🕴 Dell Technologies Addresses Modern Support and Security 🕴
📖 Read
via "Dark Reading".
Services and security updates deliver customized IT support and secure PC experiences for work-from-anywhere employees.📖 Read
via "Dark Reading".
Dark Reading
Dell Technologies Addresses Modern Support and Security
Services and security updates deliver customized IT support and secure PC experiences for work-from-anywhere employees.
‼ CVE-2021-41732 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41573 ‼
📖 Read
via "National Vulnerability Database".
Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows information disclosure. If authenticated user creates a link to a file or folder while the system was running version 4.3.x or earlier and then shares the link and then later deletes the file or folder without deleting the link and before the link expires. If the system has been upgraded to version 4.4.5 or 4.5.0 a malicious user with the link could browse and download all files of the authenticated user that created the link .📖 Read
via "National Vulnerability Database".
❌ Apple AirTag Zero-Day Weaponizes Trackers ❌
📖 Read
via "Threat Post".
Apple's personal item-tracker devices can be used to deliver malware, slurp credentials, steal tokens and more thanks to XSS.📖 Read
via "Threat Post".
Threat Post
Apple AirTag Zero-Day Weaponizes Trackers
Apple's personal item-tracker devices can be used to deliver malware, slurp credentials, steal tokens and more thanks to XSS.
🕴 50% of Servers Have Weak Security Long After Patches Are Released 🕴
📖 Read
via "Dark Reading".
Many servers remain vulnerable to high-severity flaws in Microsoft Exchange Server, VMware vCenter, Oracle WebLogic, and other popular products and services.📖 Read
via "Dark Reading".
Dark Reading
50% of Servers Have Weak Security Long After Patches Are Released
Many servers remain vulnerable to high-severity flaws in Microsoft Exchange Server, VMware vCenter, Oracle WebLogic, and other popular products and services.
🕴 Startup Beyond Identity Now Offers Passwordless Multifactor Authentication for Consumers 🕴
📖 Read
via "Dark Reading".
The announcement comes two weeks after Microsoft gave users the option to fully remove passwords from their accounts.📖 Read
via "Dark Reading".
Dark Reading
Endpoint Security recent news | Dark Reading
Explore the latest news and expert commentary on Endpoint Security, brought to you by the editors of Dark Reading
🕴 Shades of SolarWinds Attack Malware Found in New 'Tomiris' Backdoor 🕴
📖 Read
via "Dark Reading".
Malware contains similarities that suggest a possible link to malware that Russia's DarkHalo group used in its massive supply chain attack, researchers say.📖 Read
via "Dark Reading".
Dark Reading
Shades of SolarWinds Attack Malware Found in New 'Tomiris' Backdoor
Malware contains similarities that suggest a possible link to malware that Russia's DarkHalo group used in its massive supply chain attack, researchers say.
‼ CVE-2021-22946 ‼
📖 Read
via "National Vulnerability Database".
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41764 ‼
📖 Read
via "National Vulnerability Database".
A cross-site request forgery (CSRF) vulnerability exists in Streama up to and including v1.10.3. The application does not have CSRF checks in place when performing actions such as uploading local files. As a result, attackers could make a logged-in administrator upload arbitrary local files via a CSRF attack and send them to the attacker.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35944 ‼
📖 Read
via "National Vulnerability Database".
Couchbase Server 6.5.x, 6.6.x through 6.6.2, and 7.0.0 has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22947 ‼
📖 Read
via "National Vulnerability Database".
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35943 ‼
📖 Read
via "National Vulnerability Database".
Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35945 ‼
📖 Read
via "National Vulnerability Database".
Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12030 ‼
📖 Read
via "National Vulnerability Database".
There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports used by the gateway.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41795 ‼
📖 Read
via "National Vulnerability Database".
The Safari app extension bundled with 1Password for Mac 7.7.0 through 7.8.x before 7.8.7 is vulnerable to authorization bypass. By targeting a vulnerable component of this extension, a malicious web page could read a subset of 1Password vault items that would normally be fillable by the user on that web page. These items are usernames and passwords for vault items associated with its domain, usernames and passwords without a domain association, credit cards, and contact items. (1Password must be unlocked for these items to be accessible, but no further user interaction is required.)📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3653 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39342 ‼
📖 Read
via "National Vulnerability Database".
The Credova_Financial WordPress plugin discloses a site's associated Credova API account username and password in plaintext via an AJAX action whenever a site user goes to checkout on a page that has the Credova Financing option enabled. This affects versions up to, and including, 1.4.8.📖 Read
via "National Vulnerability Database".
❌ Keep Attackers Out of VPNs: Feds Offer Guidance ❌
📖 Read
via "Threat Post".
The NSA and CISA issued recommendations on choosing and hardening VPNs to prevent nation-state APTs from weaponizing flaws & CVEs to break into protected networks.📖 Read
via "Threat Post".
Threat Post
Keep Attackers Out of VPNs: Feds Offer Guidance
The NSA and CISA issued guidance on choosing and hardening VPNs to prevent nation-state APTs from weaponizing flaws & CVEs to break into protected networks.
‼ CVE-2020-20128 ‼
📖 Read
via "National Vulnerability Database".
LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-20131 ‼
📖 Read
via "National Vulnerability Database".
LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows atackers to execute arbitrary web scripts or HTML via a crafted payload in the page management module.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-20781 ‼
📖 Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?do=list_edit of UCMS 1.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields.📖 Read
via "National Vulnerability Database".