βΌ CVE-2022-22336 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4070 βΌ
π Read
via "National Vulnerability Database".
Off-by-one Error in GitHub repository v2fly/v2ray-core prior to 4.44.0.π Read
via "National Vulnerability Database".
βΌ CVE-2022-21705 βΌ
π Read
via "National Vulnerability Database".
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass `cms.safe_mode` / `cms.enableSafeMode` in order to execute arbitrary code. This issue only affects admin panels that rely on safe mode and restricted permissions. To exploit this vulnerability, an attacker must first have access to the backend area. The issue has been patched in Build 474 (v1.0.474) and v1.1.10. Users unable to upgrade should apply https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe to your installation manually.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22333 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned inside the Secure Zone could submit a specially crafted HTTP request to disrupt service. IBM X-Force ID: 219133.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0731 βΌ
π Read
via "National Vulnerability Database".
Improper Access Control (IDOR) in GitHub repository dolibarr/dolibarr prior to 16.0.π Read
via "National Vulnerability Database".
β Samsung Shattered Encryption on 100M Phones β
π Read
via "Threat Post".
One cryptography expert said that 'serious flaws' in the way Samsung phones encrypt sensitive material, as revealed by academics, are 'embarrassingly bad.'π Read
via "Threat Post".
Threat Post
Samsung Shattered Encryption on 100M Phones
'Serious flaws' in the way Samsung phones encrypt sensitive material, as revealed by academics from Tel Aviv U, are 'embarrassingly bad.'
βΌ CVE-2022-24409 βΌ
π Read
via "National Vulnerability Database".
Only customers with active BSAFE maintenance contracts can receive details about this vulnerability. Public disclosure of the vulnerability details will be shared at a later date.π Read
via "National Vulnerability Database".
π΄ Cloud Storage Leaks Grew by 150% in 2021, New CybelAngel Report Reveals π΄
π Read
via "Dark Reading".
An increase in outsourced development projects also led to a 66% increase in source code leaks.π Read
via "Dark Reading".
Dark Reading
Cloud Storage Leaks Grew by 150% in 2021, New CybelAngel Report Reveals
An increase in outsourced development projects also led to a 66% increase in source code leaks.
π΄ Darktrace Acquires Attack Surface Management Company Cybersprint π΄
π Read
via "Dark Reading".
Through this acquisition, Darktrace gains a second European R&D centre in The Hague, Netherlands.π Read
via "Dark Reading".
Dark Reading
Darktrace Acquires Attack Surface Management Company Cybersprint
Through this acquisition, Darktrace gains a second European R&D centre in The Hague, Netherlands.
βΌ CVE-2022-23653 βΌ
π Read
via "National Vulnerability Database".
B2 Command Line Tool is the official command line tool for the backblaze cloud storage service. Linux and Mac releases of the B2 command-line tool version 3.2.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use (TOCTOU) race condition. The command line tool saves API keys (and bucket name-to-id mapping) in a local database file (`$XDG_CONFIG_HOME/b2/account_info`, `~/.b2_account_info` or a user-defined path) when `b2 authorize-account` is first run. This happens regardless of whether a valid key is provided or not. When first created, the file is world readable and is (typically a few milliseconds) later altered to be private to the user. If the directory is readable by a local attacker and the user did not yet run `b2 authorize-account` then during the brief period between file creation and permission modification, a local attacker can race to open the file and maintain a handle to it. This allows the local attacker to read the contents after the file after the sensitive information has been saved to it. Users that have not yet run `b2 authorize-account` should upgrade to B2 Command-Line Tool v3.2.1 before running it. Users that have run `b2 authorize-account` are safe if at the time of the file creation no other local users had read access to the local configuration file. Users that have run `b2 authorize-account` where the designated path could be opened by another local user should upgrade to B2 Command-Line Tool v3.2.1 and remove the database and regenerate all application keys. Note that `b2 clear-account` does not remove the database file and it should not be used to ensure that all open handles to the file are invalidated. If B2 Command-Line Tool cannot be upgraded to v3.2.1 due to a dependency conflict, a binary release can be used instead. Alternatively a new version could be installed within a virtualenv, or the permissions can be changed to prevent local users from opening the database file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23651 βΌ
π Read
via "National Vulnerability Database".
