerce Guided Search / Oracle Commerce Experience Manager accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).π Read
via "National Vulnerability Database".