🕴 Cohesity Announces Disaster Recovery as a Service, Providing Automated Disaster Recovery 🕴
📖 Read
via "Dark Reading".
New Offering Can Help Businesses Quickly Recover from Ransomware Attacks, Speed Data Recovery, and Advance Business Continuity📖 Read
via "Dark Reading".
Dark Reading
Even 'Perfect' APIs Can be Abused
Broad-scale API abuse is occurring every day as businesses make their data available to trading partners — and even the public.
‼ CVE-2021-41146 ‼
📖 Read
via "National Vulnerability Database".
qutebrowser is an open source keyboard-focused browser with a minimal GUI. Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers a `qutebrowserurl:` URL handler. With certain applications, opening a specially crafted `qutebrowserurl:...` URL can lead to execution of qutebrowser commands, which in turn allows arbitrary code execution via commands such as `:spawn` or `:debug-pyeval`. Only Windows installs where qutebrowser is registered as URL handler are affected. The issue has been fixed in qutebrowser v2.4.0. The fix also adds additional hardening for potential similar issues on Linux (by adding the new --untrusted-args flag to the .desktop file), though no such vulnerabilities are known.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42716 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42715 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35225 ‼
📖 Read
via "National Vulnerability Database".
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41159 ‼
📖 Read
via "National Vulnerability Database".
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41160 ‼
📖 Read
via "National Vulnerability Database".
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35228 ‼
📖 Read
via "National Vulnerability Database".
This vulnerability occurred due to missing input sanitization for one of the output fields that is extracted from headers on specific section of page causing a reflective cross site scripting attack. An attacker would need to perform a Man in the Middle attack in order to change header for a remote victim.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35227 ‼
📖 Read
via "National Vulnerability Database".
The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available.📖 Read
via "National Vulnerability Database".
🕴 Akamai Technologies Completes Acquisition of Guardicore to Extend Its Zero Trust Solutions to Help Stop Ransomware 🕴
📖 Read
via "Dark Reading".
Guardicore's micro-segmentation products will be added to Akamai's portfolio of Zero Trust solutions.📖 Read
via "Dark Reading".
Dark Reading
Akamai Technologies Completes Acquisition of Guardicore to Extend Its Zero Trust Solutions to Help Stop Ransomware
Guardicore's micro-segmentation products will be added to Akamai's portfolio of Zero Trust solutions.
🕴 Malware Abuses Core Features of Discord 🕴
📖 Read
via "Dark Reading".
Researchers warn that Discord's bot framework can be easily weaponized.📖 Read
via "Dark Reading".
Dark Reading
Malware Abuses Core Features of Discord
Researchers warn that Discord's bot framework can be easily weaponized.
🕴 Cybrary Launches New Partnership with Check Point Software to Make Cybersecurity Training Accessible to All 🕴
📖 Read
via "Dark Reading".
Online cybersecurity professional development platform bolsters the Check Point Education Initiative.📖 Read
via "Dark Reading".
Dark Reading
Cybrary Launches New Partnership with Check Point Software to Make Cybersecurity Training Accessible to All
Online cybersecurity professional development platform bolsters the Check Point Education Initiative.
🕴 Google Buckles Down on Android Enterprise Security 🕴
📖 Read
via "Dark Reading".
The launch of Android 12 brings several new default security features, along with new security efforts for Android Enterprise.📖 Read
via "Dark Reading".
Dark Reading
Google Buckles Down on Android Enterprise Security
The launch of Android 12 brings several new default security features, along with new security efforts for Android Enterprise.
‼ CVE-2021-40719 ‼
📖 Read
via "National Vulnerability Database".
Adobe Connect version 11.2.2 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the server.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39321 ‼
📖 Read
via "National Vulnerability Database".
Version 3.3.23 of the Sassy Social Share WordPress plugin is vulnerable to PHP Object Injection via the wp_ajax_heateor_sss_import_config AJAX action due to deserialization of unvalidated user supplied inputs via the import_config function found in the ~/admin/class-sassy-social-share-admin.php file. This can be exploited by underprivileged authenticated users due to a missing capability check on the import_config function.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39357 ‼
📖 Read
via "National Vulnerability Database".
The Leaky Paywall WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via the ~/class.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.16.5. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41168 ‼
📖 Read
via "National Vulnerability Database".
Snudown is a reddit-specific fork of the Sundown Markdown parser used by GitHub, with Python integration added. In affected versions snudown was found to be vulnerable to denial of service attacks to its reference table implementation. References written in markdown ` [reference_name]: https://www.example.com` are inserted into a hash table which was found to have a weak hash function, meaning that an attacker can reliably generate a large number of collisions for it. This makes the hash table vulnerable to a hash-collision DoS attack, a type of algorithmic complexity attack. Further the hash table allowed for duplicate entries resulting in long retrieval times. Proofs of concept and further discussion of the hash collision issue are discussed on the snudown GHSA(https://github.com/reddit/snudown/security/advisories/GHSA-6gvv-9q92-w5f6). Users are advised to update to version 1.7.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39356 ‼
📖 Read
via "National Vulnerability Database".
The Content Staging WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via several parameters that are echo'd out via the ~/templates/settings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.0.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36869 ‼
📖 Read
via "National Vulnerability Database".
Reflected Cross-Site Scripting (XSS) vulnerability in WordPress Ivory Search plugin (versions <= 4.6.6). Vulnerable parameter: &post.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39328 ‼
📖 Read
via "National Vulnerability Database".
The Simple Job Board WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $job_board_privacy_policy_label variable echo'd out via the ~/admin/settings/class-simple-job-board-settings-privacy.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.9.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22034 ‼
📖 Read
via "National Vulnerability Database".
Releases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure Vulnerability.📖 Read
via "National Vulnerability Database".