‼ CVE-2022-23635 ‼
📖 Read
via "National Vulnerability Database".
Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent.📖 Read
via "National Vulnerability Database".
🕴 Hikvision Network Cyber-Protect Helps Ensure Physical Cybersecurity Protection 🕴
📖 Read
via "Dark Reading".
Combines technology, education and tools to help dealers protect networked security systems.📖 Read
via "Dark Reading".
Dark Reading
Hikvision Network Cyber-Protect Helps Ensure Physical Cybersecurity Protection
Combines technology, education and tools to help dealers protect networked security systems.
🕴 Palo Alto Networks Introduces the Autonomous Security Platform, Cortex XSIAM 🕴
📖 Read
via "Dark Reading".
The new AI-driven platform brings threat response times from days to minutes and provides a modern alternative to SIEM. Cortex XSIAM is currently available to a limited set of customers with general availability expected later this year.📖 Read
via "Dark Reading".
Dark Reading
Palo Alto Networks Introduces the Autonomous Security Platform, Cortex XSIAM
The new AI-driven platform brings threat response times from days to minutes and provides a modern alternative to SIEM. Cortex XSIAM is currently available to a limited set of customers with general availability expected later this year.
🕴 Log4j Remediation Took Weeks or More for Over 50% of Organizations 🕴
📖 Read
via "Dark Reading".
ISC(2) survey also found that half of cybersecurity teams worldwide worked on fixing Log4j issues on weekends and during time off.📖 Read
via "Dark Reading".
Dark Reading
Log4j Remediation Took Weeks or More for Over 50% of Organizations
(ISC)² survey also found that half of cybersecurity teams worldwide worked on fixing Log4j issues on weekends and during time off.
‼ CVE-2022-23612 ‼
📖 Read
via "National Vulnerability Database".
OpenMRS is a patient-based medical record system focusing on giving providers a free customizable electronic medical record system. Affected versions are subject to arbitrary file exfiltration due to failure to sanitize request when satisfying GET requests for `/images` & `/initfilter/scripts`. This can allow an attacker to access any file on a system running OpenMRS that is accessible to the user id OpenMRS is running under. Affected implementations should update to the latest patch version of OpenMRS Core for the minor version they use. These are: 2.1.5, 2.2.1, 2.3.5, 2.4.5 and 2.5.3. As a general rule, this vulnerability is already mitigated by Tomcat's URL normalization in Tomcat 7.0.28+. Users on older versions of Tomcat should consider upgrading their Tomcat instance as well as their OpenMRS instance.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21656 ‼
📖 Read
via "National Vulnerability Database".
Envoy is an open source edge and service proxy, designed for cloud-native applications. The default_validator.cc implementation used to implement the default certificate validation routines has a "type confusion" bug when processing subjectAltNames. This processing allows, for example, an rfc822Name or uniformResourceIndicator to be authenticated as a domain name. This confusion allows for the bypassing of nameConstraints, as processed by the underlying OpenSSL/BoringSSL implementation, exposing the possibility of impersonation of arbitrary servers. As a result Envoy will trust upstream certificates that should not be trusted.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23606 ‼
📖 Read
via "National Vulnerability Database".
Envoy is an open source edge and service proxy, designed for cloud-native applications. When a cluster is deleted via Cluster Discovery Service (CDS) all idle connections established to endpoints in that cluster are disconnected. A recursion was introduced in the procedure of disconnecting idle connections that can lead to stack exhaustion and abnormal process termination when a cluster has a large number of idle connections. This infinite recursion causes Envoy to crash. Users are advised to upgrade.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0654 ‼
📖 Read
via "National Vulnerability Database".
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository fgribreau/node-request-retry prior to 7.0.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43824 ‼
📖 Read
via "National Vulnerability Database".
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions a crafted request crashes Envoy when a CONNECT request is sent to JWT filter configured with regex match. This provides a denial of service attack vector. The only workaround is to not use regex in the JWT filter. Users are advised to upgrade.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21654 ‼
📖 Read
via "National Vulnerability Database".
Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43825 ‼
📖 Read
via "National Vulnerability Database".
