βΌ CVE-2021-45420 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45421 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24686 βΌ
π Read
via "National Vulnerability Database".
HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. Fixed in 1.0.18, 1.1.12, and 1.2.6π Read
via "National Vulnerability Database".
π΄ (ISC)Β² to Pilot Online Proctored Exams for CISSP in U.S., U.K. and Singapore π΄
π Read
via "Dark Reading".
Second pilot program will assess feasibility and security of offering online exams to increase global accessibility for certification candidates.π Read
via "Dark Reading".
Dark Reading
(ISC)Β² to Pilot Online Proctored Exams for CISSP in U.S., U.K. and Singapore
Second pilot program will assess feasibility and security of offering online exams to increase global accessibility for certification candidates.
π΄ LogRhythm Unveils New Brand Identity π΄
π Read
via "Dark Reading".
Announcement comes in advance of new technology offerings in 2022.π Read
via "Dark Reading".
Dark Reading
LogRhythm Unveils New Brand Identity
Announcement comes in advance of new technology offerings in 2022.
π΄ One Identity Enhances Unified Identity Security Platform with CIEM, Application Governance and Teams Modules π΄
π Read
via "Dark Reading".
Plans to further advance vision for end-to-end identity security.π Read
via "Dark Reading".
Dark Reading
One Identity Enhances Unified Identity Security Platform with CIEM, Application Governance and Teams Modules
Plans to further advance vision for end-to-end identity security.
ποΈ Missouri prosecutor declines to file charges over βhackerβ allegation against reporter ποΈ
π Read
via "The Daily Swig".
Relief as controversial charges dropped tempered by fears about chilling effectπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Missouri prosecutor declines to file charges over βhackerβ allegation against reporter
Relief as controversial charges dropped tempered by fears about chilling effect
β Adobe: Zero-Day Magento 2 RCE Bug Under Active Attack β
π Read
via "Threat Post".
The vendor issued an emergency fix on Sunday, and eCommerce websites should update ASAP to avoid Magecart card-skimming attacks and other problems.π Read
via "Threat Post".
Threat Post
Adobe: Zero-Day Magento 2 RCE Bug Under Active Attack
The vendor issued an emergency fix on Sunday, and eCommerce websites should update ASAP to avoid Magecart card-skimming attacks and other problems.
βΌ CVE-2021-46371 βΌ
π Read
via "National Vulnerability Database".
antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to some interfaces in the foreground leads to leakage of sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0512 βΌ
π Read
via "National Vulnerability Database".
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6.π Read
via "National Vulnerability Database".
β βCities: Skylinesβ Gaming Modder Banned Over Hidden Malware β
π Read
via "Threat Post".
35K+ players were exposed to an auto-updater that planted a trojan that choked performance for fellow modders and Colossal Order employees.π Read
via "Threat Post".
Threat Post
βCities: Skylinesβ Gaming Modder Banned Over Hidden Malware
35K+ players were exposed to an auto-updater that planted a trojan that choked performance for fellow modders and Colossal Order employees.
βοΈ Wazawaka Goes Waka Waka βοΈ
π Read
via "Krebs on Security".
In January, KrebsOnSecurity examined clues left behind by "Wazawaka," the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since "lost his mind" according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists. In last month's story, we explored clues that led from Wazawaka's multitude of monikers, email addresses, and passwords to a 30-something father in Abakan, Russia named Mikhail Pavlovich Matveev. This post concerns itself with the other half of Wazawaka's identities not mentioned in the first story, such as how Wazawaka also ran the Babuk ransomware affiliate program, and later became "Orange," the founder of the ransomware-focused Dark Web forum known as "RAMP."π Read
via "Krebs on Security".
Krebs on Security
Wazawaka Goes Waka Waka
In January, KrebsOnSecurity examined clues left behind by "Wazawaka," the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since "lost his mind" according to his erstwhile colleagues, creating a Twitterβ¦
βΌ CVE-2022-22854 βΌ
π Read
via "National Vulnerability Database".
An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23367 βΌ
π Read
via "National Vulnerability Database".
Fulusso v1.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in /BindAccount/SuccessTips.js. This vulnerability allows attackers to inject malicious code into a victim user's device via open redirection.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39079 βΌ
π Read
via "National Vulnerability Database".
IBM Cognos Analytics Mobile for Android applications prior to version 1.1.14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 215592.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45392 βΌ
π Read
via "National Vulnerability Database".
A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in page /goform/setIPv6Status via the prefixDelegate parameter, which causes a Denial of Service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39080 βΌ
π Read
via "National Vulnerability Database".
Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used. IBM X-Force ID: 215593.π Read
via "National Vulnerability Database".
π Federal Advisory Highlights Increased Globalized Ransomware Threat π
π Read
via "".
A joint advisory on ransomware issued by the FBI, CISA, and the NSA recapped ransomware activity in 2021 and showed why the threat continues to loom large for enterprises.π Read
via "".
βΌ CVE-2022-0579 βΌ
π Read
via "National Vulnerability Database".
Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3.9.π Read
via "National Vulnerability Database".
βΌ CVE-2019-16864 βΌ
π Read
via "National Vulnerability Database".
CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25150 βΌ
π Read
via "National Vulnerability Database".
In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.π Read
via "National Vulnerability Database".