βΌ CVE-2021-20372 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking. IBM X-Force ID: 195518.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20561 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199230.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20552 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199170.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41130 βΌ
π Read
via "National Vulnerability Database".
Extensible Service Proxy, a.k.a. ESP is a proxy which enables API management capabilities for JSON/REST or gRPC API services. ESPv1 can be configured to authenticate a JWT token. Its verified JWT claim is passed to the application by HTTP header "X-Endpoint-API-UserInfo", the application can use it to do authorization. But if there are two "X-Endpoint-API-UserInfo" headers from the client, ESPv1 only replaces the first one, the 2nd one will be passed to the application. An attacker can send two "X-Endpoint-API-UserInfo" headers, the second one with a fake JWT claim. Application may use the fake JWT claim to do the authorization. This impacts following ESPv1 usages: 1) Users have configured ESPv1 to do JWT authentication with Google ID Token as described in the referenced google endpoint document. 2) Users backend application is using the info in the "X-Endpoint-API-UserInfo" header to do the authorization. It has been fixed by v1.58.0. You need to patch it in the following ways: * If your docker image is using tag ":1", needs to re-start the container to pick up the new version. The tag ":1" will automatically point to the latest version. * If your docker image tag pings to a specific minor version, e.g. ":1.57". You need to update it to ":1.58" and re-start the container. There are no workaround for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20481 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197503.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20473 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 196944.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20375 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20584 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 199397.π Read
via "National Vulnerability Database".
π΄ Rapid RYUK Ransomware Attack Group Christened as FIN12 π΄
π Read
via "Dark Reading".
Prolific ransomware cybercrime group's approach underscores a complicated, layered model of cybercrime.π Read
via "Dark Reading".
Dark Reading
Rapid RYUK Ransomware Attack Group Christened as FIN12
Prolific ransomware cybercrime group's approach underscores a complicated, layered model of cybercrime.
π΄ CyberArk Leads the PAM Omdia Universe π΄
π Read
via "Dark Reading".
With more staff working remotely, privileged access management (or PAM) has never been more important. Market forecasts, drivers, and trends are explored.π Read
via "Dark Reading".
Dark Reading
CyberArk Leads the PAM Omdia Universe
The company performed well in all solution capability categories, including analytics, secrets management, privileged delegation and elevation management, and privileged access governance.
β Navy Warshipβs Facebook Page Hacked to Stream βAge of Empiresβ Gaming β
π Read
via "Threat Post".
The destroyer-class USS Kidd streamed hours of game play in a funny incident that has serious cybersecurity ramifications.π Read
via "Threat Post".
Threat Post
Navy Warshipβs Facebook Page Hacked to Stream βAge of Empiresβ Gaming
The destroyer-class USS Kidd streamed hours of game play in a funny incident that has serious cybersecurity ramifications.
β Twitch Leak Included Emails, Passwords in Clear Text: Researcher β
π Read
via "Threat Post".
A researcher combed through the Twitch leak and found what they said was evidence of PayPal chargebacks with names and emails; employees' emails; and more.π Read
via "Threat Post".
Threat Post
Twitch Leak Included Emails, Password: Researcher
A researcher combed through the Twitch leak and found what they said was evidence of PayPal chargebacks with names and emails; employees' emails; and more.
π΄ What Are Some Red Flags in a Vendor Security Assessment? π΄
π Read
via "Dark Reading".
The last thing you want is a vendor that lies to you about its security practices.π Read
via "Dark Reading".
Dark Reading
What Are Some Red Flags in a Vendor Security Assessment?
The last thing you want is a vendor that lies to you about its security practices.
π΄ Microsoft: 58% of Nation-State Cyberattacks Come from Russia π΄
π Read
via "Dark Reading".
A wealth of Microsoft data highlights trends in nation-state activity, hybrid workforce security, disinformation, and supply chain, IoT, and OT security.π Read
via "Dark Reading".
Dark Reading
Microsoft: 58% of Nation-State Cyberattacks Come From Russia
A wealth of Microsoft data highlights trends in nation-state activity, hybrid workforce security, disinformation, and supply chain, IoT, and OT security.
βΌ CVE-2021-42089 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. The REST API discloses sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42093 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. An admin can execute code on the server via a crafted request that manipulates triggers.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42087 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. An admin can discover the application secret via the API.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42092 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. Stored XSS may occur via an Article during addition of an attachment to a Ticket.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42090 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. The Form functionality allows remote code execution because deserialization is mishandled.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42084 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. An attacker with valid agent credentials may send a series of crafted requests that cause an endless loop and thus cause denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42091 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. SSRF can occur via GitHub or GitLab integration.π Read
via "National Vulnerability Database".