βΌ CVE-2021-37196 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS unpacks specially crafted archive files to relative paths. This vulnerability could allow an attacker to store files in any folder accessible by the COMOS Web webservice.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45034 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70ΓΒ°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70ΓΒ°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). The web server of the affected system allows access to logfiles and diagnostic data generated by a privileged user. An unauthenticated attacker could access the files by knowing the corresponding download links.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45033 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70ΓΒ°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70ΓΒ°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). An undocumented debug port uses hard-coded default credentials. If this port is enabled by a privileged user, an attacker aware of the credentials could access an administrative debug shell on the affected device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37198 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS uses a flawed implementation of CSRF prevention. An attacker could exploit this vulnerability to perform Cross-Site-Request-Forgery attacks.π Read
via "National Vulnerability Database".
ποΈ Multiple Node.js vulnerabilities fixed in flurry of new releases ποΈ
π Read
via "The Daily Swig".
Three medium-impact and one low severity bug have been patchedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Multiple Node.js vulnerabilities fixed in flurry of new releases
Three medium-impact and one low severity bug have been patched
π΄ 5 Things to Know About Next-Generation SIEM π΄
π Read
via "Dark Reading".
NG-SIEM is emerging as a cloud- and analytics-driven alternative to legacy SIEMs. Based on new research, Omdia highlights five important new insights for anyone considering a NG-SIEM purchase.π Read
via "Dark Reading".
Dark Reading
5 Things to Know About Next-Generation SIEM
NG-SIEM is emerging as a cloud- and analytics-driven alternative to legacy SIEMs. Based on new research, Omdia highlights five important new insights for anyone considering a NG-SIEM purchase.
β Critical SonicWall NAC Vulnerability Stems from Apache Mods β
π Read
via "Threat Post".
Researchers offer more detail on the bug, which can allow attackers to completely take over targets.π Read
via "Threat Post".
Threat Post
Critical SonicWall NAC Vulnerability Stems from Apache Mods
Researchers offer more detail on the bug, which can allow attackers to completely take over targets.
βΌ CVE-2021-44647 βΌ
π Read
via "National Vulnerability Database".
Lua 5.4.4 and 5.4.2 are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service.π Read
via "National Vulnerability Database".
π΄ Why Security Awareness Training Should Begin in the C-Suite π΄
π Read
via "Dark Reading".
It's not just the rights and privileges that CXOs have on the network. They can also set an example of what good security hygiene looks like.π Read
via "Dark Reading".
Dark Reading
Why Security Awareness Training Should Begin in the C-Suite
It's not just the rights and privileges that CXOs have on the network. They can also set an example of what good security hygiene looks like.
β βFully Undetectedβ SysJoker Backdoor Malware Targets Windows, Linux & macOS β
π Read
via "Threat Post".
The malware establishes initial access on targeted machines, then waits for additional code to execute.π Read
via "Threat Post".
Threat Post
βFully Undetectedβ SysJoker Backdoor Malware Targets Windows, Linux & macOS
The malware establishes initial access on targeted machines, then waits for additional code to execute.
ποΈ VMware Horizon under attack as China-based ransomware group targets Log4j vulnerability ποΈ
π Read
via "The Daily Swig".
Microsoft says cybercrime group is attempting to deploy NightSky ransomwareπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
VMware Horizon under attack as China-based ransomware group targets Log4j vulnerability
Microsoft says cybercrime group is attempting to deploy NightSky ransomware
π Faraday 3.19.0 π
π Read
via "Packet Storm Security".
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.π Read
via "Packet Storm Security".
Packetstormsecurity
Faraday 3.19.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π¦Ώ 9 ways that cybersecurity may change in 2022 π¦Ώ
π Read
via "Tech Republic".
As malicious bot activity increases and attacks surge against APIs, MFA will become more of a mandate and the CISO will take on a greater role, predicts Ping Identity CEO and founder Andre Durand.π Read
via "Tech Republic".
TechRepublic
9 ways that cybersecurity may change in 2022
As malicious bot activity increases and attacks surge against APIs, MFA will become more of a mandate and the CISO will take on a greater role, predicts Ping Identity CEO and founder Andre Durand.
ποΈ Growing cyber threats listed among greatest global risks in annual World Economic Forum report ποΈ
π Read
via "The Daily Swig".
Resilience, resilience, resilienceπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Growing cyber threats listed among greatest global risks in annual World Economic Forum report
Resilience, resilience, resilience
π¦Ώ Google Drive accounted for the most malware downloads from cloud storage sites in 2021 π¦Ώ
π Read
via "Tech Republic".
Google took over the top spot for malicious downloads from Microsoft OneDrive as attackers created free accounts, uploaded malware and shared documents with unsuspecting users, says Netskope.π Read
via "Tech Republic".
TechRepublic
Google Drive accounted for the most malware downloads from cloud storage sites in 2021
Google took over the top spot for malicious downloads from Microsoft OneDrive as attackers created free accounts, uploaded malware and shared documents with unsuspecting users, says Netskope.
βΌ CVE-2022-21669 βΌ
π Read
via "National Vulnerability Database".
PuddingBot is a group management bot. In version 0.0.6-b933652 and prior, the bot token is publicly exposed in main.py, making it accessible to malicious actors. The bot token has been revoked and new version is already running on the server. As of time of publication, the maintainers are planning to update code to reflect this change at a later date.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28102 βΌ
π Read
via "National Vulnerability Database".
cscms v4.1 allows for SQL injection via the "js_del" function.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28103 βΌ
π Read
via "National Vulnerability Database".
cscms v4.1 allows for SQL injection via the "page_del" function.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0170 βΌ
π Read
via "National Vulnerability Database".
peertube is vulnerable to Improper Access Controlπ Read
via "National Vulnerability Database".
βΌ CVE-2022-21671 βΌ
π Read
via "National Vulnerability Database".
@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are multiple failed attempts to contact Replit through a WebSocket, the library will attempt to communicate using a fallback poll-based proxy. The URL of the proxy has changed, so any communication done to the previous URL could potentially reach a server that is outside of Replit's control and the token used to connect to the Repl could be obtained by an attacker, leading to full compromise of that Repl (not of the account). This was patched in version 7.3.1 by updating the address of the fallback WebSocket polling proxy to the new one. As a workaround, a user may specify the new address for the polling host (`gp-v2.replit.com`) in the `ConnectArgs`. More information about this workaround is available in the GitHub Security Advisory.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43566 βΌ
π Read
via "National Vulnerability Database".
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed.π Read
via "National Vulnerability Database".