βΌ CVE-2022-22110 βΌ
π Read
via "National Vulnerability Database".
In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality. A user with privileges to update his password could change it to a weak password, such as those with a length of a single character. This may allow an attacker to brute-force usersΓ’β¬β’ passwords with minimal to no computational effort.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22108 βΌ
π Read
via "National Vulnerability Database".
In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. An attacker that has the lowest privileges account (employee type user), can view the absences of all users in the system including administrators. This type of user is not authorized to view this kind of information.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22111 βΌ
π Read
via "National Vulnerability Database".
In DayByDay CRM, version 2.2.0 is vulnerable to missing authorization. Any application user in the application who has update user permission enabled is able to change the password of other users, including the administratorΓ’β¬β’s. This allows the attacker to gain access to the highest privileged user in the application.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22109 βΌ
π Read
via "National Vulnerability Database".
In Daybyday CRM, version 2.2.0 is vulnerable to Stored Cross-Site Scripting (XSS) vulnerability that allows low privileged application users to store malicious scripts in the title field of new tasks. These scripts are executed in a victimΓ’β¬β’s browser when they open the Γ’β¬Ε/tasksΓ’β¬οΏ½ page to view all the tasks.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22107 βΌ
π Read
via "National Vulnerability Database".
In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. An attacker that has the lowest privileges account (employee type user), can view the appointments of all users in the system including administrators. However, this type of user is not authorized to view the calendar at all.π Read
via "National Vulnerability Database".
π΄ Why We Need To Reframe the False-Positive Problem π΄
π Read
via "Dark Reading".
Efforts to tune or build behavior- or signature-based threat identification requires time and effort most organizations don't have.π Read
via "Dark Reading".
Dark Reading
Why We Need To Reframe the False-Positive Problem
Efforts to tune or build behavior- or signature-based threat identification requires time and effort most organizations don't have.
π¦Ώ Behind the scenes: A day in the life of a cybersecurity curriculum director π¦Ώ
π Read
via "Tech Republic".
The Kennedy Space Center kick-started Andee Harston's career in cybersecurity. Here's how she worked her way up to overseeing the cybersecurity curriculum for Infosec.π Read
via "Tech Republic".
TechRepublic
Behind the scenes: A day in the life of a cybersecurity curriculum director
The Kennedy Space Center kick-started Andee Harston's career in cybersecurity. Here's how she worked her way up to overseeing the cybersecurity curriculum for Infosec.
π¦Ώ MalSmoke attack: Zloader malware exploits Microsoft's signature verification to steal sensitive data π¦Ώ
π Read
via "Tech Republic".
Already impacting more than 2,000 victims, the malware is able to modify a DLL file digitally signed by Microsoft, says Check Point Research.π Read
via "Tech Republic".
TechRepublic
MalSmoke attack: Zloader malware exploits Microsoft's signature verification to steal sensitive data | TechRepublic
Already impacting more than 2,000 victims, the malware is able to modify a DLL file digitally signed by Microsoft, says Check Point Research.
β FTC to Go After Companies that Ignore Log4j β
π Read
via "Threat Post".
Companies that fail to protect secure consumer data from Log4J attacks are at risk of facing Equifax-esque legal action and fines, the FTC warned.π Read
via "Threat Post".
Threat Post
FTC to Go After Companies that Ignore Log4j
Companies that fail to protect consumer data from Log4J attacks are at risk of facing Equifax-esque legal action and fines, the FTC warned.
π΄ Which Cloud Strategy Is Right For My Organization's Security Needs? π΄
π Read
via "Dark Reading".
The massive Amazon Web Services outage in December had many security leaders asking whether they should be going multicloud or multiregion for their cloud environments.π Read
via "Dark Reading".
Dark Reading
Which Cloud Strategy Is Right For My Organization's Security Needs?
The massive Amazon Web Services outage in December had many security leaders asking whether they should be going multicloud or multiregion for their cloud environments.
π΄ FTC: Companies Could Face Legal Action for Failing to Patch Log4j π΄
π Read
via "Dark Reading".
