β US government securities watchdog spoofed by investment scammers β donβt fall for it! β
π Read
via "Naked Security".
Those numbers that show up on your phone to tell you who's calling? Treat them as SUGGESTIONS, never as PROOF.π Read
via "Naked Security".
Naked Security
US government securities watchdog spoofed by investment scammers β donβt fall for it!
Those numbers that show up on your phone to tell you whoβs calling? Treat them as SUGGESTIONS, never as PROOF.
π΄ In Appreciation: Dark Reading's Tim Wilson π΄
π Read
via "Dark Reading".
Dark Reading co-founder and editor-in-chief Tim Wilson passed away on Nov. 23.π Read
via "Dark Reading".
Dark Reading
In Appreciation: Dark Reading's Tim Wilson
Dark Reading co-founder and editor-in-chief Tim Wilson passed away on Nov. 23.
βΌ CVE-2021-43268 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34424 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3, Zoom VDI before version 5.8.4, Zoom Meeting SDK for Android before version 5.7.6.1922, Zoom Meeting SDK for iOS before version 5.7.6.1082, Zoom Meeting SDK for macOS before version 5.7.6.1340, Zoom Meeting SDK for Windows before version 5.7.6.1081, Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2, Zoom on-premise Meeting Connector before version 4.8.12.20211115, Zoom on-premise Meeting Connector MMR before version 4.8.12.20211115, Zoom on-premise Recording Connector before version 5.1.0.65.20211116, Zoom on-premise Virtual Room Connector before version 4.4.7266.20211117, Zoom on-premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117, Zoom Hybrid Zproxy before version 1.0.1058.20211116, and Zoom Hybrid MMR before version 4.6.20211116.131_x86-64 which potentially allowed for the exposure of the state of process memory. This issue could be used to potentially gain insight into arbitrary areas of the product's memory.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22049 βΌ
π Read
via "National Vulnerability Database".
The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21980 βΌ
π Read
via "National Vulnerability Database".
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34423 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3, Zoom VDI before version 5.8.4, Zoom Meeting SDK for Android before version 5.7.6.1922, Zoom Meeting SDK for iOS before version 5.7.6.1082, Zoom Meeting SDK for macOS before version 5.7.6.1340, Zoom Meeting SDK for Windows before version 5.7.6.1081, Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2, Zoom On-Premise Meeting Connector Controller before version 4.8.12.20211115, Zoom On-Premise Meeting Connector MMR before version 4.8.12.20211115, Zoom On-Premise Recording Connector before version 5.1.0.65.20211116, Zoom On-Premise Virtual Room Connector before version 4.4.7266.20211117, Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117, Zoom Hybrid Zproxy before version 1.0.1058.20211116, and Zoom Hybrid MMR before version 4.6.20211116.131_x86-64. This can potentially allow a malicious actor to crash the service or application, or leverage this vulnerability to execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36917 βΌ
π Read
via "National Vulnerability Database".
WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user. It is possible to retrieve a reset token which can then be used to deactivate the plugin.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36916 βΌ
π Read
via "National Vulnerability Database".
The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is possible because of how the IP address is retrieved and used inside a SQL query. The function "hmwp_get_user_ip" tries to retrieve the IP address from multiple headers, including IP address headers that the user can spoof, such as "X-Forwarded-For." As a result, the malicious payload supplied in one of these IP address headers will be directly inserted into the SQL query, making SQL injection possible.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38873 βΌ
π Read
via "National Vulnerability Database".
IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 208396.π Read
via "National Vulnerability Database".
π΄ How Threat Actors Get into OT Systems π΄
π Read
via "Dark Reading".
The convergence and integration of OT and IT has resulted in a growing number of cyber risks for critical infrastructure. Here are some of the ways attackers are targeting operational technology systems.π Read
via "Dark Reading".
Dark Reading
How Threat Actors Get Into OT Systems
The convergence and integration of OT and IT has resulted in a growing number of cyber-risks for critical infrastructure. Here are some of the ways attackers are targeting operational technology systems.
βΌ CVE-2021-41267 βΌ
π Read
via "National Vulnerability Database".
Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" allowed list are ignored and protect users from "Cache poisoning" attacks. In Symfony 5.2, maintainers added support for the `X-Forwarded-Prefix` headers, but this header was accessible in SubRequest, even if it was not part of the "trusted_headers" allowed list. An attacker could leverage this opportunity to forge requests containing a `X-Forwarded-Prefix` header, leading to a web cache poisoning issue. Versions 5.3.12 and later have a patch to ensure that the `X-Forwarded-Prefix` header is not forwarded to subrequests when it is not trusted.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41270 βΌ
π Read
via "National Vulnerability Database".
Symfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\t`) part of the vulnerable characters, and OWASP suggests using the single quote `'` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `'` to prefix formulas and add the prefix to cells starting by `\t`, `\r` as well as `=`, `+`, `-` and `@`.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41268 βΌ
π Read
via "National Vulnerability Database".
Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attackers can therefore maintain their access to the account even if the password is changed as long as they have had the chance to login once and get a valid remember me cookie. Starting with version 5.3.12, Symfony makes the password part of the signature by default. In that way, when the password changes, then the cookie is not valid anymore.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43778 βΌ
π Read
via "National Vulnerability Database".
Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22957 βΌ
π Read
via "National Vulnerability Database".
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said userΓ’β¬β’s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44219 βΌ
π Read
via "National Vulnerability Database".
Gin-Vue-Admin before 2.4.6 mishandles a SQL database.π Read
via "National Vulnerability Database".
π¦Ώ Get 1,000 hours of cybersecurity training for $21 this Black Friday π¦Ώ
π Read
via "Tech Republic".
Stay up to date for a lifetime with this cybersecurity training bundle with more than 1,000 hours of instruction.π Read
via "Tech Republic".
TechRepublic
Get 1,000 hours of cybersecurity training for $21 this Black Friday
Stay up to date for a lifetime with this cybersecurity training bundle with more than 1,000 hours of instruction.
ποΈ Data breach at New Mexico healthcare business impacts 62,000 state residents ποΈ
π Read
via "The Daily Swig".
True Health New Mexico was hit by a cyber-attack in Octoberπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Data breach at New Mexico healthcare business impacts 62,000 state residents
True Health New Mexico was hit by a cyber-attack in October
β S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast] β
π Read
via "Naked Security".
Latest episode - listen now! Solid cybersecurity advice in plain English.π Read
via "Naked Security".
Naked Security
S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]
Latest episode β listen now! Solid cybersecurity advice in plain English.
ποΈ WordPress security plugin Hide My WP addresses SQL injection, deactivation flaws ποΈ
π Read
via "The Daily Swig".
Bugs deemed βvery easy to exploit as they require no prerequisitesβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
WordPress security plugin Hide My WP addresses SQL injection, deactivation flaws
Bugs deemed βvery easy to exploit as they require no prerequisitesβ