‼ CVE-2022-23032 ‼
📖 Read
via "National Vulnerability Database".
In all versions before 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23015 ‼
📖 Read
via "National Vulnerability Database".
On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, and 14.1.2.6-14.1.4.4, when a Client SSL profile is configured on a virtual server with Client Certificate Authentication set to request/require and Session Ticket enabled and configured, processing SSL traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23017 ‼
📖 Read
via "National Vulnerability Database".
On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when a virtual server is configured with a DNS profile with the Rapid Response Mode setting enabled and is configured on a BIG-IP system, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
🕴 How Does Threat Modeling Work in Software Development? 🕴
📖 Read
via "Dark Reading".
Threat modeling should be a continuous process alongside development, not a one-time project.📖 Read
via "Dark Reading".
Dark Reading
How Does Threat Modeling Work in Software Development?
Threat modeling should be a continuous process alongside development, not a one-time project.
‼ CVE-2021-43799 ‼
📖 Read
via "National Vulnerability Database".
Zulip is an open-source team collaboration tool. Zulip Server installs RabbitMQ for internal message passing. In versions of Zulip Server prior to 4.9, the initial installation (until first reboot, or restart of RabbitMQ) does not successfully limit the default ports which RabbitMQ opens; this includes port 25672, the RabbitMQ distribution port, which is used as a management port. RabbitMQ's default "cookie" which protects this port is generated using a weak PRNG, which limits the entropy of the password to at most 36 bits; in practicality, the seed for the randomizer is biased, resulting in approximately 20 bits of entropy. If other firewalls (at the OS or network level) do not protect port 25672, a remote attacker can brute-force the 20 bits of entropy in the "cookie" and leverage it for arbitrary execution of code as the rabbitmq user. They can also read all data which is sent through RabbitMQ, which includes all message traffic sent by users. Version 4.9 contains a patch for this vulnerability. As a workaround, ensure that firewalls prevent access to ports 5672 and 25672 from outside the Zulip server.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23258 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Edge for Android Spoofing Vulnerability.📖 Read
via "National Vulnerability Database".
🕴 Threat Actors Use Microsoft OneDrive for Command-and-Control in Attack Campaign 🕴
📖 Read
via "Dark Reading".
Signs hint at Russia's APT28, aka Fancy Bear, being behind the attacks, according to new research.📖 Read
via "Dark Reading".
Dark Reading
Threat Actors Use Microsoft OneDrive for Command-and-Control in Attack Campaign
Signs hint at Russia's APT28, aka Fancy Bear, being behind the attacks, according to new research.
‼ CVE-2021-36294 ‼
📖 Read
via "National Vulnerability Database".
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker may exploit this vulnerability by forging a cookie to login as any user.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36347 ‼
📖 Read
via "National Vulnerability Database".
iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36295 ‼
📖 Read
via "National Vulnerability Database".
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36348 ‼
📖 Read
via "National Vulnerability Database".
iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to iDRAC.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36296 ‼
📖 Read
via "National Vulnerability Database".
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36289 ‼
📖 Read
via "National Vulnerability Database".
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36346 ‼
📖 Read
via "National Vulnerability Database".
Dell iDRAC 8 prior to version 2.82.82.82 contain a denial of service vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to deny access to the iDRAC webserver.📖 Read
via "National Vulnerability Database".
🕴 Revelstoke Launches With SOAR Platform to Automate SOCs 🕴
📖 Read
via "Dark Reading".
The SOAR platform helps CISOs automate the security operations center via a low-code/no-code platform.📖 Read
via "Dark Reading".
Dark Reading
Revelstoke Launches With SOAR Platform to Automate SOCs
The SOAR platform helps CISOs automate the security operations center via a low-code/no-code platform.
‼ CVE-2019-25056 ‼
📖 Read
via "National Vulnerability Database".
In Bromite through 78.0.3904.130, there are adblock rules in the release APK; therefore, probing which resources are blocked and which aren't can identify the application version and defeat the User-Agent protection mechanism.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0355 ‼
📖 Read
via "National Vulnerability Database".
Exposure of Sensitive Information to an Unauthorized Actor in NPM hiep-simple-get prior to 4.0.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46559 ‼
📖 Read
via "National Vulnerability Database".
The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46560 ‼
📖 Read
via "National Vulnerability Database".
The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to device damage.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23959 ‼
📖 Read
via "National Vulnerability Database".
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.📖 Read
via "National Vulnerability Database".
🕴 Fighting Supply Chain Email Attacks With AI 🕴
📖 Read
via "Dark Reading".
Supply chain account takeover is the most pressing issue facing email security today, but artificial intelligence can head off such attempts.📖 Read
via "Dark Reading".
Dark Reading
Fighting Supply Chain Email Attacks With AI
Supply chain account takeover is the most pressing issue facing email security today, but artificial intelligence can head off such attempts.