π΄ Cowbell Cyber Raises $100M in Series B Funding to Further Develop Cyber-Risk Underwriting π΄
π Read
via "Dark Reading".
Led by Anthemis Group, funding fuels investment in go-to-market expansion, closed-loop risk management, and risk-bearing capabilities.π Read
via "Dark Reading".
Dark Reading
Cowbell Cyber Raises $100M in Series B Funding to Further Develop Cyber-Risk Underwriting
Led by Anthemis Group, funding fuels investment in go-to-market expansion, closed-loop risk management, and risk-bearing capabilities.
π΄ e2e-assure Launches New Microsoft Defender-Focused SOC Services π΄
π Read
via "Dark Reading".
They are aimed at helping organizations kickstart their cyber-risk management.π Read
via "Dark Reading".
Dark Reading
e2e-assure Launches New Microsoft Defender-Focused SOC Services
They are aimed at helping organizations kickstart their cyber-risk management.
ποΈ Node.js security: Parse Server remote code execution vulnerability resolved ποΈ
π Read
via "The Daily Swig".
GitHub has awarded the bug a severity score of 10 β the highest availableπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Node.js security: Parse Server remote code execution vulnerability resolved
GitHub has awarded the bug a severity score of 10 β the highest available
βΌ CVE-2022-24755 βΌ
π Read
via "National Vulnerability Database".
Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director >= 18.2 >= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, it will skip authorization checks completely. Expired accounts and accounts with expired passwords can still login. This problem will affect users that have PAM enabled. Currently there is no authorization (e.g. check for expired or disabled accounts), but only plain authentication (i.e. check if username and password match). Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 implement the authorization check that was previously missing. The only workaround is to make sure that authentication fails if the user is not authorized.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0961 βΌ
π Read
via "National Vulnerability Database".
The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0942 βΌ
π Read
via "National Vulnerability Database".
Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24752 βΌ
π Read
via "National Vulnerability Database".
SyliusGridBundle is a package of generic data grids for Symfony applications. Prior to versions 1.10.1 and 1.11-rc2, values added at the end of query sorting were passed directly to the database. The maintainers do not know if this could lead to direct SQL injections but took steps to remediate the vulnerability. The issue is fixed in versions 1.10.1 and 1.11-rc2. As a workaround, overwrite the`Sylius\Component\Grid\Sorting\Sorter.php` class and register it in the container. More information about this workaround is available in the GitHub Security Advisory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24721 βΌ
π Read
via "National Vulnerability Database".
CometD is a scalable comet implementation for web messaging. In any version prior to 5.0.11, 6.0.6, and 7.0.6, internal usage of Oort and Seti channels is improperly authorized, so any remote user could subscribe and publish to those channels. By subscribing to those channels, a remote user may be able to watch cluster-internal traffic that contains other users' (possibly sensitive) data. By publishing to those channels, a remote user may be able to create/modify/delete other user's data and modify the cluster structure. A fix is available in versions 5.0.11, 6.0.6, and 7.0.6. As a workaround, install a custom `SecurityPolicy` that forbids subscription and publishing to remote, non-Oort, sessions on Oort and Seti channels.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0430 βΌ
π Read
via "National Vulnerability Database".
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24756 βΌ
π Read
via "National Vulnerability Database".
Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director >= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, a failed PAM authentication will leak a small amount of memory. An attacker that is able to use the PAM Console (i.e. by knowing the shared secret or via the WebUI) can flood the Director with failing login attempts which will eventually lead to an out-of-memory condition in which the Director will not work anymore. Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 contain a Bugfix for this problem. Users who are unable to upgrade may disable PAM authentication as a workaround.π Read
via "National Vulnerability Database".
βοΈ Lawmakers Probe Early Release of Top RU Cybercrook βοΈ
π Read
via "Krebs on Security".
Aleksei Burkov, a cybercriminal who long operated two of Russia's most exclusive underground hacking forums, was arrested in 2015 by Israeli authorities. The Russian government fought Burkov's extradition to the U.S. for four years -- even arresting and jailing an Israeli woman to force a prisoner swap. That effort failed: Burkov was sent to America, pleaded guilty, and was sentenced to nine years in prison. But a little more than a year later, he was quietly released and deported back to Russia. Now some Republican lawmakers are asking why a Russian hacker once described as "an asset of supreme importance" was allowed to shorten his stay.π Read
via "Krebs on Security".
Krebsonsecurity
Lawmakers Probe Early Release of Top RU Cybercrook
Aleksei Burkov, a cybercriminal who long operated two of Russia's most exclusive underground hacking forums, was arrested in 2015 by Israeli authorities. The Russian government fought Burkov's extradition to the U.S. for four years -- even arresting and jailingβ¦
β Apple patches 87 security holes β from iPhones and Macs to Windows β
π Read
via "Naked Security".
Lots of fixes, with data leakage flaws and code execution bugs patched on iPhones, Macs and even Windows.π Read
via "Naked Security".
Naked Security
Apple patches 87 security holes β from iPhones and Macs to Windows
Lots of fixes, with data leakage flaws and code execution bugs patched on iPhones, Macs and even Windows.
β Most QNAP NAS Devices Affected by βDirty Pipeβ Linux Flaw β
π Read
via "Threat Post".
The βDirty Pipeβ Linux kernel flaw β a high-severity vulnerability in all major distros that grants root access to unprivileged users who have local access β affects most of QNAPβs network-attached storage (NAS) appliances, the Taiwanese manufacturer warned on Monday. Dirty Pipe, a recently reported local privilege escalation vulnerability, affects the Linux kernel on QNAP [β¦]π Read
via "Threat Post".
Threat Post
Most QNAP NAS Devices Affected by βDirty Pipeβ Linux Flaw
There are currently no mitigations for the severe Linux kernel bug, QNAP warned on Monday.
βΌ CVE-2022-27214 βΌ
π Read
via "National Vulnerability Database".
A cross-site request forgery (CSRF) vulnerability in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27195 βΌ
π Read
via "National Vulnerability Database".
Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their `build.xml` files. These values are stored unencrypted and can be viewed by users with access to the Jenkins controller file system.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0778 βΌ
π Read
via "National Vulnerability Database".
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).π Read
via "National Vulnerability Database".
βΌ CVE-2022-27202 βΌ
π Read
via "National Vulnerability Database".
Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier does not escape the value and description of extended choice parameters of radio buttons or check boxes type, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27207 βΌ
π Read
via "National Vulnerability Database".
Jenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the 'Global Build Stats' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0965 βΌ
π Read
via "National Vulnerability Database".
Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22771 βΌ
π Read
via "National Vulnerability Database".
The Server component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contains a directory-traversal vulnerability that may theoretically allow web server users to access contents of the host system. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Library: version 7.9.0, TIBCO JasperReports Library for ActiveMatrix BPM: version 7.9.0, TIBCO JasperReports Server: versions 7.9.0 and 7.9.1, TIBCO JasperReports Server for AWS Marketplace: versions 7.9.0 and 7.9.1, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.0 and 7.9.1, and TIBCO JasperReports Server for Microsoft Azure: version 7.9.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27215 βΌ
π Read
via "National Vulnerability Database".
A missing permission check in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.π Read
via "National Vulnerability Database".