βΌ CVE-2022-24713 βΌ
π Read
via "National Vulnerability Database".
regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24715 βΌ
π Read
via "National Vulnerability Database".
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41241 βΌ
π Read
via "National Vulnerability Database".
Nextcloud server is a self hosted system designed to provide cloud style services. The groupfolders application for Nextcloud allows sharing a folder with a group of people. In addition, it allows setting "advanced permissions" on subfolders, for example, a user could be granted access to the groupfolder but not specific subfolders. Due to a lacking permission check in affected versions, a user could still access these subfolders by copying the groupfolder to another location. It is recommended that the Nextcloud Server is upgraded to 20.0.14, 21.0.6 or 22.2.1. Users unable to upgrade should disable the "groupfolders" application in the admin settings.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24716 βΌ
π Read
via "National Vulnerability Database".
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24714 βΌ
π Read
via "National Vulnerability Database".
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Installations of Icinga 2 with the IDO writer enabled are affected. If you use service custom variables in role restrictions, and you regularly decommission service objects, users with said roles may still have access to a collection of content. Note that this only applies if a role has implicitly permitted access to hosts, due to permitted access to at least one of their services. If access to a host is permitted by other means, no sensible information has been disclosed to unauthorized users. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2.π Read
via "National Vulnerability Database".
β Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday β
π Read
via "Threat Post".
The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug.π Read
via "Threat Post".
Threat Post
Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday
The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug.
π1
π΄ Microsoft Patches Critical Exchange Server Flaw π΄
π Read
via "Dark Reading".
Remote code execution vulnerability among 71 bug fixes issued in March Patch Tuesday.π Read
via "Dark Reading".
Dark Reading
Microsoft Patches Critical Exchange Server Flaw
Remote code execution vulnerability among 71 bug fixes issued in March Patch Tuesday.
βΌ CVE-2022-26337 βΌ
π Read
via "National Vulnerability Database".
Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26319 βΌ
π Read
via "National Vulnerability Database".
An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24739 βΌ
π Read
via "National Vulnerability Database".
alltube is an html front end for youtube-dl. On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack (depending on how AllTube is configured). The impact is mitigated by the fact the SSRF attack is only possible when the `stream` option is enabled in the configuration. (This option is disabled by default.) 3.0.3 contains a fix for this vulnerability.π Read
via "National Vulnerability Database".
βοΈ Internet Backbone Giant Lumen Shuns .RU βοΈ
π Read
via "Krebs on Security".
Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the world's Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen's decision comes just days after a similar exit by backbone provider Cogent, and amid a news media crackdown in Russia that has already left millions of Russians in the dark about what is really going on with their president's war in Ukraine.π Read
via "Krebs on Security".
Krebsonsecurity
Internet Backbone Giant Lumen Shuns .RU
Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the world's Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen's decision comesβ¦
βΌ CVE-2022-0881 βΌ
π Read
via "National Vulnerability Database".
Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1.π Read
via "National Vulnerability Database".
β βDirty Pipeβ Linux kernel bug lets anyone write to any file β
π Read
via "Naked Security".
Even read-only files can be written to, leading to a dangerously general purpose elevation-of-privilege attack.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2022-0482 βΌ
π Read
via "National Vulnerability Database".
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0896 βΌ
π Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3.π Read
via "National Vulnerability Database".
π1
ποΈ Government agencies in Ukraine targeted in cyber-attacks deploying MicroBackdoor malware ποΈ
π Read
via "The Daily Swig".
A number of state bodies have been attacked since Russiaβs invasion beganπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Government agencies in Ukraine targeted in cyber-attacks deploying MicroBackdoor malware
A number of state bodies have been attacked since Russiaβs invasion began
β Russian APTs Furiously Phish Ukraine β Google β
π Read
via "Threat Post".
Also on the rise: DDoS attacks against Ukrainian sites and phishing activity capitalizing on the conflict, with China's Mustang Panda targeting Europe.π Read
via "Threat Post".
Threat Post
Russian APTs Furiously Phish Ukraine β Google
Also on the rise: DDoS attacks against Ukrainian sites and phishing activity capitalizing on the conflict, with China's Mustang Panda targeting Europe.
π΄ Zero Trust Can't Stop at the Federal Level π΄
π Read
via "Dark Reading".
The federal government must step in to help local and state governments implement zero trust.π Read
via "Dark Reading".
Dark Reading
Zero Trust Can't Stop at the Federal Level
The federal government must step in to help local and state governments implement zero trust.
ποΈ Critical Axeda vulnerabilities pose takeover risk to hundreds of IoT devices ποΈ
π Read
via "The Daily Swig".
Serious supply chain threat posed to downstream medical devices in particularπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Critical Axeda vulnerabilities pose takeover risk to hundreds of IoT devices
Serious supply chain threat posed to downstream medical devices in particular
π UFONet 1.8 π
π Read
via "Packet Storm Security".
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.π Read
via "Packet Storm Security".
Packetstormsecurity
UFONet 1.8 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Most ServiceNow Instances Misconfigured, Exposed β
π Read
via "Threat Post".
Customers aren't locking down access correctly, leading to ~70 percent of ServiceNow implementations being vulnerable to malicious data extraction.π Read
via "Threat Post".
Threat Post
Most ServiceNow Instances Misconfigured, Exposed
Customers aren't locking down access correctly, leading to ~70 percent of ServiceNow implementations tested by AppOmni being vulnerable to malicious data extraction.