βΌ CVE-2021-22965 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow an unauthenticated administrator to causes a denial of service when a malformed request is sent to the device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22951 βΌ
π Read
via "National Vulnerability Database".
Unauthorized individuals could view password protected files using view_inline in Concrete CMS (previously concrete 5) prior to version 8.5.7. Concrete CMS now checks to see if a file has a password in view_inline and, if it does, the file is not rendered.For version 8.5.6, the following mitigations were put in place a. restricting file types for view_inline to images only b. putting a warning in the file manager to advise users.Credit for discovery: "Solar Security Research Team"Concrete CMS security team CVSS scoring is 5.3: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NThis fix is also in Concrete version 9.0.0π Read
via "National Vulnerability Database".
βΌ CVE-2021-42254 βΌ
π Read
via "National Vulnerability Database".
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22967 βΌ
π Read
via "National Vulnerability Database".
In Concrete CMS (formerly concrete 5) below 8.5.7, IDOR Allows Unauthenticated User to Access Restricted Files If Allowed to Add Message to a Conversation.To remediate this, a check was added to verify a user has permissions to view files before attaching the files to a message in "add / edit messageΓ’β¬οΏ½.Concrete CMS security team gave this a CVSS v3.1 score of 4.3 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NCredit for discovery Adrian Hπ Read
via "National Vulnerability Database".
βΌ CVE-2021-36884 βΌ
π Read
via "National Vulnerability Database".
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability discovered in WordPress Backup Migration plugin <= 1.1.5 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44038 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users (with control of the non-root-owned directory /etc/quagga) to escalate their privileges to root upon package installation or update.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22970 βΌ
π Read
via "National Vulnerability Database".
Concrete CMS (formerly concrete5) versions 8.5.6 and below and version 9.0.0 allow local IP importing causing the system to be vulnerable toa. SSRF attacks on the private LAN servers by reading files from the local LAN. An attacker can pivot in the private LAN and exploit local network appsandb. SSRF Mitigation Bypass through DNS RebindingConcrete CMS security team gave this a CVSS score of 3.5 AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:NConcrete CMS is maintaining Concrete version 8.5.x until 1 May 2022 for security fixes.This CVE is shared with HackerOne Reports https://hackerone.com/reports/1364797 and https://hackerone.com/reports/1360016Reporters: Adrian Tiron from FORTBRIDGE (https://www.fortbridge.co.uk/ ) and Bipul Jaiswalπ Read
via "National Vulnerability Database".
βΌ CVE-2021-26248 βΌ
π Read
via "National Vulnerability Database".
Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control sphere to a resource.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22966 βΌ
π Read
via "National Vulnerability Database".
Privilege escalation from Editor to Admin using Groups in Concrete CMS versions 8.5.6 and below. If a group is granted "view" permissions on the bulkupdate page, then users in that group can escalate to being an administrator with a specially crafted curl. Fixed by adding a check for group permissions before allowing a group to be moved. Concrete CMS Security team CVSS scoring: 7.1 AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HCredit for discovery: "Adrian Tiron from FORTBRIDGE ( https://www.fortbridge.co.uk/ )"This fix is also in Concrete version 9.0.0π Read
via "National Vulnerability Database".
βΌ CVE-2021-43555 βΌ
π Read
via "National Vulnerability Database".
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution.π Read
via "National Vulnerability Database".
π΄ 3 Takeaways from the Gartner Risk Management Summit π΄
π Read
via "Dark Reading".
Security leaders can be treated as partners supporting the business and share accountability by establishing relationships with business stakeholders.π Read
via "Dark Reading".
Dark Reading
3 Takeaways from the Gartner Risk Management Summit
Security leaders can be treated as partners supporting the business and share accountability by establishing relationships with business stakeholders.
βοΈ The βZelle Fraudβ Scam: How it Works, How to Fight Back βοΈ
π Read
via "Krebs on Security".
One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim's funds via Zelle, a "peer-to-peer" (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family. Naturally, a great deal of phishing schemes that precede these bank account takeovers begin with a spoofed text message from the target's bank warning about a suspicious Zelle transfer. What follows is a deep dive into how this increasingly clever Zelle fraud scam typically works, and what victims can do about it.π Read
via "Krebs on Security".
Krebsonsecurity
The βZelle Fraudβ Scam: How it Works, How to Fight Back
One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim's funds via Zelle, a "peer-to-peer" (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends andβ¦
π΄ US Banks Will Be Required to Report Cyberattacks Within 36 Hours π΄
π Read
via "Dark Reading".
There is currently no specific time frame during which banks must report to federal regulators that a security incident had occurred. A new notification rules changes that to 36 hours.π Read
via "Dark Reading".
Dark Reading
US Banks Will Be Required to Report Cyberattacks Within 36 Hours
There is currently no specific time frame during which banks must report to federal regulators that a security incident had occurred. A new notification rules changes that to 36 hours.
βΌ CVE-2021-39198 βΌ
π Read
via "National Vulnerability Database".
OroCRM is an open source Client Relationship Management (CRM) application. Affected versions we found to suffer from a vulnerability which could an attacker is able to disqualify any Lead with a Cross-Site Request Forgery (CSRF) attack. There are no workarounds that address this vulnerability and all users are advised to update their package.π Read
via "National Vulnerability Database".
π¦Ώ 8 advanced threats Kaspersky predicts for 2022 π¦Ώ
π Read
via "Tech Republic".
Advanced threats constantly evolve. This year saw multiple examples of advanced persistent threats under the spotlight, allowing us to predict what threats might lead the future.π Read
via "Tech Republic".
TechRepublic
8 advanced threats Kaspersky predicts for 2022
Advanced threats constantly evolve. This year saw multiple examples of advanced persistent threats under the spotlight, allowing Kaspersky to predict what threats might lead in the future.
π¦Ώ Cisco partners with JupiterOne to enhance its SecureX product portfolio π¦Ώ
π Read
via "Tech Republic".
The new product, Cisco Secure Cloud Insights, offers cloud inventory tracking and relationship mapping to navigate public clouds as well as access rights management and security compliance reporting.π Read
via "Tech Republic".
TechRepublic
Cisco partners with JupiterOne to enhance its SecureX product portfolio
The new product, Cisco Secure Cloud Insights, offers cloud inventory tracking and relationship mapping to navigate public clouds as well as access rights management and security compliance reporting.
βΌ CVE-2021-36321 βΌ
π Read
via "National Vulnerability Database".
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an improper input validation vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending specially crafted data to trigger a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36310 βΌ
π Read
via "National Vulnerability Database".
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. A high-privileged API user may potentially exploit this vulnerability, leading to a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36307 βΌ
π Read
via "National Vulnerability Database".
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36308 βΌ
π Read
via "National Vulnerability Database".
Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36322 βΌ
π Read
via "National Vulnerability Database".
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary host header values to poison the web-cache or trigger redirections.π Read
via "National Vulnerability Database".