π΄ Zscalerβs 2021 Encrypted Attacks Report Reveals 314% Spike in HTTPS Threats π΄
π Read
via "Dark Reading".
Massive increase in cyberattacks targeting technology and retail industries confirms immediate need for zero-trust securityπ Read
via "Dark Reading".
Dark Reading
Zscalerβs 2021 Encrypted Attacks Report Reveals 314% Spike in HTTPS Threats
Massive increase in cyberattacks targeting technology and retail industries confirms immediate need for zero-trust security
π΄ CISA and Partners Coordinate on Security, Combatting Misinformation for Election Day π΄
π Read
via "Dark Reading".
CISA will host an election situational awareness room to coordinate with federal partners, state and local election officials, private sector election partners, and political organizations to share real-time information and provide support as needed.π Read
via "Dark Reading".
Dark Reading
CISA and Partners Coordinate on Security, Combatting Misinformation for Election Day
CISA will host an election situational awareness room to coordinate with federal partners, state and local election officials, private sector election partners, and political organizations to share real-time information and provide support as needed.
βΌ CVE-2021-39341 βΌ
π Read
via "National Vulnerability Database".
The OptinMonster WordPress plugin is vulnerable to sensitive information disclosure and unauthorized setting updates due to insufficient authorization validation via the logged_in_or_has_api_key function in the ~/OMAPI/RestApi.php file that can used to exploit inject malicious web scripts on sites with the plugin installed. This affects versions up to, and including, 2.6.4.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31849 βΌ
π Read
via "National Vulnerability Database".
SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20136 βΌ
π Read
via "National Vulnerability Database".
ManageEngine Log360 Builds < 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log360 to restart. An attacker can leverage this vulnerability to achieve remote code execution by replacing files executed by Log360 on startup.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39340 βΌ
π Read
via "National Vulnerability Database".
The Notification WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/src/classes/Utils/Settings.php file which made it possible for attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 7.2.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31848 βΌ
π Read
via "National Vulnerability Database".
Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the case management part of the DLP ePO extension.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38356 βΌ
π Read
via "National Vulnerability Database".
The NextScripts: Social Networks Auto-Poster <= 4.3.20 WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $_REQUEST['page'] parameter which is echoed out on inc/nxs_class_snap.php by supplying the appropriate value 'nxssnap-post' to load the page in $_GET['page'] along with malicious JavaScript in $_POST['page'].π Read
via "National Vulnerability Database".
βΌ CVE-2021-39346 βΌ
π Read
via "National Vulnerability Database".
The Google Maps Easy WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/modules/marker_groups/views/tpl/mgrEditMarkerGroup.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.9.33. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39333 βΌ
π Read
via "National Vulnerability Database".
The Hashthemes Demo Importer Plugin <= 1.1.1 for WordPress contained several AJAX functions which relied on a nonce which was visible to all logged-in users for access control, allowing them to execute a function that truncated nearly all database tables and removed the contents of wp-content/uploads.π Read
via "National Vulnerability Database".
βΌ CVE-2018-10909 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
π΄ How AI-Driven Security Analytics Speeds Up Enterprise Defense π΄
π Read
via "Dark Reading".
Fresh off a $250 million Series E round, Devo Technology plans to expand the core security analytics platform with new features to help enterprise defenders work with security data faster and more effectively.π Read
via "Dark Reading".
Dark Reading
How AI-Driven Security Analytics Speeds Up Enterprise Defense
Fresh off a $250 million Series E round, Devo Technology plans to expand the core security analytics platform with new features to help enterprise defenders work with security data faster and more effectively.
βΌ CVE-2021-43058 βΌ
π Read
via "National Vulnerability Database".
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41187 βΌ
π Read
via "National Vulnerability Database".
DHIS 2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability has been found in specific versions of DHIS2. This vulnerability affects the API endpoints for /api/trackedEntityInstances and api/events in DHIS2. The system is vulnerable to attack only from users that are logged in to DHIS2, and there is no known way of exploiting the vulnerability without first being logged in as a DHIS2 user. A successful exploit of this vulnerability could allow the malicious user to read, edit and delete data in the DHIS2 instance. There are no known exploits of the security vulnerabilities addressed by these patch releases. However, we strongly recommend that all DHIS2 implementations using versions 2.32, 2.33, 2.34, 2.35 and 2.36 install these patches as soon as possible. There is no straightforward known workaround for DHIS2 instances using the Tracker functionality other than upgrading the affected DHIS2 server to one of the patches in which this vulnerability has been fixed. For implementations which do NOT use Tracker functionality, it may be possible to block all network access to POST to the /api/trackedEntityInstance and /api/events endpoints as a temporary workaround while waiting to upgrade.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41310 βΌ
π Read
via "National Vulnerability Database".
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Associated Projects feature (/secure/admin/AssociatedProjectsForCustomField.jspa). The affected versions are before version 8.5.19, from version 8.6.0 before 8.13.11, and from version 8.14.0 before 8.19.1.π Read
via "National Vulnerability Database".
β Office 365 Phishing Campaign Uses Kasperskyβs Amazon SES Token β
π Read
via "Threat Post".
It's a legitimate access token, stolen from a third-party contractor, that lets the attackers send phishing emails from kaspersky.com email addresses.π Read
via "Threat Post".
Threat Post
Office 365 Phishing Campaign Abuses Stolen Amazon SES Token
Stolen access token leveraged in phishing campaign that spoofs brand name email addresses.
βΌ CVE-2020-35249 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33611 βΌ
π Read
via "National Vulnerability Database".
Missing output sanitization in test sources in org.webjars.bowergithub.vaadin:vaadin-menu-bar versions 1.0.0 through 1.2.0 (Vaadin 14.0.0 through 14.4.4) allows remote attackers to execute malicious JavaScript in browser by opening crafted URLπ Read
via "National Vulnerability Database".
βΌ CVE-2021-27722 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27406 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27723 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Nsasoft US LLC Product Key Explorer 4.2.7. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering.π Read
via "National Vulnerability Database".