b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use (TOCTOU) race condition. SDK users of the SqliteAccountInfo format are vulnerable while users of the InMemoryAccountInfo format are safe. The SqliteAccountInfo saves API keys (and bucket name-to-id mapping) in a local database file ($XDG_CONFIG_HOME/b2/account_info, ~/.b2_account_info or a user-defined path). When first created, the file is world readable and is (typically a few milliseconds) later altered to be private to the user. If the directory containing the file is readable by a local attacker then during the brief period between file creation and permission modification, a local attacker can race to open the file and maintain a handle to it. This allows the local attacker to read the contents after the file after the sensitive information has been saved to it. Consumers of this SDK who rely on it to save data using SqliteAccountInfo class should upgrade to the latest version of the SDK. Those who believe a local user might have opened a handle using this race condition, should remove the affected database files and regenerate all application keys. Users should upgrade to b2-sdk-python 1.14.1 or later.π Read
via "National Vulnerability Database".
π2
βΌ CVE-2022-23655 βΌ
π Read
via "National Vulnerability Database".
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of OctoberCMS did not validate gateway server signatures. As a result non-authoritative gateway servers may be used to exfiltrate user private keys. Users are advised to upgrade their installations to build 474 or v1.1.10. The only known workaround is to manually apply the patch (e3b455ad587282f0fbcb7763c6d9c3d000ca1e6a) which adds server signature validation.π Read
via "National Vulnerability Database".
π1
ποΈ Zero-day XSS vulnerability in Horde webmail client can be triggered by file preview function ποΈ
π Read
via "The Daily Swig".
Researchers release details of unpatched security flawπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Zero-day XSS vulnerability in Horde webmail client can be triggered by file preview function
Researchers release details of unpatched security flaw
ποΈ US fraudster jailed over $300k business email compromise scheme ποΈ
π Read
via "The Daily Swig".
Scheme unraveled when defendant tried to cash ill-gotten gainsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
US fraudster jailed over $300k business email compromise scheme
Scheme unraveled when defendant tried to cash ill-gotten gains
β Apple AirTag anti-stalking protection bypassed by researchers β
π Read
via "Naked Security".
Problems with Apple's Tracker Detect system, which warns you of likely stalking attempts using hidden AirTags.π Read
via "Naked Security".
Naked Security
Apple AirTag anti-stalking protection bypassed by researchers
Problems with Appleβs Tracker Detect system, which warns you of likely stalking attempts using hidden AirTags.
π΄ New York Opens Joint Security Operations Center in NYC π΄
π Read
via "Dark Reading".
The "first-in-nation" cyber command center will provide municipal and local governments with threat intelligence and resources to defend themselves against cyberattacks.π Read
via "Dark Reading".
Dark Reading
New York Opens Joint Security Operations Center in NYC
The "first-in-nation" cyber command center will provide municipal and local governments with threat intelligence and resources to defend themselves against cyberattacks.
π1
β The Art of Non-boring Cybersec TrainingβPodcast β
π Read
via "Threat Post".
With human error being the common factor in most cyberattacks, employee training has got to get better. To that end, Trustwave cybersec training expert Darren Van Booven explains the importance of fish stress balls and management buy-in.π Read
via "Threat Post".
π΄ SaaS in the Enterprise: The Good, the Bad, and the Unknown π΄
π Read
via "Dark Reading".
SaaS offers many benefits to the enterprise, but security issues left unchecked can mitigate value.π Read
via "Dark Reading".
Dark Reading
SaaS in the Enterprise: The Good, the Bad, and the Unknown
SaaS offers many benefits to the enterprise, but security issues left unchecked can mitigate value.
βΌ CVE-2022-0695 βΌ
π Read
via "National Vulnerability Database".
Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.π Read
via "National Vulnerability Database".
β Cyberattackers Leverage DocuSign to Steal Microsoft Outlook Logins β
π Read
via "Threat Post".
A targeted phishing attack takes aim at a major U.S. payments company.π Read
via "Threat Post".
Threat Post
Cyberattackers Leverage DocuSign to Steal Microsoft Outlook Logins
A targeted phishing attack takes aim at a major U.S. payments company.
ποΈ Data wiper deployed in cyber-attacks targeting Ukrainian systems ποΈ
π Read
via "The Daily Swig".
Newly named βHermeticWiperβ malware discovered on hundreds of endpointsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Data wiper deployed in cyber-attacks targeting Ukrainian systems
Newly named βHermeticWiperβ malware discovered on hundreds of endpoints
π€―1