βΌ CVE-2021-41187 βΌ
π Read
via "National Vulnerability Database".
DHIS 2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability has been found in specific versions of DHIS2. This vulnerability affects the API endpoints for /api/trackedEntityInstances and api/events in DHIS2. The system is vulnerable to attack only from users that are logged in to DHIS2, and there is no known way of exploiting the vulnerability without first being logged in as a DHIS2 user. A successful exploit of this vulnerability could allow the malicious user to read, edit and delete data in the DHIS2 instance. There are no known exploits of the security vulnerabilities addressed by these patch releases. However, we strongly recommend that all DHIS2 implementations using versions 2.32, 2.33, 2.34, 2.35 and 2.36 install these patches as soon as possible. There is no straightforward known workaround for DHIS2 instances using the Tracker functionality other than upgrading the affected DHIS2 server to one of the patches in which this vulnerability has been fixed. For implementations which do NOT use Tracker functionality, it may be possible to block all network access to POST to the /api/trackedEntityInstance and /api/events endpoints as a temporary workaround while waiting to upgrade.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41310 βΌ
π Read
via "National Vulnerability Database".
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Associated Projects feature (/secure/admin/AssociatedProjectsForCustomField.jspa). The affected versions are before version 8.5.19, from version 8.6.0 before 8.13.11, and from version 8.14.0 before 8.19.1.π Read
via "National Vulnerability Database".
β Office 365 Phishing Campaign Uses Kasperskyβs Amazon SES Token β
π Read
via "Threat Post".
It's a legitimate access token, stolen from a third-party contractor, that lets the attackers send phishing emails from kaspersky.com email addresses.π Read
via "Threat Post".
Threat Post
Office 365 Phishing Campaign Abuses Stolen Amazon SES Token
Stolen access token leveraged in phishing campaign that spoofs brand name email addresses.
βΌ CVE-2020-35249 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33611 βΌ
π Read
via "National Vulnerability Database".
Missing output sanitization in test sources in org.webjars.bowergithub.vaadin:vaadin-menu-bar versions 1.0.0 through 1.2.0 (Vaadin 14.0.0 through 14.4.4) allows remote attackers to execute malicious JavaScript in browser by opening crafted URLπ Read
via "National Vulnerability Database".
βΌ CVE-2021-27722 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27406 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27723 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Nsasoft US LLC Product Key Explorer 4.2.7. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36560 βΌ
π Read
via "National Vulnerability Database".
Phone Shop Sales Managements System using PHP with Source Code 1.0 is vulnerable to authentication bypass which leads to account takeover of the admin.π Read
via "National Vulnerability Database".
π΄ How Hackers Are Targeting Cryptocurrency π΄
π Read
via "Dark Reading".
Crypto exchanges that want to maintain credibility must implement some of the same "know your customer" controls used by banks and similar institutions.π Read
via "Dark Reading".
Dark Reading
How Hackers Are Targeting Cryptocurrency
Crypto exchanges that want to maintain credibility must implement some of the same "know your customer" controls used by banks and similar institutions.
βΌ CVE-2021-42763 βΌ
π Read
via "National Vulnerability Database".
Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The issue occurs when the cluster manager forwards a HTTP request from the pluggable UI (query workbench etc) to the specific service. In the backtrace, the Basic Auth Header included in the HTTP request, has the "@" user credentials of the node processing the UI request.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37842 βΌ
π Read
via "National Vulnerability Database".
metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote Cluster XDCR credentials can get leaked in debug logs. Config key tombstone purging was added in Couchbase Server 7.0.0. This issue happens when a config key, which is being logged, has a tombstone purger time-stamp attached to it.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36923 βΌ
π Read
via "National Vulnerability Database".
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36922 βΌ
π Read
via "National Vulnerability Database".
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36925 βΌ
π Read
via "National Vulnerability Database".
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42568 βΌ
π Read
via "National Vulnerability Database".
Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36924 βΌ
π Read
via "National Vulnerability Database".
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device.π Read
via "National Vulnerability Database".
ποΈ Data breach at US physical therapy center impacts more than 6,500 patients ποΈ
π Read
via "The Daily Swig".
Minnesota healthcare provider hit by cyber-attack A US physical therapy center has announced that the personal data of more than 6,500 patients has been breached in a security incident. Viverant PT, bπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Data breach at US healthcare provider Viverant PT impacts more than 6,500 patients
Minnesota healthcare provider hit by cyber-attack A data breach at a physical therapy center based in the US has breached the personal data of more than 6,500 patients. Viverant PT, based in Minneapol
ποΈ Mitre-for-malware project MalAPI seeks community support ποΈ
π Read
via "The Daily Swig".
Windows malware catalogued by API callsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Mitre-for-malware project MalAPI seeks community support
Windows malware cataloged by API calls
βοΈ The βGrooveβ Ransomware Gang Was a Hoax βοΈ
π Read
via "Krebs on Security".
A number of publications in September warned about the emergence of "Groove," a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists.π Read
via "Krebs on Security".
Krebsonsecurity
The βGrooveβ Ransomware Gang Was a Hoax
A number of publications in September warned about the emergence of "Groove," a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoaxβ¦
β Apple macOS Flaw Allows Kernel-Level Compromise β
π Read
via "Threat Post".
βShrootlessβ allows bypass of System Integrity Protection IT security measures to install a malicious rootkit that goes undetected and performs arbitrary device operations.π Read
via "Threat Post".
Threat Post
Apple macOS Flaw Allows Kernel-Level Compromise
βShrootlessβ allows bypass of System Integrity Protection IT security measures to install a malicious rootkit that goes undetected and performs arbitrary device operations.