βΌ CVE-2021-43829 βΌ
π Read
via "National Vulnerability Database".
PatrOwl is a free and open-source solution for orchestrating Security Operations. In versions prior to 1.7.7 PatrowlManager unrestrictly handle upload files in the findings import feature. This vulnerability is capable of uploading dangerous type of file to server leading to XSS attacks and potentially other forms of code injection. Users are advised to update to 1.7.7 as soon as possible. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43820 βΌ
π Read
via "National Vulnerability Database".
Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether the token exist in the cache. However, if the token exists in cache, the server doesn't check whether it's associated with the specific library in the URL. This vulnerability makes it possible to use any valid sync token to access data from any **known** library. Note that the attacker has to first find out the ID of a library which it has no access to. The library ID is a random UUID, which is not possible to be guessed. There are no workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2018-10228 βΌ
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in /application/controller/admin/theme.php in LimeSurvey 3.6.2+180406 allows remote attackers to inject arbitrary web script or HTML via the changes_cp parameter to the index.php/admin/themes/sa/templatesavechanges URI.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43051 βΌ
π Read
via "National Vulnerability Database".
The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire Server, and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows malicious custom API clients with network access to execute internal API operations outside of the scope of those granted to it. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Server: versions 10.10.6 and below, TIBCO Spotfire Server: versions 11.0.0, 11.1.0, 11.2.0, 11.3.0, 11.4.0, and 11.4.1, and TIBCO Spotfire Server: versions 11.5.0 and 11.6.0.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43828 βΌ
π Read
via "National Vulnerability Database".
PatrOwl is a free and open-source solution for orchestrating Security Operations. In versions prior to 1.77 an improper privilege management (IDOR) has been found in PatrowlManager. All imports findings file is placed under /media/imports/<owner_id>/<tmp_file> In that, owner_id is predictable and tmp_file is in format of import_<ownder_id>_<time_created>, for example: import_1_1639213059582.json This filename is predictable and allows anyone without logging in to download all finding import files This vulnerability is capable of allowing unlogged in users to download all finding imports file. Users are advised to update to 1.7.7 as soon as possible. There are no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43830 βΌ
π Read
via "National Vulnerability Database".
OpenProject is a web-based project management software. OpenProject versions >= 12.0.0 are vulnerable to a SQL injection in the budgets module. For authenticated users with the "Edit budgets" permission, the request to reassign work packages to another budget unsufficiently sanitizes user input in the `reassign_to_id` parameter. The vulnerability has been fixed in version 12.0.4. Versions prior to 12.0.0 are not affected. If you're upgrading from an older version, ensure you are upgrading to at least version 12.0.4. If you are unable to upgrade in a timely fashion, the following patch can be applied: https://github.com/opf/openproject/pull/9983.patchπ Read
via "National Vulnerability Database".
βΌ CVE-2021-44948 βΌ
π Read
via "National Vulnerability Database".
glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in /public_html/admin/plugins/bad_behavior2/blacklist.php. Using the CSRF vulnerability to trick the administrator to click, an attacker can add a blacklist.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40883 βΌ
π Read
via "National Vulnerability Database".
A Remote Code Execution (RCE) vulnerability exists in emlog 5.3.1 via content/plugins.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4044 βΌ
π Read
via "National Vulnerability Database".
Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return value is mishandled by OpenSSL and will cause an IO function (such as SSL_connect() or SSL_do_handshake()) to not indicate success and a subsequent call to SSL_get_error() to return the value SSL_ERROR_WANT_RETRY_VERIFY. This return value is only supposed to be returned by OpenSSL if the application has previously called SSL_CTX_set_cert_verify_callback(). Since most applications do not do this the SSL_ERROR_WANT_RETRY_VERIFY return value from SSL_get_error() will be totally unexpected and applications may not behave correctly as a result. The exact behaviour will depend on the application but it could result in crashes, infinite loops or other similar incorrect responses. This issue is made more serious in combination with a separate bug in OpenSSL 3.0 that will cause X509_verify_cert() to indicate an internal error when processing a certificate chain. This will occur where a certificate does not include the Subject Alternative Name extension but where a Certificate Authority has enforced name constraints. This issue can occur even with valid chains. By combining the two issues an attacker could induce incorrect, application dependent behaviour. Fixed in OpenSSL 3.0.1 (Affected 3.0.0).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45046 βΌ
π Read
via "National Vulnerability Database".
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in a denial of service (DOS) attack. Log4j 2.15.0 restricts JNDI LDAP lookups to localhost by default. Note that previous mitigations involving configuration such as to set the system property `log4j2.noFormatMsgLookup` to `true` do NOT mitigate this specific vulnerability. Log4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default. This issue can be mitigated in prior releases (<2.16.0) by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).π Read
via "National Vulnerability Database".
