βΌ CVE-2021-25266 βΌ
π Read
via "National Vulnerability Database".
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29776 βΌ
π Read
via "National Vulnerability Database".
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user's dashboard providing the dashboard ID of that user. IBM X-Force ID: 203030.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1507 βΌ
π Read
via "National Vulnerability Database".
chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file.π Read
via "National Vulnerability Database".
π nfstream 6.5.1 π
π Read
via "Packet Storm Security".
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.π Read
via "Packet Storm Security".
Packetstormsecurity
nfstream 6.5.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π1
π΄ Coca-Cola Investigates Data-Theft Claims After Ransomware Attack π΄
π Read
via "Dark Reading".
The Stormous ransomware group is offering purportedly stolen Coca-Cola data for sale on its leak site, but the soda giant hasn't confirmed that the heist happened.π Read
via "Dark Reading".
Dark Reading
Coca-Cola Investigates Data-Theft Claims After Ransomware Attack
The Stormous ransomware group is offering purportedly stolen Coca-Cola data for sale on its leak site, but the soda giant hasn't confirmed that the heist happened.
β Emotet is Back From βSpring Breakβ With New Nasty Tricks β
π Read
via "Threat Post".
The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default.π Read
via "Threat Post".
Threat Post
Emotet is Back From βSpring Breakβ With New Nasty Tricks
The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default.
βΌ CVE-2022-28193 βΌ
π Read
via "National Vulnerability Database".
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted data may allow a local attacker to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial of service, and some impact to confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22315 βΌ
π Read
via "National Vulnerability Database".
IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions. IBM X-Force ID: 217955.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28197 βΌ
π Read
via "National Vulnerability Database".
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. This difficult- to-exploit vulnerability may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28196 βΌ
π Read
via "National Vulnerability Database".
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28195 βΌ
π Read
via "National Vulnerability Database".
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24372 βΌ
π Read
via "National Vulnerability Database".
Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28194 βΌ
π Read
via "National Vulnerability Database".
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where, if TFTP is enabled, a local attacker can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to confidentiality.π Read
via "National Vulnerability Database".
π΄ CISA: Log4Shell Was the Most-Exploited Vulnerability in 2021 π΄
π Read
via "Dark Reading".
Internet-facing zero-day vulnerabilities were the most commonly used types of bugs in 2021 attacks, according to the international Joint Cybersecurity Advisory (JCSA).π Read
via "Dark Reading".
Dark Reading
CISA: Log4Shell Was the Most-Exploited Vulnerability in 2021
Internet-facing zero-day vulnerabilities were the most commonly used types of bugs in 2021 attacks, according to the international Joint Cybersecurity Advisory (JCSA).
π΄ Synopsys to Acquire WhiteHat Security from NTT π΄
π Read
via "Dark Reading".
Acquisition expands security software-as-a-service capabilities.π Read
via "Dark Reading".
Dark Reading
press release
press releases
π What is Digital Rights Management? π
π Read
via "".
Learn about digital rights management and why it is important in Data Protection 101, our series on the fundamentals of information security.π Read
via "".
Digitalguardian
What is Digital Rights Management (DRM)? (The Definitive Guide)
Learn about digital rights management and why it is important in Data Protection 101, our series on the fundamentals of information security.
βΌ CVE-2022-24735 βΌ
π Read
via "National Vulnerability Database".
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24736 βΌ
π Read
via "National Vulnerability Database".
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0, 6.2.X and 6.0.X. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24891 βΌ
π Read
via "National Vulnerability Database".
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the **antisamy-esapi.xml** configuration file that can cause "javascript:" URLs to fail to be correctly sanitized. This issue is patched in ESAPI 2.3.0.0. As a workaround, manually edit the **antisamy-esapi.xml** configuration files to change the "onsiteURL" regular expression. More information about remediation of the vulnerability, including the workaround, is available in the maintainers' release notes and security bulletin.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3523 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in 3Scale APICast in versions prior to 2.11.0, where it incorrectly identified connections for reuse. This flaw allows an attacker to bypass security restrictions for an API request when hosting multiple APIs on the same IP address.π Read
via "National Vulnerability Database".
π΄ Chinese APT Bronze President Mounts Spy Campaign on Russian Military π΄
π Read
via "Dark Reading".
The war in Ukraine appears to have triggered a change in mission for the APT known as Bronze President (aka Mustang Panda).π Read
via "Dark Reading".
Dark Reading
Chinese APT Bronze President Mounts Spy Campaign on Russian Military
The war in Ukraine appears to have triggered a change in mission for the APT known as Bronze President (aka Mustang Panda).