π Zeek 4.2.0 π
π Read
via "Packet Storm Security".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Zeek 4.2.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2021-44795 βΌ
π Read
via "National Vulnerability Database".
Single Connect does not perform an authorization check when using the "sc-assigned-credential-ui" module. A remote attacker could exploit this vulnerability to modify users permissions. The exploitation of this vulnerability might allow a remote attacker to delete permissions from other users without authenticating.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28096 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44794 βΌ
π Read
via "National Vulnerability Database".
Single Connect does not perform an authorization check when using the "sc-diagnostic-ui" module. A remote attacker could exploit this vulnerability to access the device information page. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23181 βΌ
π Read
via "National Vulnerability Database".
The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44793 βΌ
π Read
via "National Vulnerability Database".
Single Connect does not perform an authorization check when using the sc-reports-ui" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external file. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information including the database credentials. Since the database runs with high privileges it is possible to execute commands with the attained credentials.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44792 βΌ
π Read
via "National Vulnerability Database".
Single Connect does not perform an authorization check when using the "log-monitor" module. A remote attacker could exploit this vulnerability to access the logging interface. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0348 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.π Read
via "National Vulnerability Database".
π΄ Log4j Proved Public Disclosure Still Helps Attackers π΄
π Read
via "Dark Reading".
Disclosure also puts organizations in the awkward position of trying to mitigate a vulnerability without something like a vendor patch to do the job.π Read
via "Dark Reading".
Dark Reading
Log4j Proved Public Disclosure Still Helps Attackers
Disclosure also puts organizations in the awkward position of trying to mitigate a vulnerability without something like a vendor patch to do the job.
ποΈ Apple pays out $100k bounty for Safari webcam hack that imperiled victimsβ online accounts ποΈ
π Read
via "The Daily Swig".
Gatekeeper defenses prove no match for uXSS attackπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Apple pays out $100k bounty for Safari webcam hack that imperiled victimsβ online accounts
Gatekeeper defenses prove no match for uXSS attack
π΄ Censys Completes $35 Million Series B Funding Round Led by Intel Capital π΄
π Read
via "Dark Reading".
Also names Brad Brooks as new CEO.π Read
via "Dark Reading".
Dark Reading
Censys Completes $35 Million Series B Funding Round Led by Intel Capital
Also names Brad Brooks as new CEO.
π΄ Barracuda Expands Email and Endpoint Protection Capabilities in MSP Security Offerings π΄
π Read
via "Dark Reading".
Barracuda enhances SKOUT Managed XDR offering via new integration with Barracuda Email Protection and alliance with SentinelOne for endpoint protection.π Read
via "Dark Reading".
Dark Reading
Barracuda Expands Email and Endpoint Protection Capabilities in MSP Security Offerings
Barracuda enhances SKOUT Managed XDR offering via new integration with Barracuda Email Protection and alliance with SentinelOne for endpoint protection.
π¦Ώ Data Privacy Day: Security experts' tips for 2022 π¦Ώ
π Read
via "Tech Republic".
Data Privacy Day is a day to focus on best practices for ensuring private data remains that way. Learn insights and tips from security experts on the front lines.π Read
via "Tech Republic".
TechRepublic
Data Privacy Day: Security experts' tips for 2022
Data Privacy Day is a day to focus on best practices for ensuring private data remains that way. Learn insights and tips from security experts on the front lines.
π¦Ώ Patch now: A newly discovered critical Linux vulnerability probably affects your systems π¦Ώ
π Read
via "Tech Republic".
Dubbed PwnKit, it's been sitting in a user policy module used in Linux distros for over a decade and can be used by anyone to gain root privileges. Here's what you can do to protect your systems.π Read
via "Tech Republic".
TechRepublic
Patch now: A newly discovered critical Linux vulnerability probably affects your systems
Dubbed PwnKit, it's been sitting in a user policy module used in Linux distros for over a decade and can be used by anyone to gain root privileges. Here's what you can do to protect your systems.
π΄ With Cloud the Norm, Insiders Are Everywhere β and Pose Greater Risk π΄
π Read
via "Dark Reading".
After companies accelerated their adoption of cloud infrastructure, remote workers are now insiders and pose significant risks, and costs, to companies.π Read
via "Dark Reading".
Dark Reading
With Cloud the Norm, Insiders Are Everywhere β and Pose Greater Risk
After companies accelerated their adoption of cloud infrastructure, remote workers are now insiders and pose significant risks, and costs, to companies.
βΌ CVE-2021-46065 βΌ
π Read
via "National Vulnerability Database".
A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46088 βΌ
π Read
via "National Vulnerability Database".
Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46097 βΌ
π Read
via "National Vulnerability Database".
Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.php#action_logπ Read
via "National Vulnerability Database".
βΌ CVE-2021-46102 βΌ
π Read
via "National Vulnerability Database".
From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.st_value is read directly from ELF file without checking. If the sym.st_value is rather large, an integer overflow is triggered while calculating the variable "addr" via "addr = (sym.st_value + refd_pa) as u64";π Read
via "National Vulnerability Database".
βΌ CVE-2021-46377 βΌ
π Read
via "National Vulnerability Database".
There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUserπ Read
via "National Vulnerability Database".
π΄ Security Service Edge: 4 Core Tenets for Your SASE Journey π΄
π Read
via "Dark Reading".
Historically we've held network conversations to address security problems, but that doesn't work in a cloud-based world.π Read
via "Dark Reading".
Dark Reading
Security Service Edge: 4 Core Tenets for Your SASE Journey
Historically we've held network conversations to address security problems, but that doesn't work in a cloud-based world.