π΄ Microsoft Patches Zero-Day Spreading Emotet Malware π΄
π Read
via "Dark Reading".
The December rollout includes 67 security patches and addresses one zero-day and five more publicly known vulnerabilities.π Read
via "Dark Reading".
Dark Reading
Microsoft Patches Zero-Day Spreading Emotet Malware
The December rollout includes 67 security patches and addresses one zero-day and five more publicly known vulnerabilities.
β Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery β
π Read
via "Threat Post".
December's Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities.π Read
via "Threat Post".
Threat Post
Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery
December's Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities.
π΄ Ransomware Hits Virginia Legislative Agencies π΄
π Read
via "Dark Reading".
The attack forced a shutdown of computer systems and websites for Virginia legislative agencies and commissions, reports state.π Read
via "Dark Reading".
Dark Reading
Ransomware Hits Virginia Legislative Agencies
The attack forced a shutdown of computer systems and websites for Virginia legislative agencies and commissions, reports state.
π΄ Tool Overload & Attack Surface Expansion Plague SOCs π΄
π Read
via "Dark Reading".
Security professionals are burning out from handling too many tools and facing a growing number of threats, and more than 40% see lack of leadership as the main problem.π Read
via "Dark Reading".
Dark Reading
Tool Overload & Attack Surface Expansion Plague SOCs
Security professionals are burning out from handling too many tools and facing a growing number of threats, and more than 40% see lack of leadership as the main problem.
βοΈ Microsoft Patch Tuesday, December 2021 Edition βοΈ
π Read
via "Krebs on Security".
Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that that is already being actively exploited. But this month's Patch Tuesday is being overshadowed by the "Log4Shell" 0-day exploit in a popular Java library that web server administrators are now racing to find and patch amid widespread exploitation of the flaw.π Read
via "Krebs on Security".
Krebsonsecurity
Microsoft Patch Tuesday, December 2021 Edition
Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that that is already being actively exploited. But this month's Patch Tuesday is being overshadowedβ¦
βΌ CVE-2021-44942 βΌ
π Read
via "National Vulnerability Database".
glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in /public_html/admin/plugins/bad_behavior2/blacklist.php. Using the CSRF vulnerability to trick the administrator to click, an attacker can add a blacklist.π Read
via "National Vulnerability Database".
π΄ Propane Gas Distributor Hit With Ransomware π΄
π Read
via "Dark Reading".
North America-based Superior Plus "temporarily disabled" some of its systems in the wake of the attack.π Read
via "Dark Reading".
Dark Reading
Propane Gas Distributor Hit with Ransomware
North America-based Superior Plus "temporarily disabled" some of its systems in the wake of the attack.
β Apple iOS Update Fixes Cringey iPhone 13 Jailbreak Exploit β
π Read
via "Threat Post".
It took just 15 seconds to hack the latest, greatest, shiniest iPhone 13 Pro on stage at the Tianfu Cup in October, using a now-fixed iOS kernel bug.π Read
via "Threat Post".
Threat Post
Apple iOS Update Fixes Cringey iPhone 13 Jailbreak Exploit
It took just 15 seconds to hack the latest, greatest, shiniest iPhone 13 Pro on stage at the Tianfu Cup in October, using a now-fixed iOS kernel bug.
π¦Ώ How to install Qubes OS as a virtual machine π¦Ώ
π Read
via "Tech Republic".
Qubes OS defines itself modestly as "a reasonably secure operating system." It might actually be one of the safest operating systems, often used by pros who are most concerned with computer security.π Read
via "Tech Republic".
TechRepublic
How to install Qubes OS as a virtual machine
Qubes OS defines itself modestly as "a reasonably secure operating system." It might actually be one of the safest operating systems, often used by pros who are most concerned with computer security.
π΄ Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors π΄
π Read
via "Dark Reading".
Amid the increase in Log4J attack activity, at least one Iranian state-backed threat group is preparing to target the vulnerability, experts say.π Read
via "Dark Reading".
Dark Reading
Attackers Target Log4j to Drop Ransomware, Web Shells, Backdoors
Amid the increase in Log4j attack activity, at least one Iranian state-backed threat group is preparing to target the vulnerability, experts say.
π΄ Ground Labs Research Reveals 71% of American Consumers are Unaware of Data Protection Laws π΄
π Read
via "Dark Reading".
Google Survey of 1,000 U.S. consumers uncovers data privacy disconnect, a call to action for businesses.π Read
via "Dark Reading".
Dark Reading
Ground Labs Research Reveals 71% of American Consumers are Unaware of Data Protection Laws
Google Survey of 1,000 U.S. consumers uncovers data privacy disconnect, a call to action for businesses.