βΌ CVE-2022-24409 βΌ
π Read
via "National Vulnerability Database".
Only customers with active BSAFE maintenance contracts can receive details about this vulnerability. Public disclosure of the vulnerability details will be shared at a later date.π Read
via "National Vulnerability Database".
π΄ Cloud Storage Leaks Grew by 150% in 2021, New CybelAngel Report Reveals π΄
π Read
via "Dark Reading".
An increase in outsourced development projects also led to a 66% increase in source code leaks.π Read
via "Dark Reading".
Dark Reading
Cloud Storage Leaks Grew by 150% in 2021, New CybelAngel Report Reveals
An increase in outsourced development projects also led to a 66% increase in source code leaks.
π΄ Darktrace Acquires Attack Surface Management Company Cybersprint π΄
π Read
via "Dark Reading".
Through this acquisition, Darktrace gains a second European R&D centre in The Hague, Netherlands.π Read
via "Dark Reading".
Dark Reading
Darktrace Acquires Attack Surface Management Company Cybersprint
Through this acquisition, Darktrace gains a second European R&D centre in The Hague, Netherlands.
βΌ CVE-2022-23653 βΌ
π Read
via "National Vulnerability Database".
B2 Command Line Tool is the official command line tool for the backblaze cloud storage service. Linux and Mac releases of the B2 command-line tool version 3.2.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use (TOCTOU) race condition. The command line tool saves API keys (and bucket name-to-id mapping) in a local database file (`$XDG_CONFIG_HOME/b2/account_info`, `~/.b2_account_info` or a user-defined path) when `b2 authorize-account` is first run. This happens regardless of whether a valid key is provided or not. When first created, the file is world readable and is (typically a few milliseconds) later altered to be private to the user. If the directory is readable by a local attacker and the user did not yet run `b2 authorize-account` then during the brief period between file creation and permission modification, a local attacker can race to open the file and maintain a handle to it. This allows the local attacker to read the contents after the file after the sensitive information has been saved to it. Users that have not yet run `b2 authorize-account` should upgrade to B2 Command-Line Tool v3.2.1 before running it. Users that have run `b2 authorize-account` are safe if at the time of the file creation no other local users had read access to the local configuration file. Users that have run `b2 authorize-account` where the designated path could be opened by another local user should upgrade to B2 Command-Line Tool v3.2.1 and remove the database and regenerate all application keys. Note that `b2 clear-account` does not remove the database file and it should not be used to ensure that all open handles to the file are invalidated. If B2 Command-Line Tool cannot be upgraded to v3.2.1 due to a dependency conflict, a binary release can be used instead. Alternatively a new version could be installed within a virtualenv, or the permissions can be changed to prevent local users from opening the database file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23651 βΌ
π Read
via "National Vulnerability Database".
b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use (TOCTOU) race condition. SDK users of the SqliteAccountInfo format are vulnerable while users of the InMemoryAccountInfo format are safe. The SqliteAccountInfo saves API keys (and bucket name-to-id mapping) in a local database file ($XDG_CONFIG_HOME/b2/account_info, ~/.b2_account_info or a user-defined path). When first created, the file is world readable and is (typically a few milliseconds) later altered to be private to the user. If the directory containing the file is readable by a local attacker then during the brief period between file creation and permission modification, a local attacker can race to open the file and maintain a handle to it. This allows the local attacker to read the contents after the file after the sensitive information has been saved to it. Consumers of this SDK who rely on it to save data using SqliteAccountInfo class should upgrade to the latest version of the SDK. Those who believe a local user might have opened a handle using this race condition, should remove the affected database files and regenerate all application keys. Users should upgrade to b2-sdk-python 1.14.1 or later.π Read
via "National Vulnerability Database".
π2
βΌ CVE-2022-23655 βΌ
π Read
via "National Vulnerability Database".
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of OctoberCMS did not validate gateway server signatures. As a result non-authoritative gateway servers may be used to exfiltrate user private keys. Users are advised to upgrade their installations to build 474 or v1.1.10. The only known workaround is to manually apply the patch (e3b455ad587282f0fbcb7763c6d9c3d000ca1e6a) which adds server signature validation.π Read
via "National Vulnerability Database".
π1
ποΈ Zero-day XSS vulnerability in Horde webmail client can be triggered by file preview function ποΈ
π Read
via "The Daily Swig".
Researchers release details of unpatched security flawπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Zero-day XSS vulnerability in Horde webmail client can be triggered by file preview function
Researchers release details of unpatched security flaw
ποΈ US fraudster jailed over $300k business email compromise scheme ποΈ
π Read
via "The Daily Swig".
Scheme unraveled when defendant tried to cash ill-gotten gainsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
US fraudster jailed over $300k business email compromise scheme
Scheme unraveled when defendant tried to cash ill-gotten gains
β Apple AirTag anti-stalking protection bypassed by researchers β
π Read
via "Naked Security".
Problems with Apple's Tracker Detect system, which warns you of likely stalking attempts using hidden AirTags.π Read
via "Naked Security".
