βΌ CVE-2022-24655 βΌ
π Read
via "National Vulnerability Database".
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.π Read
via "National Vulnerability Database".
π€1
π΄ The Road Ahead for Cyber and Infrastructure Security π΄
π Read
via "Dark Reading".
Despite cost, it's time to focus on securing legacy systems and physical infrastructure along with digital systems.π Read
via "Dark Reading".
Dark Reading
The Road Ahead for Cyber and Infrastructure Security
Despite cost, it's time to focus on securing legacy systems and physical infrastructure along with digital systems.
π1
βΌ CVE-2022-24595 βΌ
π Read
via "National Vulnerability Database".
Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected by Incorrect Access Control in usr/bin/afb-daemon. To exploit the vulnerability, an attacker should send a well-crafted HTTP (or WebSocket) request to the socket listened by the afb-daemon process. No credentials nor user interactions are required.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0742 βΌ
π Read
via "National Vulnerability Database".
Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.π Read
via "National Vulnerability Database".
β Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops β
π Read
via "Threat Post".
Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizationsβ networks for further malicious activity.π Read
via "Threat Post".
Threat Post
Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops
Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizationsβ networks for further malicious activity.
ποΈ Workaround offered for unpatched HTML-to-PDF rendering vulnerability ποΈ
π Read
via "The Daily Swig".
Security flaws exposed in popular dompdf PHP libraryπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Workaround offered for unpatched HTML-to-PDF rendering vulnerability
Security flaws exposed in popular dompdf PHP library
π1
βΌ CVE-2022-24772 βΌ
π Read
via "National Vulnerability Database".
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-24771 βΌ
π Read
via "National Vulnerability Database".
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24773 βΌ
π Read
via "National Vulnerability Database".
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.π Read
via "National Vulnerability Database".
π1
π΄ Satellite Networks Worldwide at Risk of Possible Cyberattacks, FBI & CISA Warn π΄
π Read
via "Dark Reading".
Agencies provide mitigation steps to protect satellite communication (SATCOM) networks amid "current geopolitical situation."π Read
via "Dark Reading".
Dark Reading
Satellite Networks Worldwide at Risk of Possible Cyberattacks, FBI & CISA Warn
Agencies provide mitigation steps to protect satellite communication (SATCOM) networks amid "current geopolitical situation."
β Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet β
π Read
via "Threat Post".
The Russian-speaking APT behind the NotPetya attacks and the Ukrainian power grid takedown could be setting up for additional sinister attacks, researchers said.π Read
via "Threat Post".
Threat Post
Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet
The Russian-speaking APT behind the NotPetya attacks and the Ukrainian power grid takedown could be setting up for additional sinister attacks, researchers said.
β S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast] β
π Read
via "Naked Security".
Latest episode - listen now!π Read
via "Naked Security".
Naked Security
S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast]
Latest episode β listen now!
βΌ CVE-2022-24637 βΌ
π Read
via "National Vulnerability Database".
Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php (instead of the intended "<?php sequence) aren't handled by the PHP interpreter.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2021-39046 βΌ
π Read
via "National Vulnerability Database".
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29899 βΌ
π Read
via "National Vulnerability Database".
IBM Engineering Requirements Quality Assistant prior to 3.1.3 could allow an authenticated user to cause a denial of service. IBM X-Force ID: 207413.π Read
via "National Vulnerability Database".
β OpenSSL patches infinite-loop DoS bug in certificate verification β
π Read
via "Naked Security".
When it comes to writing loops in your code... never sit on the fence!π Read
via "Naked Security".
Naked Security
OpenSSL patches infinite-loop DoS bug in certificate verification
When it comes to writing loops in your code⦠never sit on the fence!
π Friday Five 3/18 π
π Read
via "".
How HIPAA can help mitigate cyberattacks, killing the password, and more - catch up on the infosec news of the week with the Friday Five!π Read
via "".
π΄ Security Teams Struggle to Get Started With Zero Trust π΄
π Read
via "Dark Reading".
Nearly a third of respondents in a Dark Reading survey on endpoint security strategy say zero trust is too confusing to implement.π Read
via "Dark Reading".
Dark Reading
Security Teams Struggle to Get Started With Zero Trust
Nearly a third of respondents in a Dark Reading survey on endpoint security strategy say zero trust is too confusing to implement.
β DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data β
π Read
via "Threat Post".
A DarkHotel phishing campaign breached luxe hotel networks, including Wynn Palace and the Grand Coloane Resort in Macao, a new report says.π Read
via "Threat Post".
Threat Post
DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data
A DarkHotel phishing campaign breached luxe hotel networks, including Wynn Palace and the Grand Coloane Resort in Macao, a new report says.
π΄ Menlo Security: Less Than Three in 10 Organizations Are Equipped to Combat Growing Wave of Web-Based Cyber Threats π΄
π Read
via "Dark Reading".
Report finds that 62 percent of IT decision makers have suffered a browser-based attack in the past 12 months.π Read
via "Dark Reading".
Dark Reading
Menlo Security: Less Than Three in 10 Organizations Are Equipped to Combat Growing Wave of Web-Based Cyber Threats
Report finds that 62 percent of IT decision makers have suffered a browser-based attack in the past 12 months.
π΄ A Chance to Raise Shields Right π΄
π Read
via "Dark Reading".
CISA's "Shields Up" alert provides urgency β and opportunity β for supply chain conversations.π Read
via "Dark Reading".
Dark Reading
A Chance to Raise Shields Right
CISA's "Shields Up" alert provides urgency β and opportunity β for supply chain conversations.