π΄ Infosec and Business Alignment Lowers Breach Cost, Boosts Security π΄
π Read
via "Dark Reading".
As attacks and security budgets continue to rise, data shows the most secure organizations are the ones that strike a security-business balance.π Read
via "Dark Reading".
Dark Reading
Infosec and Business Alignment Lowers Breach Cost, Boosts Security
As attacks and security budgets continue to rise, data shows the most secure organizations are the ones that strike a security-business balance.
β Mekotio Banking Trojan Resurges with Tweaked Code, Stealthy Campaign β
π Read
via "Threat Post".
The banker, aka Metamorfo, is roaring back after Spanish police arrested more than a dozen gang members.π Read
via "Threat Post".
Threat Post
Mekotio Banking Trojan Resurges with Tweaked Code, Stealthy Campaign
The banker, aka Metamorfo, is roaring back after Spanish police arrested more than a dozen gang members.
π΄ Where is Cloud Permissions Management headed? π΄
π Read
via "Dark Reading".
Cloud Permissions Management emerged as a standalone cloud security technology, but is quickly becoming part of a broader set of capabilitiesπ Read
via "Dark Reading".
Dark Reading
Where Is Cloud Permissions Management Headed?
Cloud permissions management emerged as a standalone cloud security technology but is quickly becoming part of a broader set of capabilities
π΄ US Blacklists Israeli Firms NSO Group and Candiru π΄
π Read
via "Dark Reading".
The US Commerce Department has also added Russia's Positive Technologies and Singapore's Computer Security Initiative Consultancy.π Read
via "Dark Reading".
Dark Reading
US Blacklists Israeli Firms NSO Group and Candiru
The US Commerce Department has also added Russia's Positive Technologies and Singapore's Computer Security Initiative Consultancy.
βΌ CVE-2021-23624 βΌ
π Read
via "National Vulnerability Database".
This affects the package dotty before 0.1.2. A type confusion vulnerability can lead to a bypass of CVE-2021-25912 when the user-provided keys used in the path parameter are arrays.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23472 βΌ
π Read
via "National Vulnerability Database".
This affects all versions of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set.π Read
via "National Vulnerability Database".
βΌ CVE-2020-18263 βΌ
π Read
via "National Vulnerability Database".
PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. This vulnerability allows attackers to access sensitive database information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23509 βΌ
π Read
via "National Vulnerability Database".
This affects the package json-ptr before 3.0.0. A type confusion vulnerability can lead to a bypass of CVE-2020-7766 when the user-provided keys used in the pointer parameter are arrays.π Read
via "National Vulnerability Database".
βΌ CVE-2020-18259 βΌ
π Read
via "National Vulnerability Database".
ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23807 βΌ
π Read
via "National Vulnerability Database".
This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays.π Read
via "National Vulnerability Database".
βΌ CVE-2020-18262 βΌ
π Read
via "National Vulnerability Database".
ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43140 βΌ
π Read
via "National Vulnerability Database".
SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login.π Read
via "National Vulnerability Database".
βΌ CVE-2020-18261 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23820 βΌ
π Read
via "National Vulnerability Database".
This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41134 βΌ
π Read
via "National Vulnerability Database".
nbdime provides tools for diffing and merging of Jupyter Notebooks. In affected versions a stored cross-site scripting (XSS) issue exists within the Jupyter-owned nbdime project. It appears that when reading the file name and path from disk, the extension does not sanitize the string it constructs before returning it to be displayed. The diffNotebookCheckpoint function within nbdime causes this issue. When attempting to display the name of the local notebook (diffNotebookCheckpoint), nbdime appears to simply append .ipynb to the name of the input file. The NbdimeWidget is then created, and the base string is passed through to the request API function. From there, the frontend simply renders the HTML tag and anything along with it. Users are advised to patch to the most recent version of the affected product.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43141 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Simple Subscription Website 1.0 via the id parameter in plan_application.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41174 βΌ
π Read
via "National Vulnerability Database".
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(ΓΒ’Γ’βΒ¬ΓΕalert(1)ΓΒ’Γ’β¬ÒβΒ’)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23784 βΌ
π Read
via "National Vulnerability Database".
This affects the package tempura before 0.4.0. If the input to the esc function is of type object (i.e an array) it is returned without being escaped/sanitized, leading to a potential Cross-Site Scripting vulnerability.π Read
via "National Vulnerability Database".
π΄ Cloud Data Security Startup Launches π΄
π Read
via "Dark Reading".
TrustLogix aims to streamline and simplify data governance in the cloud.π Read
via "Dark Reading".
Dark Reading
Cloud Data Security Startup Launches
TrustLogix aims to streamline and simplify data governance in the cloud.
π¦Ώ Cisco Talos reports new variant of Babuk ransomware targeting Exchange servers π¦Ώ
π Read
via "Tech Republic".
A new bad actor called Tortilla is running the campaign, and most affected users are in the U.S.π Read
via "Tech Republic".
TechRepublic
Cisco Talos reports new variant of Babuk ransomware targeting Exchange servers
A new bad actor called Tortilla is running the campaign, and most affected users are in the U.S.
π΄ 5 MITRE ATT&CK Tactics Most Frequently Detected by Cisco Secure Firewalls π΄
π Read
via "Dark Reading".
Cisco Security examines the most frequently encountered MITRE ATT&CK tactics and techniques.π Read
via "Dark Reading".
Dark Reading
5 MITRE ATT&CK Tactics Most Frequently Detected by Cisco Secure Firewalls
Cisco Security examines the most frequently encountered MITRE ATT&CK tactics and techniques.