βΌ CVE-2021-22970 βΌ
π Read
via "National Vulnerability Database".
Concrete CMS (formerly concrete5) versions 8.5.6 and below and version 9.0.0 allow local IP importing causing the system to be vulnerable toa. SSRF attacks on the private LAN servers by reading files from the local LAN. An attacker can pivot in the private LAN and exploit local network appsandb. SSRF Mitigation Bypass through DNS RebindingConcrete CMS security team gave this a CVSS score of 3.5 AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:NConcrete CMS is maintaining Concrete version 8.5.x until 1 May 2022 for security fixes.This CVE is shared with HackerOne Reports https://hackerone.com/reports/1364797 and https://hackerone.com/reports/1360016Reporters: Adrian Tiron from FORTBRIDGE (https://www.fortbridge.co.uk/ ) and Bipul Jaiswalπ Read
via "National Vulnerability Database".
βΌ CVE-2021-26248 βΌ
π Read
via "National Vulnerability Database".
Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control sphere to a resource.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22966 βΌ
π Read
via "National Vulnerability Database".
Privilege escalation from Editor to Admin using Groups in Concrete CMS versions 8.5.6 and below. If a group is granted "view" permissions on the bulkupdate page, then users in that group can escalate to being an administrator with a specially crafted curl. Fixed by adding a check for group permissions before allowing a group to be moved. Concrete CMS Security team CVSS scoring: 7.1 AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HCredit for discovery: "Adrian Tiron from FORTBRIDGE ( https://www.fortbridge.co.uk/ )"This fix is also in Concrete version 9.0.0π Read
via "National Vulnerability Database".
βΌ CVE-2021-43555 βΌ
π Read
via "National Vulnerability Database".
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution.π Read
via "National Vulnerability Database".
π΄ 3 Takeaways from the Gartner Risk Management Summit π΄
π Read
via "Dark Reading".
Security leaders can be treated as partners supporting the business and share accountability by establishing relationships with business stakeholders.π Read
via "Dark Reading".
Dark Reading
3 Takeaways from the Gartner Risk Management Summit
Security leaders can be treated as partners supporting the business and share accountability by establishing relationships with business stakeholders.
βοΈ The βZelle Fraudβ Scam: How it Works, How to Fight Back βοΈ
π Read
via "Krebs on Security".
One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim's funds via Zelle, a "peer-to-peer" (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family. Naturally, a great deal of phishing schemes that precede these bank account takeovers begin with a spoofed text message from the target's bank warning about a suspicious Zelle transfer. What follows is a deep dive into how this increasingly clever Zelle fraud scam typically works, and what victims can do about it.π Read
via "Krebs on Security".
Krebsonsecurity
The βZelle Fraudβ Scam: How it Works, How to Fight Back
One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim's funds via Zelle, a "peer-to-peer" (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends andβ¦
π΄ US Banks Will Be Required to Report Cyberattacks Within 36 Hours π΄
π Read
via "Dark Reading".
There is currently no specific time frame during which banks must report to federal regulators that a security incident had occurred. A new notification rules changes that to 36 hours.π Read
via "Dark Reading".
Dark Reading
US Banks Will Be Required to Report Cyberattacks Within 36 Hours
There is currently no specific time frame during which banks must report to federal regulators that a security incident had occurred. A new notification rules changes that to 36 hours.
βΌ CVE-2021-39198 βΌ
π Read
via "National Vulnerability Database".
OroCRM is an open source Client Relationship Management (CRM) application. Affected versions we found to suffer from a vulnerability which could an attacker is able to disqualify any Lead with a Cross-Site Request Forgery (CSRF) attack. There are no workarounds that address this vulnerability and all users are advised to update their package.π Read
via "National Vulnerability Database".
π¦Ώ 8 advanced threats Kaspersky predicts for 2022 π¦Ώ
π Read
via "Tech Republic".
Advanced threats constantly evolve. This year saw multiple examples of advanced persistent threats under the spotlight, allowing us to predict what threats might lead the future.π Read
via "Tech Republic".
TechRepublic
8 advanced threats Kaspersky predicts for 2022
Advanced threats constantly evolve. This year saw multiple examples of advanced persistent threats under the spotlight, allowing Kaspersky to predict what threats might lead in the future.
π¦Ώ Cisco partners with JupiterOne to enhance its SecureX product portfolio π¦Ώ
π Read
via "Tech Republic".
The new product, Cisco Secure Cloud Insights, offers cloud inventory tracking and relationship mapping to navigate public clouds as well as access rights management and security compliance reporting.π Read
via "Tech Republic".
TechRepublic
Cisco partners with JupiterOne to enhance its SecureX product portfolio
The new product, Cisco Secure Cloud Insights, offers cloud inventory tracking and relationship mapping to navigate public clouds as well as access rights management and security compliance reporting.
βΌ CVE-2021-36321 βΌ
π Read
via "National Vulnerability Database".
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an improper input validation vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending specially crafted data to trigger a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36310 βΌ
π Read
via "National Vulnerability Database".
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. A high-privileged API user may potentially exploit this vulnerability, leading to a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36307 βΌ
π Read
via "National Vulnerability Database".
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36308 βΌ
π Read
via "National Vulnerability Database".
Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36322 βΌ
π Read
via "National Vulnerability Database".
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary host header values to poison the web-cache or trigger redirections.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36320 βΌ
π Read
via "National Vulnerability Database".
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially hijack a session and access the webserver by forging the session ID.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36319 βΌ
π Read
via "National Vulnerability Database".
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36340 βΌ
π Read
via "National Vulnerability Database".
Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38681 βΌ
π Read
via "National Vulnerability Database".
A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security patch from Ragic.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36306 βΌ
π Read
via "National Vulnerability Database".
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34358 βΌ
π Read
via "National Vulnerability Database".
We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0.2 ( 2021/08/25 ) and laterπ Read
via "National Vulnerability Database".