Naked Security
Apple AirTag anti-stalking protection bypassed by researchers
Problems with Appleβs Tracker Detect system, which warns you of likely stalking attempts using hidden AirTags.
π΄ New York Opens Joint Security Operations Center in NYC π΄
π Read
via "Dark Reading".
The "first-in-nation" cyber command center will provide municipal and local governments with threat intelligence and resources to defend themselves against cyberattacks.π Read
via "Dark Reading".
Dark Reading
New York Opens Joint Security Operations Center in NYC
The "first-in-nation" cyber command center will provide municipal and local governments with threat intelligence and resources to defend themselves against cyberattacks.
π1
β The Art of Non-boring Cybersec TrainingβPodcast β
π Read
via "Threat Post".
With human error being the common factor in most cyberattacks, employee training has got to get better. To that end, Trustwave cybersec training expert Darren Van Booven explains the importance of fish stress balls and management buy-in.π Read
via "Threat Post".
π΄ SaaS in the Enterprise: The Good, the Bad, and the Unknown π΄
π Read
via "Dark Reading".
SaaS offers many benefits to the enterprise, but security issues left unchecked can mitigate value.π Read
via "Dark Reading".
Dark Reading
SaaS in the Enterprise: The Good, the Bad, and the Unknown
SaaS offers many benefits to the enterprise, but security issues left unchecked can mitigate value.
βΌ CVE-2022-0695 βΌ
π Read
via "National Vulnerability Database".
Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.π Read
via "National Vulnerability Database".
β Cyberattackers Leverage DocuSign to Steal Microsoft Outlook Logins β
π Read
via "Threat Post".
A targeted phishing attack takes aim at a major U.S. payments company.π Read
via "Threat Post".
Threat Post
Cyberattackers Leverage DocuSign to Steal Microsoft Outlook Logins
A targeted phishing attack takes aim at a major U.S. payments company.
ποΈ Data wiper deployed in cyber-attacks targeting Ukrainian systems ποΈ
π Read
via "The Daily Swig".
Newly named βHermeticWiperβ malware discovered on hundreds of endpointsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Data wiper deployed in cyber-attacks targeting Ukrainian systems
Newly named βHermeticWiperβ malware discovered on hundreds of endpoints
π€―1
π΄ JupiterOne Unveils Starbase for Graph-Based ο»ΏSecurity π΄
π Read
via "Dark Reading".
The open source asset management tool lets security analysts collect asset information all across the organization's digital operations and run queries to understand their relationships.π Read
via "Dark Reading".
Dark Reading
JupiterOne Unveils Starbase for Graph-Based ο»ΏSecurity
The open source asset management tool lets security analysts collect asset information all across the organization's digital operations and run queries to understand their relationships.
π Packet Fence 11.2.0 π
π Read
via "Packet Storm Security".
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.π Read
via "Packet Storm Security".
Packetstormsecurity
Packet Fence 11.2.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Web Filtering and Compliances for Wi-Fi Providers β
π Read
via "Threat Post".
Demand for public Wi-Fi is on the rise. Usually free of charge, but there is a risk of expensive losses. Learn ways to protect yourself from cyber-threats.π Read
via "Threat Post".
Threat Post
Web Filtering and Compliances for Wi-Fi Providers
The demand for public Wi-Fi is increasing constantly due to the increase of smartphone owners and remote workers. Researchers at VPNMentor say that there are approximately 549 million Wi-Fi hotspots worldwide. Another survey by Semantic found that 87 percentβ¦
π΄ Illusive Launches Identity Risk Management Platform π΄
π Read
via "Dark Reading".
Illusive Spotlight automatically and continuously discovers and mitigates privileged identity risks, while Illusive Shadow protects against identity risks that can't be readily remediated.π Read
via "Dark Reading".
Dark Reading
Illusive Launches Identity Risk Management Platform
Illusive Spotlight automatically and continuously discovers and mitigates privileged identity risks, while Illusive Shadow protects against identity risks that can't be readily remediated.
π΄ Businesses Are at Significant Risk of Cybersecurity Breaches Due to Immature Security Hygiene and Posture Management Practices π΄
π Read
via "Dark Reading".
Seven out of 10 organizations experienced a cyberattack that started through the exploit of unknown or poorly managed technology assets, according to Enterprise Strategy Group research.π Read
via "Dark Reading".
Dark Reading
Businesses Are at Significant Risk of Cybersecurity Breaches Due to Immature Security Hygiene and Posture Management Practices
Seven out of 10 organizations experienced a cyberattack that started through the exploit of unknown or poorly managed technology assets, according to Enterprise Strategy Group research.
βΌ CVE-2022-24633 βΌ
π Read
via "National Vulnerability Database".
All versions of FileCloud prior to 21.3 are vulnerable to user enumeration. The vulnerability exists in the parameter "path" passing "/SHARED/<username>". A malicious actor could identify the existence of users by requesting share information on specified share paths.π Read
via "National Vulnerability Database".