The FTC will pursue companies that fail to take steps to protect consumer data from exposure due to Log4j, officials report.π Read
via "Dark Reading".
Dark Reading
FTC: Companies Could Face Legal Action for Failing to Patch Log4j
The FTC will pursue companies that fail to take steps to protect consumer data from exposure due to Log4j, officials report.
βΌ CVE-2021-28712 βΌ
π Read
via "National Vulnerability Database".
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "driver domains". Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. There are three affected backends: * blkfront patch 1, CVE-2021-28711 * netfront patch 2, CVE-2021-28712 * hvc_xen (console) patch 3, CVE-2021-28713π Read
via "National Vulnerability Database".
βΌ CVE-2021-38918 βΌ
π Read
via "National Vulnerability Database".
IBM PowerVM Hypervisor FW860, FW940, FW950, and FW1010, through a specific sequence of VM management operations could lead to a violation of the isolation between peer VMs. IBM X-Force ID: 210019.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28711 βΌ
π Read
via "National Vulnerability Database".
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "driver domains". Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. There are three affected backends: * blkfront patch 1, CVE-2021-28711 * netfront patch 2, CVE-2021-28712 * hvc_xen (console) patch 3, CVE-2021-28713π Read
via "National Vulnerability Database".
βΌ CVE-2021-28713 βΌ
π Read
via "National Vulnerability Database".
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "driver domains". Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. There are three affected backends: * blkfront patch 1, CVE-2021-28711 * netfront patch 2, CVE-2021-28712 * hvc_xen (console) patch 3, CVE-2021-28713π Read
via "National Vulnerability Database".
π Top Tips for Preventing BEC Scams π
π Read
via "".
Business email compromise scams have cost companies billions over the past several years. How can businesses best protect themselves against a BEC scam? We asked a panel of experts.π Read
via "".
Digital Guardian
Top Tips for Preventing BEC Scams
Business email compromise scams have cost companies billions over the past several years. How can businesses best protect themselves against a BEC scam? We asked a panel of experts.
β Uber Bug, Ignored for Years, Casts Doubt on Official Uber Emails β
π Read
via "Threat Post".
A simple-to-exploit bug that allows bad actors to send emails from Uber's official system -- skating past email security -- went unaddressed despite multiple flagging by researchers.π Read
via "Threat Post".
Threat Post
Uber Bug, Ignored for Years, Casts Doubt on Official Uber Emails
A simple-to-exploit bug that allows bad actors to send emails from Uber's official system β skating past email security β went unaddressed despite flagging by multiple researchers.
π΄ NY AG: 1.1M Online Consumer Accounts Found Compromised in Credential-Stuffing Attacks π΄
π Read
via "Dark Reading".
Stolen credentials tied to cyberattack incidents at 17 "well-known" online retailers, restaurant chains, food delivery services.π Read
via "Dark Reading".
Dark Reading
NY AG: 1.1M Online Consumer Accounts Found Compromised in Credential-Stuffing Attacks
Stolen credentials tied to cyberattack incidents at 17 "well-known" online retailers, restaurant chains, food delivery services.
β Broward Breach Highlights Healthcare Supply-Chain Problems β
π Read
via "Threat Post".
More than 1.3 million patient records were stolen in the just-disclosed breach, which occurred back in October.π Read
via "Threat Post".
Threat Post
Broward Breach Highlights Healthcare Supply-Chain Problems
More than 1.3 million patient records were stolen in the just-disclosed breach, which occurred back in October.
βΌ CVE-2022-21652 βΌ
π Read
via "National Vulnerability Database".
Shopware is an open source e-commerce software platform. In affected versions shopware would not invalidate a user session in the event of a password change. With version 5.7.7 the session validation was adjusted, so that sessions created prior to the latest password change of a customer account can't be used to login with said account. This also means, that upon a password change, all existing sessions for a given customer account are automatically considered invalid. There is no workaround for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-21642 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open source platform for community discussion. In affected versions when composing a message from topic the composer user suggestions reveals whisper participants. The issue has been patched in stable version 2.7.13 and beta version 2.8.0.beta11. There is no workaround for this issue and users are advised to upgrade.π Read
via "National Vulnerability Database".