βΌ CVE-2022-23232 βΌ
π Read
via "National Vulnerability Database".
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtains the user account status from Active Directory or Azure and will block S3 access for disabled user accounts during the subsequent background synchronization. User accounts that are expired or locked for Active Directory or Azure, or user accounts that are disabled, expired, or locked in identity sources other than Active Directory or Azure must be manually removed from group memberships or have their S3 keys manually removed from Tenant Manager in all versions of StorageGRID (formerly StorageGRID Webscale).π Read
via "National Vulnerability Database".
βΌ CVE-2022-26318 βΌ
π Read
via "National Vulnerability Database".
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.π Read
via "National Vulnerability Database".
π’ China's "most advanced" malware uncovered after nine years in operation π’
π Read
via "ITPro".
Daxin appears to be have used in a long-running espionage campaign against select government and critical infrastructure targetsπ Read
via "ITPro".
ITPro
China's "most advanced" malware uncovered after nine years in operation
Daxin appears to be have used in a long-running espionage campaign against select government and critical infrastructure targets
π’ Nvidia confirms data breach as hackers make additional demands π’
π Read
via "ITPro".
Nvidia has confirmed a rumoured hack on its systems for the first time as the first part of the alleged 1TB of company secrets is made available to downloadπ Read
via "ITPro".
ITPro
Nvidia confirms data breach as hackers make additional demands
Nvidia has confirmed a rumoured hack on its systems for the first time as the first part of the alleged 1TB of company secrets is made available to download
π’ The importance of a zero-trust model for hybrid working π’
π Read
via "ITPro".
How identity-based security solutions can help protect our dispersed workforcesπ Read
via "ITPro".
ITPro
The importance of a zero-trust model for hybrid working
How identity-based security solutions can help protect our dispersed workforces
π’ Conti source code leaked by Ukrainian researcher π’
π Read
via "ITPro".
Source code hits the public domain as fallout continues over ransomware group's support for Russiaπ Read
via "ITPro".
IT PRO
Conti source code leaked by Ukrainian researcher | IT PRO
Source code hits the public domain as fallout continues over ransomware group's support for Russia
π’ Why is the healthcare industry so vulnerable to ransomware? π’
π Read
via "ITPro".
Hospitals and other healthcare institutions must invest in cutting-edge backup solutions to protect themselves and their patientsβ dataπ Read
via "ITPro".
IT PRO
Why is the healthcare industry so vulnerable to ransomware? | IT PRO
Hospitals and other healthcare institutions must invest in cutting-edge backup solutions to protect themselves and their patientsβ data
π1
π’ Singapore to launch digital defence agency to counter growing cyber threats π’
π Read
via "ITPro".
Russian cyber tactics in Ukraine cited as reason behind new military armπ Read
via "ITPro".
IT PRO
Singapore to launch digital defence agency to counter growing cyber threats | IT PRO
Russian cyber tactics in Ukraine cited as reason behind new military arm
π’ How Telegram became Ukraine's biggest digital ally in the war π’
π Read
via "ITPro".
The messaging app has experienced a surge in demand as users flock to the platform for news and instructions on how to participate in the effort to thwart Russia's invasionπ Read
via "ITPro".
IT PRO
How Telegram became Ukraine's biggest digital ally in the war | IT PRO
The messaging app has experienced a surge in demand as users flock to the platform for news and instructions on how to participate in the effort to thwart Russia's invasion
π’ Big Tech enters fight against Russia's multi-pronged cyber offensive π’
π Read
via "ITPro".
Microsoft, Google, Meta, and Twitter have implemented measures to help dampen the impact of Russia's cyber attacks on Ukraineπ Read
via "ITPro".
ITPro
Big Tech enters fight against Russia's multi-pronged cyber offensive
Microsoft, Google, Meta, and Twitter have implemented measures to help dampen the impact of Russia's cyber attacks on Ukraine
π’ MWC 2022: Ukrainian protesters call for Russian tech boycott π’
π Read
via "ITPro".
The protestors are urging AWS to βshut downβ servers being used by Russian entitiesπ Read
via "ITPro".
IT PRO
MWC 2022: Ukrainian protesters call for Russian tech boycott | IT PRO
The protestors are urging AWS to βshut downβ servers being used by Russian entities
π’ Cyber attacks against the BBC increase 35% in two years π’
π Read
via "ITPro".
The broadcaster said it fended off nearly 50 million cyber attacks in just four months across 2021 and 2022π Read
via "ITPro".
IT PRO
Cyber attacks against the BBC increase 35% in two years | IT PRO
The broadcaster said it fended off nearly 50 million cyber attacks in just four months across 2021 and 2022
βοΈ Conti Ransomware Group Diaries, Part III: Weaponry βοΈ
π Read
via "Krebs on Security".
Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it's like to be an employee of Conti's sprawling organization. Today's Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the teamβs leaders strategized for the upper hand in ransom negotiations with victims.π Read
via "Krebs on Security".
Krebsonsecurity
Conti Ransomware Group Diaries, Part III: Weaponry
Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it's like to be an employee of Conti's sprawling organization. Today'sβ¦
βΌ CVE-2022-26484 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via Directory Traversal. By manipulating the resource name in GET requests referring to files with absolute paths, it is possible to access arbitrary files stored on the filesystem, including application source code, configuration files, and critical system files.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3737 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26483 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting (XSS) vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter (which reflect the user input without sanitization).π Read
via "National Vulnerability Database".
βΌ CVE-2021-27757 βΌ
π Read
via "National Vulnerability Database".
" Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information."π Read
via "National Vulnerability Database".
βΌ CVE-2021-3656 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25106 βΌ
π Read
via "National Vulnerability Database".
D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23915 βΌ
π Read
via "National Vulnerability Database".
The package weblate from 0 and before 4.11.1 are vulnerable to Remote Code Execution (RCE) via argument injection when using git or mercurial repositories. Authenticated users, can change the behavior of the application in an unintended way, leading to command execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0855 βΌ
π Read
via "National Vulnerability Database".
Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcs_plugin prior to 0.0.4.π Read
via "National Vulnerability Database".