βοΈ IRS: Selfies Now Optional, Biometric Data to Be Deleted βοΈ
π Read
via "Krebs on Security".
The U.S. Internal Revenue Service (IRS) said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data, taxpayers can now opt for a live video interview with ID.me, the privately-held Virginia company that runs the agency's identity proofing system. The IRS also said any biometric data already shared with ID.me would be permanently deleted over the next few weeks, and any biometric data provided for new signups will be destroyed after an account is created.π Read
via "Krebs on Security".
Krebsonsecurity
IRS: Selfies Now Optional, Biometric Data to Be Deleted
The U.S. Internal Revenue Service (IRS) said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data, taxpayers can now opt for a live video interviewβ¦
π1
β Xenomorph Malware Burrows into Google Play Users, No Facehugger Required β
π Read
via "Threat Post".
Researchers discovered a new, modular banking trojan with ties to Cerberus and Alien that has the capability to become a much larger threat than it is now.π Read
via "Threat Post".
Threat Post
Xenomorph Malware Burrows into Google Play Users, No Facehugger Required
Researchers discovered a new, modular banking trojan with ties to Cerberus and Alien that has the capability to become a much larger threat than it is now.
βΌ CVE-2021-46162 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.1). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15048)π Read
via "National Vulnerability Database".
βΌ CVE-2022-0712 βΌ
π Read
via "National Vulnerability Database".
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46699 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.1). Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15061)π Read
via "National Vulnerability Database".
π DHS Privacy Office Wants More Ways to Protect Data π
π Read
via "".
The departmentβs Chief Privacy Officer is hoping to build systems designed to prioritize the protection and confidentiality of consumer information by design.π Read
via "".
Digital Guardian
DHS Privacy Office Wants More Ways to Protect Data
The departmentβs Chief Privacy Officer is hoping to build systems designed to prioritize the protection and confidentiality of consumer information by design.
π΄ Name That Toon: Out in the Cold π΄
π Read
via "Dark Reading".
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading".
Dark Reading
Name That Toon: Out in the Cold
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
β Cyberattackers Cook Up Employee Personal Data Heist for Meyer β
π Read
via "Threat Post".
The Conti gang breached the cookware giant's network, prepping thousands of employeesβ personal data for consumption by cybercrooks.π Read
via "Threat Post".
Threat Post
Cyberattackers Cook Up Employee Personal Data Heist for Meyer
The Conti gang breached the cookware giant's network, prepping thousands of employeesβ personal data for consumption by cybercrooks.
βΌ CVE-2022-0714 βΌ
π Read
via "National Vulnerability Database".
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23608 βΌ
π Read
via "National Vulnerability Database".
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior such as dialog list collision which eventually leading to endless loop. A patch is available in commit db3235953baa56d2fb0e276ca510fefca751643f which will be included in the next release. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0713 βΌ
π Read
via "National Vulnerability Database".
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23654 βΌ
π Read
via "National Vulnerability Database".
Wiki.js is a wiki app built on Node.js. In affected versions an authenticated user with write access on a restricted set of paths can update a page outside the allowed paths by specifying a different target page ID while keeping the path intact. The access control incorrectly check the path access against the user-provided values instead of the actual path associated to the page ID. Commit https://github.com/Requarks/wiki/commit/411802ec2f654bb5ed1126c307575b81e2361c6b fixes this vulnerability by checking access control on the path associated with the page ID instead of the user-provided value. When the path is different than the current value, a second access control check is then performed on the user-provided path before the move operation.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23652 βΌ
π Read
via "National Vulnerability Database".
capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious `Connection` header to start a privilege escalation attack towards the Kubernetes API Server. This vulnerability allows for an exploit of the `cluster-admin` Role bound to `capsule-proxy`. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
β Gaming, Banking Trojans Dominate Mobile Malware Scene β
π Read
via "Threat Post".
The overall number of attacks on mobile users is down, but they're getting slicker, both in terms of malware functionality and vectors, researchers say.π Read
via "Threat Post".
Threat Post
Gaming, Banking Trojans Dominate Mobile Malware Scene
The overall number of attacks on mobile users is down, but they're getting slicker, both in terms of malware functionality and vectors, researchers say.
π΄ More Orgs Suffered Successful Phishing Attacks in 2021 Than in 2020 π΄
π Read
via "Dark Reading".
Threat actors maintained their relentless attacks on enterprise end users for yet another year, new study shows.π Read
via "Dark Reading".
Dark Reading
More Orgs Suffered Successful Phishing Attacks in 2021 Than in 2020
Threat actors maintained their relentless attacks on enterprise end users for yet another year, new study shows.
π΄ GitHub Opens Security Database to Community Contributions π΄
π Read
via "Dark Reading".
The Microsoft company will allow community members to add information and code samples to security advisories using the standard pull request to change the document.π Read
via "Dark Reading".
Dark Reading
GitHub Opens Security Database to Community Contributions
The Microsoft company will allow community members to add information and code samples to security advisories using the standard pull request to change the document.
βΌ CVE-2022-23635 βΌ
π Read
via "National Vulnerability Database".
Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent.π Read
via "National Vulnerability Database".
π΄ Hikvision Network Cyber-Protect Helps Ensure Physical Cybersecurity Protection π΄
π Read
via "Dark Reading".
Combines technology, education and tools to help dealers protect networked security systems.π Read
via "Dark Reading".
Dark Reading
Hikvision Network Cyber-Protect Helps Ensure Physical Cybersecurity Protection
Combines technology, education and tools to help dealers protect networked security systems.
π΄ Palo Alto Networks Introduces the Autonomous Security Platform, Cortex XSIAM π΄
π Read
via "Dark Reading".
The new AI-driven platform brings threat response times from days to minutes and provides a modern alternative to SIEM. Cortex XSIAM is currently available to a limited set of customers with general availability expected later this year.π Read
via "Dark Reading".
Dark Reading
Palo Alto Networks Introduces the Autonomous Security Platform, Cortex XSIAM
The new AI-driven platform brings threat response times from days to minutes and provides a modern alternative to SIEM. Cortex XSIAM is currently available to a limited set of customers with general availability expected later this year.
π΄ Log4j Remediation Took Weeks or More for Over 50% of Organizations π΄
π Read
via "Dark Reading".
ISC(2) survey also found that half of cybersecurity teams worldwide worked on fixing Log4j issues on weekends and during time off.π Read
via "Dark Reading".
Dark Reading
Log4j Remediation Took Weeks or More for Over 50% of Organizations
(ISC)Β² survey also found that half of cybersecurity teams worldwide worked on fixing Log4j issues on weekends and during time off.
βΌ CVE-2022-23612 βΌ
π Read
via "National Vulnerability Database".
OpenMRS is a patient-based medical record system focusing on giving providers a free customizable electronic medical record system. Affected versions are subject to arbitrary file exfiltration due to failure to sanitize request when satisfying GET requests for `/images` & `/initfilter/scripts`. This can allow an attacker to access any file on a system running OpenMRS that is accessible to the user id OpenMRS is running under. Affected implementations should update to the latest patch version of OpenMRS Core for the minor version they use. These are: 2.1.5, 2.2.1, 2.3.5, 2.4.5 and 2.5.3. As a general rule, this vulnerability is already mitigated by Tomcat's URL normalization in Tomcat 7.0.28+. Users on older versions of Tomcat should consider upgrading their Tomcat instance as well as their OpenMRS instance.π Read
via "National Vulnerability Database".