βΌ CVE-2021-29883 βΌ
π Read
via "National Vulnerability Database".
IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 207090.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27304 βΌ
π Read
via "National Vulnerability Database".
The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the user-controlled filename in the output path, are susceptible to directory traversalπ Read
via "National Vulnerability Database".
βΌ CVE-2020-14263 βΌ
π Read
via "National Vulnerability Database".
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK"π Read
via "National Vulnerability Database".
βΌ CVE-2021-29873 βΌ
π Read
via "National Vulnerability Database".
IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and cause a denial of service due to a restricted shell escape vulnerability. IBM X-Force ID: 206229.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28496 βΌ
π Read
via "National Vulnerability Database".
On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection (BFD) will be leaked when displaying output over eAPI or other JSON outputs to other authenticated users on the device. The affected EOS Versions are: all releases in 4.22.x train, 4.23.9 and below releases in the 4.23.x train, 4.24.7 and below releases in the 4.24.x train, 4.25.4 and below releases in the 4.25.x train, 4.26.1 and below releases in the 4.26.x trainπ Read
via "National Vulnerability Database".
βΌ CVE-2021-42327 βΌ
π Read
via "National Vulnerability Database".
dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer.π Read
via "National Vulnerability Database".
π US Treasury Outlines Compliance Best Practices for Cryptocurrency Companies π
π Read
via "".
The newly released guide is designed to emphasize sanctions compliance requirements amid the US governmentβs efforts to combat ransomware.π Read
via "".
Digital Guardian
US Treasury Outlines Compliance Best Practices for Cryptocurrency Companies
The newly released guide is designed to emphasize sanctions compliance requirements amid the US governmentβs efforts to combat ransomware.
π΄ Why Should My Organization Consider XDR? π΄
π Read
via "Dark Reading".
XDR is a newish industry term addressing a very old problem: security products that don't work together to detect threats.π Read
via "Dark Reading".
Dark Reading
Why Should My Organization Consider XDR?
XDR is a newish industry term addressing a very old problem: security products that don't work together to detect threats.
β TA551 Shifts Tactics to Install Sliver Red-Teaming Tool β
π Read
via "Threat Post".
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.π Read
via "Threat Post".
Threat Post
TA551 Shifts Tactics to Install Sliver Red-Teaming Tool
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.
β U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn β
π Read
via "Threat Post".
Meanwhile, Zerodium's quest to buy VPN exploits is problematic, researchers said.π Read
via "Threat Post".
Threat Post
U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn
Meanwhile, Zerodiumβs quest to buy VPN exploits is problematic, researchers said.
π΄ Plurilock to Acquire Assets of CloudCodes Software π΄
π Read
via "Dark Reading".
Transaction marks Plurilockβs second acquisition in 2021.π Read
via "Dark Reading".
Dark Reading
Plurilock to Acquire Assets of CloudCodes Software
Transaction marks Plurilockβs second acquisition in 2021.
π΄ Invicti Security Announces $625 Million Growth Investment Led by Summit Partners π΄
π Read
via "Dark Reading".
Web application security provider plans to leverage new investment to continue product expansion and support global growth.π Read
via "Dark Reading".
Dark Reading
Invicti Security Announces $625 Million Growth Investment Led by Summit Partners
Web application security provider plans to leverage new investment to continue product expansion and support global growth.
π΄ Nearly Three-Quarters of Organizations Victimized by DNS Attacks in Past 12 Months π΄
π Read
via "Dark Reading".
Response and recovery have significant impact on 58% of targeted businesses.π Read
via "Dark Reading".
Dark Reading
Nearly Three-Quarters of Organizations Victimized by DNS Attacks in Past 12 Months
Response and recovery have significant impact on 58% of targeted businesses.
π΄ Cohesity Announces Disaster Recovery as a Service, Providing Automated Disaster Recovery π΄
π Read
via "Dark Reading".
New Offering Can Help Businesses Quickly Recover from Ransomware Attacks, Speed Data Recovery, and Advance Business Continuityπ Read
via "Dark Reading".
Dark Reading
Even 'Perfect' APIs Can be Abused
Broad-scale API abuse is occurring every day as businesses make their data available to trading partners β and even the public.
βΌ CVE-2021-41146 βΌ
π Read
via "National Vulnerability Database".
qutebrowser is an open source keyboard-focused browser with a minimal GUI. Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers a `qutebrowserurl:` URL handler. With certain applications, opening a specially crafted `qutebrowserurl:...` URL can lead to execution of qutebrowser commands, which in turn allows arbitrary code execution via commands such as `:spawn` or `:debug-pyeval`. Only Windows installs where qutebrowser is registered as URL handler are affected. The issue has been fixed in qutebrowser v2.4.0. The fix also adds additional hardening for potential similar issues on Linux (by adding the new --untrusted-args flag to the .desktop file), though no such vulnerabilities are known.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42716 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42715 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35225 βΌ
π Read
via "National Vulnerability Database".
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41159 βΌ
π Read
via "National Vulnerability Database".
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41160 βΌ
π Read
via "National Vulnerability Database".
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35228 βΌ
π Read
via "National Vulnerability Database".
This vulnerability occurred due to missing input sanitization for one of the output fields that is extracted from headers on specific section of page causing a reflective cross site scripting attack. An attacker would need to perform a Man in the Middle attack in order to change header for a remote victim.π Read
via "National Vulnerability Database".