βοΈ IRS Will Soon Require Selfies for Online Access βοΈ
π Read
via "Krebs on Security".
If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me, an online identity verification service that requires applicants to submit copies of bills and identity documents, as well as a live video feed of their faces via a mobile device.π Read
via "Krebs on Security".
Krebs on Security
IRS Will Soon Require Selfies for Online Access
If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only wayβ¦
π΄ Cloud Adoption Widens the Cybersecurity Skills Gap π΄
π Read
via "Dark Reading".
No matter what cloud services you employ, you are still responsible for protecting the security of your data.π Read
via "Dark Reading".
Dark Reading
Cloud Adoption Widens the Cybersecurity Skills Gap
No matter what cloud services you employ, you are still responsible for protecting the security of your data.
β Box 2FA Bypass Opens User Accounts to Attack β
π Read
via "Threat Post".
A security bug in the file-sharing cloud app could have allowed attackers using stolen credentials to skate by one-time SMS code verification requirements.π Read
via "Threat Post".
Threat Post
Box 2FA Bypass Opens User Accounts to Attack
A security bug in the file-sharing cloud app could have allowed attackers using stolen credentials to skate by one-time SMS code verification requirements.
βΌ CVE-2021-44299 βΌ
π Read
via "National Vulnerability Database".
A reflected cross-site scripting (XSS) vulnerability in \lib\packages\themes\themes.php of Navigate CMS v2.9.4 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33912 βΌ
π Read
via "National Vulnerability Database".
libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of incorrect sprintf usage in SPF_record_expand_data in spf_expand.c. The vulnerable code may be part of the supply chain of a site's e-mail infrastructure (e.g., with additional configuration, Exim can use libspf2; the Postfix web site links to unofficial patches for use of libspf2 with Postfix; older versions of spfquery relied on libspf2) but most often is not.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22310 βΌ
π Read
via "National Vulnerability Database".
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23221 βΌ
π Read
via "National Vulnerability Database".
H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33913 βΌ
π Read
via "National Vulnerability Database".
libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of SPF_record_expand_data in spf_expand.c. The amount of overflowed data depends on the relationship between the length of an entire domain name and the length of its leftmost label. The vulnerable code may be part of the supply chain of a site's e-mail infrastructure (e.g., with additional configuration, Exim can use libspf2; the Postfix web site links to unofficial patches for use of libspf2 with Postfix; older versions of spfquery relied on libspf2) but most often is not.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46203 βΌ
π Read
via "National Vulnerability Database".
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0274 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in NPM cypress-orchardcore prior to 1.2.2.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46204 βΌ
π Read
via "National Vulnerability Database".
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerability via taocms\include\Model\Article.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42810 βΌ
π Read
via "National Vulnerability Database".
A flaw in the previous versions of the product may allow an authenticated attacker the ability to execute code as a privileged user on a system where the agent is installed.π Read
via "National Vulnerability Database".
π΄ When Patching Security Flaws, Smarter Trumps Faster π΄
π Read
via "Dark Reading".
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.π Read
via "Dark Reading".
Dark Reading
When Patching Security Flaws, Smarter Trumps Faster
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.
π΄ 5 AI and Cybersecurity Predictions for 2022 π΄
π Read
via "Dark Reading".
Among them: Explainable artificial intelligence (XAI) will improve the ways humans and AI interact, plus expect a shift in how organizations fight ransomware.π Read
via "Dark Reading".
Dark Reading
5 AI and Cybersecurity Predictions for 2022
Among them: Explainable artificial intelligence (XAI) will improve the ways humans and AI interact, plus expect a shift in how organizations fight ransomware.
π΄ 1Password Raises $620M Series C, Now Valued at $6.8B π΄
π Read
via "Dark Reading".
The massive funding round comes as the rise of cloud and remote work led to new threats and growing security and privacy concerns.π Read
via "Dark Reading".
Dark Reading
1Password Raises $620M Series C, Now Valued at $6.8B
The massive funding round comes as the rise of cloud and remote work led to new threats and growing security and privacy concerns.
π Europol, Feds Take VPN Used by Cybercriminals Offline π
π Read
via "".
The service was being used to carry out ransomware deployment and other cybercrime activities.π Read
via "".
Digital Guardian
Europol, Feds Take VPN Used by Cybercriminals Offline
The service was being used to carry out ransomware deployment and other cybercrime activities.
β Destructive Wiper Targeting Ukraine Aimed at Eroding Trust, Experts Say β
π Read
via "Threat Post".
Disruptive malware attacks on Ukrainian organizations (posing as ransomware attacks) are very likely part of Russiaβs wider effort to undermine Ukraineβs sovereignty, according to analysts.π Read
via "Threat Post".
Threat Post
Destructive Wiper Targeting Ukraine Aimed at Eroding Trust, Experts Say
Disruptive malware attacks on Ukrainian organizations (posing as ransomware attacks) are very likely part of Russiaβs wider effort to undermine Ukraineβs sovereignty, according to analysts.
π΄ What Happens to My Organization If APIs Are Compromised? π΄
π Read
via "Dark Reading".
Once attackers have obtained access, they can compromise other systems or pivot within your networks.π Read
via "Dark Reading".
Dark Reading
What Happens to My Organization If APIs Are Compromised?
Once attackers have obtained access, they can compromise other systems or pivot within your networks.
βΌ CVE-2022-0243 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore prior to 1.2.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22769 βΌ
π Read
via "National Vulnerability Database".
The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, TIBCO EBX Add-ons, TIBCO EBX Add-ons, TIBCO EBX Add-ons, and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.124 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, 5.9.14, and 5.9.15, TIBCO EBX: versions 6.0.0, 6.0.1, 6.0.2, and 6.0.3, TIBCO EBX Add-ons: versions 3.20.18 and below, TIBCO EBX Add-ons: versions 4.1.0, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5, and 4.5.6, TIBCO EBX Add-ons: versions 5.0.0, 5.0.1, 5.1.0, 5.1.1, and 5.2.0, and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.1.0 and below.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38789 βΌ
π Read
via "National Vulnerability Database".
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings.π Read
via "National Vulnerability Database".