๐ Friday Five 7/30 ๐
๐ Read
via "".
Securing the nation's critical infrastructure, CISOs in high demand, and a new record GDPR fine - catch up with the week's infosec news with this week's Friday Five!๐ Read
via "".
Digital Guardian
Friday Five 7/30
Securing the nation's critical infrastructure, CISOs in high demand, and a new record GDPR fine - catch up with the week's infosec news with this week's Friday Five!
๐ฆฟ Ransomware risk management: How to start preparing for the future now ๐ฆฟ
๐ Read
via "Tech Republic".
TechRepublic's Karen Roby interviews Brandon Vigliarolo about how the ransomware risk management calculus is changing for OT, ICS and critical infrastructure.๐ Read
via "Tech Republic".
TechRepublic
Ransomware risk management: How to start preparing for the future now
TechRepublic's Karen Roby interviews Brandon Vigliarolo about how the ransomware risk management calculus is changing for OT, ICS and critical infrastructure.
โผ CVE-2021-29298 โผ
๐ Read
via "National Vulnerability Database".
Improper Input Validation in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe"in the module "fxVPStatcTcp.dll".๐ Read
via "National Vulnerability Database".
โผ CVE-2021-35193 โผ
๐ Read
via "National Vulnerability Database".
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations (that have the same software version). This provides remote access to SQL database credentials. (In the normal use of the product, retrieving those credentials only occurs after a username/password authentication step; however, this authentication step is on the client side, and an attacker can develop their own client that skips this step.)๐ Read
via "National Vulnerability Database".
โผ CVE-2021-29297 โผ
๐ Read
via "National Vulnerability Database".
Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe" in the module "MSVCR100.dll".๐ Read
via "National Vulnerability Database".
๐ฆฟ Create a VirtualBox virtual machine backup on a Linux host for security ๐ฆฟ
๐ Read
via "Tech Republic".
Jack Wallen teaches you how to use simple bash scripts to automate backing up your VirtualBox VMs.๐ Read
via "Tech Republic".
TechRepublic
Create a VirtualBox virtual machine backup on a Linux host for security
Jack Wallen teaches you how to use simple bash scripts to automate backing up your VirtualBox VMs.
โ NSA Warns Public Networks are Hacker Hotbeds โ
๐ Read
via "Threat Post".
Agency warns attackers targeting teleworkers to steal corporate data.๐ Read
via "Threat Post".
Threat Post
NSA Warns Public Networks are Hacker Hotbeds
Agency warns attackers targeting teleworkers to steal corporate data.
๐ฆฟ This ethical hacking course could give your cybersecurity career a boost ๐ฆฟ
๐ Read
via "Tech Republic".
Move up in the profitable field of cybersecurity by improving your ethical hacking skills.๐ Read
via "Tech Republic".
TechRepublic
This ethical hacking course could give your cybersecurity career a boost
Move up in the profitable field of cybersecurity by improving your ethical hacking skills.
โผ CVE-2021-27491 โผ
๐ Read
via "National Vulnerability Database".
Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,The Ypsomed mylife Cloud discloses password hashes during the registration process.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-32807 โผ
๐ Read
via "National Vulnerability Database".
The module `AccessControl` defines security policies for Python code used in restricted code within Zope applications. Restricted code is any code that resides in Zope's object database, such as the contents of `Script (Python)` objects. The policies defined in `AccessControl` severely restrict access to Python modules and only exempt a few that are deemed safe, such as Python's `string` module. However, full access to the `string` module also allows access to the class `Formatter`, which can be overridden and extended within `Script (Python)` in a way that provides access to other unsafe Python libraries. Those unsafe Python libraries can be used for remote code execution. By default, you need to have the admin-level Zope "Manager" role to add or edit `Script (Python)` objects through the web. Only sites that allow untrusted users to add/edit these scripts through the web - which would be a very unusual configuration to begin with - are at risk. The problem has been fixed in AccessControl 4.3 and 5.2. Only AccessControl versions 4 and 5 are vulnerable, and only on Python 3, not Python 2.7. As a workaround, a site administrator can restrict adding/editing `Script (Python)` objects through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing these scripts through the web should be restricted to trusted users only. This is the default configuration in Zope.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-27495 โผ
๐ Read
via "National Vulnerability Database".
Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,he Ypsomed mylife Cloud reflects the user password during the login process after redirecting the user from a HTTPS endpoint to a HTTP endpoint.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-33617 โผ
๐ Read
via "National Vulnerability Database".
Zoho ManageEngine Password Manager Pro before 11.2 11200 allows login/AjaxResponse.jsp?RequestType=GetUserDomainName&userName= username enumeration, because the response (to a failed login request) is null only when the username is invalid.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-26564 โผ
๐ Read
via "National Vulnerability Database".
ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have <!ENTITY content, create a .xml file for a generic survey template (containing a link to this .css file), and import this .xml file at the survey/admin/folderSurvey.do?action=viewImportSurvey['importFile'] URI. The XXE can then be triggered at a admin/preview.do?action=previewSurvey&surveyId= URI.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-26565 โผ
๐ Read
via "National Vulnerability Database".
ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList.do from parameter. This can be used to retrieve possibly sensitive serverInfo data.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-26806 โผ
๐ Read
via "National Vulnerability Database".
admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted File Upload of executable JSP files, resulting in remote code execution, because filePath can have directory traversal and fileContent can be valid JSP code.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-32066 โผ
๐ Read
via "National Vulnerability Database".
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."๐ Read
via "National Vulnerability Database".
โผ CVE-2021-3351 โผ
๐ Read
via "National Vulnerability Database".
OpenPLC runtime V3 through 2016-03-14 allows stored XSS via the Device Name to the web server's Add New Device page.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-34556 โผ
๐ Read
via "National Vulnerability Database".
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.๐ Read
via "National Vulnerability Database".
๐ฆฟ PwnedPiper threatens thousands of hospitals worldwide, patch your systems now ๐ฆฟ
๐ Read
via "Tech Republic".
Nine critical vulnerabilities in a popular hospital pneumatic tube software could give attackers control of infrastructure and allow them to launch additional attacks that cripple healthcare operations.๐ Read
via "Tech Republic".
TechRepublic
PwnedPiper threatens thousands of hospitals worldwide, patch your systems now
Nine critical vulnerabilities in a popular hospital pneumatic tube software could give attackers control of infrastructure and allow them to launch additional attacks that cripple healthcare operations.
โผ CVE-2021-24484 โผ
๐ Read
via "National Vulnerability Database".
The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24460 โผ
๐ Read
via "National Vulnerability Database".
The get_fb_likeboxes() function in the Popup Like box รยขรขโยฌรขโฌล Page Plugin WordPress plugin before 3.5.3 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard๐ Read
via "National Vulnerability Database".