π΄ Redefining the CISO-CIO Relationship π΄
π Read
via "Dark Reading".
While these roles have different needs, drivers, and objectives, they should complement each other rather than compete with one another.π Read
via "Dark Reading".
Dark Reading
Redefining the CISO-CIO Relationship
While these roles have different needs, drivers, and objectives, they should complement each other rather than compete with one another.
ποΈ GitLab shifts left to patch high-impact vulnerabilities ποΈ
π Read
via "The Daily Swig".
HackerOne bug bounty reports triagedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
GitLab shifts left to patch high-impact vulnerabilities
HackerOne bug bounty reports triaged
π Clam AntiVirus Toolkit 0.104.2 π
π Read
via "Packet Storm Security".
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.π Read
via "Packet Storm Security".
Packetstormsecurity
Clam AntiVirus Toolkit 0.104.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2021-23824 βΌ
π Read
via "National Vulnerability Database".
This affects the package Crow before 0.3+4. When using attributes without quotes in the template, an attacker can manipulate the input to introduce additional attributes, potentially executing code. This may lead to a Cross-site Scripting (XSS) vulnerability, assuming an attacker can influence the value entered into the template. If the template is used to render user-generated content, this vulnerability may escalate to a persistent XSS vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23131 βΌ
π Read
via "National Vulnerability Database".
In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).π Read
via "National Vulnerability Database".
βΌ CVE-2022-23132 βΌ
π Read
via "National Vulnerability Database".
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system levelπ Read
via "National Vulnerability Database".
βΌ CVE-2022-23133 βΌ
π Read
via "National Vulnerability Database".
An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40327 βΌ
π Read
via "National Vulnerability Database".
Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key (held by the Crypto service) based solely on knowledge of its key ID. For example, there is no authorization check associated with the relationship between a caller and a key owner.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23134 βΌ
π Read
via "National Vulnerability Database".
After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.π Read
via "National Vulnerability Database".
π¦Ώ New study reveals phishing simulations might not be effective in training users π¦Ώ
π Read
via "Tech Republic".
A new study at unprecedented scale revealed that embedded phishing training in simulations run by organizations doesn't work well. Yet crowd-sourcing phishing detection is.π Read
via "Tech Republic".
TechRepublic
New study reveals phishing simulations might not be effective in training users
A new study at unprecedented scale revealed that embedded phishing training in simulations run by organizations doesn't work well. Yet crowd-sourcing phishing detection is.
β US Military Ties Prolific MuddyWater Cyberespionage APT to Iran β
π Read
via "Threat Post".
US Cyber Command linked the group to Iranian intelligence and detailed its multi-pronged, increasingly sophisticated suite of malware tools.π Read
via "Threat Post".
Threat Post
US Military Ties Prolific MuddyWater Cyberespionage APT to Iran
US Cyber Command linked the group to Iranian intelligence and detailed its multi-pronged, increasingly sophisticated suite of malware tools.
π΄ How Cybercriminals Are Cashing in on the Culture of 'Yes' π΄
π Read
via "Dark Reading".
The reward is always front of mind, while the potential harm of giving out a phone number doesn't immediately reveal itself.π Read
via "Dark Reading".
Dark Reading
How Cybercriminals Are Cashing in on the Culture of 'Yes'
The reward is always front of mind, while the potential harm of giving out a phone number doesn't immediately reveal itself.
π΄ New Vulnerabilities Highlight Risks of Trust in Public Cloud π΄
π Read
via "Dark Reading".
Major cloud providers are vulnerable to exploitation because a single flaw can be turned into a global attack using trusted core services.π Read
via "Dark Reading".
Dark Reading
New Vulnerabilities Highlight Risks of Trust in Public Cloud
Major cloud providers are vulnerable to exploitation because a single flaw can be turned into a global attack using trusted core services.
βΌ CVE-2022-22123 βΌ
π Read
via "National Vulnerability Database".
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article title. An authenticated attacker can inject arbitrary javascript code that will execute on a victimΓ’β¬β’s server.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40567 βΌ
π Read
via "National Vulnerability Database".
Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gf_odf_size_descriptor function in desc_private.c when using mp4box, which causes a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40570 βΌ
π Read
via "National Vulnerability Database".
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avc_compute_poc function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40568 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22125 βΌ
π Read
via "National Vulnerability Database".
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article tag. An authenticated admin attacker can inject arbitrary javascript code that will execute on a victimΓ’β¬β’s server.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22124 βΌ
π Read
via "National Vulnerability Database".
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the profile image. An authenticated attacker can upload a carefully crafted SVG file that will trigger arbitrary javascript to run on a victimΓ’β¬β’s browser.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39056 βΌ
π Read
via "National Vulnerability Database".
The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server (EDRSQL) could allow a remote authenticated user to send a specially crafted request and cause a denial of service. IBM X-Force ID: 214537.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40813 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in the "Zip content" feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames.π Read
via "National Vulnerability Database".