Envoy is an open source edge and service proxy, designed for cloud-native applications. Sending a locally generated response must stop further processing of request or response data. Envoy tracks the amount of buffered request and response data and aborts the request if the amount of buffered data is over the limit by sending 413 or 500 responses. However when the buffer overflows while response is processed by the filter chain the operation may not be aborted correctly and result in accessing a freed memory block. If this happens Envoy will crash resulting in a denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21657 ‼
📖 Read
via "National Vulnerability Database".
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, to only those certificates that contain the necessary extendedKeyUsage (id-kp-serverAuth and id-kp-clientAuth, respectively). This means that a peer may present an e-mail certificate (e.g. id-kp-emailProtection), either as a leaf certificate or as a CA in the chain, and it will be accepted for TLS. This is particularly bad when combined with the issue described in pull request #630, in that it allows a Web PKI CA that is intended only for use with S/MIME, and thus exempted from audit or supervision, to issue TLS certificates that will be accepted by Envoy. As a result Envoy will trust upstream certificates that should not be trusted. There are no known workarounds to this issue. Users are advised to upgrade.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43826 ‼
📖 Read
via "National Vulnerability Database".
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions of Envoy a crash occurs when configured for :ref:`upstream tunneling <envoy_v3_api_field_extensions.filters.network.tcp_proxy.v3.TcpProxy.tunneling_config>` and the downstream connection disconnects while the the upstream connection or http/2 stream is still being established. There are no workarounds for this issue. Users are advised to upgrade.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21655 ‼
📖 Read
via "National Vulnerability Database".
Envoy is an open source edge and service proxy, designed for cloud-native applications. The envoy common router will segfault if an internal redirect selects a route configured with direct response or redirect actions. This will result in a denial of service. As a workaround turn off internal redirects if direct response entries are configured on the same listener.📖 Read
via "National Vulnerability Database".
📢 Novel phishing method deceives users with ubiquitous IT support tool 📢
📖 Read
via "ITPro".
The man-in-the-middle attack can be used for a range of nefarious purposes, including credential theft and malicious code injection📖 Read
via "ITPro".
IT PRO
Novel phishing method deceives users with ubiquitous IT support tool | IT PRO
The man-in-the-middle attack can be used for a range of nefarious purposes, including credential theft and malicious code injection
📢 Hackers caught dropping malware into Microsoft Teams chats 📢
📖 Read
via "ITPro".
The self-administering files can take complete control of a user's system after a single click📖 Read
via "ITPro".
ITPro
Hackers caught dropping malware into Microsoft Teams chats
The self-administering files can take complete control of a user's system after a single click
📢 Cisco patches bug that could break its email security service with a single message 📢
📖 Read
via "ITPro".
A carefully crafted email could freeze Cisco's Email Security Appliance interface and stop it processing messages📖 Read
via "ITPro".
IT PRO
Cisco patches bug that could break its email security service with a single message | IT PRO
A carefully crafted email could freeze Cisco's Email Security Appliance interface and stop it processing messages
📢 UK, US officials say Russia was behind DDoS attacks against Ukraine 📢
📖 Read
via "ITPro".
The Russian Embassy in the US slammed the accusations as "baseless statements"📖 Read
via "ITPro".
IT PRO
UK, US officials say Russia was behind DDoS attacks against Ukraine | IT PRO
The Russian Embassy in the US slammed the accusations as "baseless statements"
📢 Australian firms reported 464 data breaches in second half of 2021 📢
📖 Read
via "ITPro".
Malicious or criminal attacks remain the leading source of incidents, accounting for 55% of the total📖 Read
via "ITPro".
IT PRO
Australian firms reported 464 data breaches in second half of 2021 | IT PRO
Malicious or criminal attacks remain the leading source of incidents, accounting for 55% of the total
📢 Nokia debuts new SaaS services in security and analytics 📢
📖 Read
via "ITPro".
The offerings accelerate time-to-value while focusing on analytics, security, and monetization📖 Read
via "ITPro".
IT PRO
Nokia debuts new SaaS services in security and analytics | IT PRO
The offerings accelerate time-to-value while focusing on analytics, security, and monetization
📢 GitHub goes open source on security research 📢
📖 Read
via "ITPro".
Community members, enthusiasts, researchers, and academics are now able to submit their own research to widen the understanding of security vulnerabilities📖 Read
via "ITPro".
IT PRO
GitHub goes open source on security research | IT PRO
Community members, enthusiasts, researchers, and academics are now able to submit their own research to widen the understanding of security vulnerabilities