βΌ CVE-2020-23549 βΌ
π Read
via "National Vulnerability Database".
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6".π Read
via "National Vulnerability Database".
βΌ CVE-2020-23546 βΌ
π Read
via "National Vulnerability Database".
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981.π Read
via "National Vulnerability Database".
ποΈ βInaction isnβt an optionβ β US lawmakers back mandatory standards for transport and logistics cybersecurity ποΈ
π Read
via "The Daily Swig".
House Committee on Homeland Security hearing pulls focus on securing βplanes, trains, and pipelinesβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
βInaction isnβt an optionβ β US lawmakers back mandatory standards for transport and logistics cybersecurity
House Committee on Homeland Security hearing pulls focus on securing βplanes, trains, and pipelinesβ
βΌ CVE-2021-31624 βΌ
π Read
via "National Vulnerability Database".
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2020-22079 βΌ
π Read
via "National Vulnerability Database".
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31862 βΌ
π Read
via "National Vulnerability Database".
SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31627 βΌ
π Read
via "National Vulnerability Database".
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter.π Read
via "National Vulnerability Database".
ποΈ Google, Salesforce, others team up to launch MVSP security baseline project ποΈ
π Read
via "The Daily Swig".
The collaboration is focused on creating a vendor-neutral security standardπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Google, Salesforce, others team up to launch MVSP security baseline project
The collaboration is focused on creating a vendor-neutral security standard
β Microsoft documents βSHROOTLESSβ hack patched in latest Apple updates β
π Read
via "Naked Security".
We'd have called this bug "SHROOTMORE", but naming it wasn't our call.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
ποΈ Trickbot arrest: Russian national extradited to US for alleged role in developing notorious banking trojan ποΈ
π Read
via "The Daily Swig".
Vladimir Dunaev made his first appearance in federal court this weekπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Trickbot arrest: Russian national extradited to US for alleged role in developing notorious banking trojan
Vladimir Dunaev made his first appearance in federal court this week
π΄ Finding the Right Approach to Cloud Security Posture Management (CSPM) π΄
π Read
via "Dark Reading".
Cloud security is maturing β it has to. New strategies are surfacing to respond to new problems. Dr. Mike Lloyd, RedSeal's CTO, reviews one of the latest: CSPM.π Read
via "Dark Reading".
Dark Reading
Finding the Right Approach to Cloud Security Posture Management (CSPM)
Cloud security is maturing β it has to. New strategies are surfacing to respond to new problems. Dr. Mike Lloyd, RedSeal's CTO, reviews one of the latest: CSPM.
βΌ CVE-2021-3441 βΌ
π Read
via "National Vulnerability Database".
A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross-Site Scripting (XSS).π Read
via "National Vulnerability Database".
βΌ CVE-2021-3662 βΌ
π Read
via "National Vulnerability Database".
Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting (XSS).π Read
via "National Vulnerability Database".
βΌ CVE-2021-22037 βΌ
π Read
via "National Vulnerability Database".
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path Interception by Search Order Hijacking, potentially allowing an attacker to plant a malicious reg.exe command so it takes precedence over the system command. The vulnerability only affects Windows installers.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22038 βΌ
π Read
via "National Vulnerability Database".
On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). This temporary location is not randomized and does not restrict access to Administrators only so a potential attacker could plant a binary to replace the copied binary right before it gets called, thus gaining Administrator privileges (if the original uninstaller was executed as Administrator). The vulnerability only affects Windows installers.π Read
via "National Vulnerability Database".
π΄ A Treehouse of Security Horrors π΄
π Read
via "Dark Reading".
True-life horrors from conversations with software engineers and developers. D'oh!π Read
via "Dark Reading".
Dark Reading
A Treehouse of Security Horrors
True-life horrors from conversations with software engineers and developers. <i>D'oh! </i>
β Google Chrome is Abused to Deliver Malware as βLegitβ Win 10 App β
π Read
via "Threat Post".
Malware delivered via a compromised website on Chrome browsers can bypass User Account Controls to infect systems and steal sensitive data, such as credentials and cryptocurrency.π Read
via "Threat Post".
Threat Post
Google Chrome is Abused to Deliver Malware as βLegitβ Win 10 App
Malware delivered via a compromised website on Chrome browsers can bypass User Account Controls to infect systems and steal sensitive data, such as credentials and cryptocurrency.
π΄ What Exactly Is Secure Access Service Edge (SASE)? π΄
π Read
via "Dark Reading".
Any company that supports a hybrid workforce should at least be familiar with this relatively new security approach.π Read
via "Dark Reading".
Dark Reading
What Exactly Is Secure Access Service Edge (SASE)?
Any company that supports a hybrid workforce should at least be familiar with this relatively new security approach.
ποΈ All Day DevOps 2021: Securing the software supply chain with ephemerality and the least-privilege principle ποΈ
π Read
via "The Daily Swig".
βThe new boundary for systems engineering is how ephemeral can you make any given process with a privilegeβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
All Day DevOps 2021: Securing the software supply chain with ephemerality and the least-privilege principle
βThe new boundary for systems engineering is how ephemeral can you make any given process with a privilegeβ
βΌ CVE-2021-41186 βΌ
π Read
via "National Vulnerability Database".
Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack. This issue is patched in version 1.14.2 There are two workarounds available. Either don't use parser_apache2 for parsing logs (which cannot guarantee generated by Apache), or put patched version of parser_apache2.rb into /etc/fluent/plugin directory (or any other directories specified by the environment variable `FLUENT_PLUGIN` or `--plugin` option of fluentd).π Read
via "National Vulnerability Database".
βΌ CVE-2021-35237 βΌ
π Read
via "National Vulnerability Database".
A missing HTTP header (X-Frame-Options) in Kiwi Syslog Server has left customers vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a button or link, to another server in which they have an identical webpage. The attacker essentially hijacks the user activity intended for the original server and sends them to the other server. This is an attack on both the user and the server.π Read
via "National Vulnerability Database".