βΌ CVE-2021-43735 βΌ
π Read
via "National Vulnerability Database".
CmsWing 1.3.7 is affected by a SQLi vulnerability via parameter: behavior rule.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23242 βΌ
π Read
via "National Vulnerability Database".
TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password.π Read
via "National Vulnerability Database".
π Cybercrime Cost U.S. $6.9 Billion in 2021 π
π Read
via "".
The FBI's annual look at phishing, scam, and personal data breach statistics is out.π Read
via "".
Digital Guardian
Cybercrime Cost U.S. $6.9 Billion in 2021
The FBI's annual look at phishing, scam, and personal data breach statistics is out.
π΄ Okta Says 366 Customers Impacted via Third-Party Breach π΄
π Read
via "Dark Reading".
Microsoft meanwhile confirms Lapsus$ group compromised it as well and issues warning on threat actor.π Read
via "Dark Reading".
Dark Reading
Okta Says 366 Customers Impacted via Third-Party Breach
Microsoft meanwhile confirms Lapsus$ group compromised it as well and issues warning on threat actor.
π΄ FBI: Cybercrime Victims Suffered Losses of Over $6.9B in 2021 π΄
π Read
via "Dark Reading".
The Internet Crime Complaint Center fielded 847,376 cybercrime reports last year, an increase of 7% from 2020.π Read
via "Dark Reading".
Dark Reading
FBI: Cybercrime Victims Suffered Losses of Over $6.9B in 2021
The Internet Crime Complaint Center fielded 847,376 cybercrime reports last year, an increase of 7% from 2020.
βΌ CVE-2021-38278 βΌ
π Read
via "National Vulnerability Database".
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46064 βΌ
π Read
via "National Vulnerability Database".
IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26243 βΌ
π Read
via "National Vulnerability Database".
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow in the setSmartPowerManagement function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38772 βΌ
π Read
via "National Vulnerability Database".
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.π Read
via "National Vulnerability Database".
βοΈ A Closer Look at the LAPSUS$ Data Extortion Group βοΈ
π Read
via "Krebs on Security".
Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. Here's a closer look at LAPSUS$, and some of the low-tech but high-impact methods the group uses to gain access to targeted organizations.π Read
via "Krebs on Security".
Krebs on Security
A Closer Look at the LAPSUS$ Data Extortion Group
Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand isβ¦
βΌ CVE-2021-3748 βΌ
π Read
via "National Vulnerability Database".
A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25223 βΌ
π Read
via "National Vulnerability Database".
Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries in 'mtms/admin/?page=transaction/view_details' via the 'id' parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23881 βΌ
π Read
via "National Vulnerability Database".
ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability via danger_key() at zzz_template.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27466 βΌ
π Read
via "National Vulnerability Database".
A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24292 βΌ
π Read
via "National Vulnerability Database".
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24757 βΌ
π Read
via "National Vulnerability Database".
The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications. Prior to version 1.15.4, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter Server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, steal sensitive auth/cookie information, and gain access to the Jupyter server. Jupyter Server version 1.15.4 contains a patch for this issue. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1030 βΌ
π Read
via "National Vulnerability Database".
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute commands on the local system.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22951 βΌ
π Read
via "National Vulnerability Database".
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains an OS command injection vulnerability. An authenticated, high privileged malicious actor with network access to the VMware App Control administration interface may be able to execute commands on the server due to improper input validation leading to remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25222 βΌ
π Read
via "National Vulnerability Database".
Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries in 'admin/maintenance/manage_branch.php' and 'admin/maintenance/manage_fee.php' via the 'id' parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22952 βΌ
π Read
via "National Vulnerability Database".
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains a file upload vulnerability. A malicious actor with administrative access to the VMware App Control administration interface may be able to execute code on the Windows instance where AppC Server is installed by uploading a specially crafted file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23880 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file.π Read
via "National Vulnerability Database".