βΌ CVE-2021-25268 βΌ
π Read
via "National Vulnerability Database".
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28575 βΌ
π Read
via "National Vulnerability Database".
It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows attackers to execute arbitrary commands through a carefully constructed payloadπ Read
via "National Vulnerability Database".
βΌ CVE-2022-25989 βΌ
π Read
via "National Vulnerability Database".
An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted DHCP packet can lead to authentication bypass. An attacker can DHCP poison to trigger this vulnerability.π Read
via "National Vulnerability Database".
π Apple Alleges Theft of Trade Secrets in New Suit π
π Read
via "".
The company claims a stealth startup has poached 40 of its former employees, who in turn have stolen designs on its tech.π Read
via "".
π΄ Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials π΄
π Read
via "Dark Reading".
The same attack that allowed a threat actor to steal data from private Heroku GitHub repositories also resulted in the compromise of customer credentials, the company now says.π Read
via "Dark Reading".
Darkreading
Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials
The same attack that allowed a threat actor to steal data from private Heroku GitHub repositories also resulted in the compromise of customer credentials, the company now says.
π€―2
π΄ Microsoft, Apple, and Google Promise to Expand Passwordless Features π΄
π Read
via "Dark Reading".
The passwordless future just became closer to reality, as Microsoft, Apple, and Google pledged to make passwordless possible across operating systems and browsers.π Read
via "Dark Reading".
Darkreading
Microsoft, Apple, and Google Promise to Expand Passwordless Features
The passwordless future just became closer to reality, as Microsoft, Apple, and Google pledge to make the standard possible across operating systems and browsers.
βΌ CVE-2022-29166 βΌ
π Read
via "National Vulnerability Database".
matrix-appservice-irc is a Node.js IRC bridge for Matrix. The vulnerability in node-irc allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message. The vulnerability has been patched in matrix-appservice-irc 0.33.2. Refrain from replying to messages from untrusted participants in IRC-bridged Matrix rooms. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29173 βΌ
π Read
via "National Vulnerability Database".
go-tuf is a Go implementation of The Update Framework (TUF). go-tuf does not correctly implement the client workflow for updating the metadata files for roles other than the root role. Specifically, checks for rollback attacks are not implemented correctly meaning an attacker can cause clients to install software that is older than the software which the client previously knew to be available, and may include software with known vulnerabilities. In more detail, the client code of go-tuf has several issues in regards to preventing rollback attacks: 1. It does not take into account the content of any previously trusted metadata, if available, before proceeding with updating roles other than the root role (i.e., steps 5.4.3.1 and 5.5.5 of the detailed client workflow). This means that any form of version verification done on the newly-downloaded metadata is made using the default value of zero, which always passes. 2. For both timestamp and snapshot roles, go-tuf saves these metadata files as trusted before verifying if the version of the metafiles they refer to is correct (i.e., steps 5.5.4 and 5.6.4 of the detailed client workflow). A fix is available in version 0.3.0 or newer. No workarounds are known for this issue apart from upgrading.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29176 βΌ
π Read
via "National Vulnerability Database".
Rubygems is a package registry used to supply software for the Ruby language ecosystem. Due to a bug in the yank action, it was possible for any RubyGems.org user to remove and replace certain gems even if that user was not authorized to do so. To be vulnerable, a gem needed: one or more dashes in its name creation within 30 days OR no updates for over 100 days At present, we believe this vulnerability has not been exploited. RubyGems.org sends an email to all gem owners when a gem version is published or yanked. We have not received any support emails from gem owners indicating that their gem has been yanked without authorization. An audit of gem changes for the last 18 months did not find any examples of this vulnerability being used in a malicious way. A deeper audit for any possible use of this exploit is ongoing, and we will update this advisory once it is complete. Using Bundler in --frozen or --deployment mode in CI and during deploys, as the Bundler team has always recommended, will guarantee that your application does not silently switch to versions created using this exploit. To audit your application history for possible past exploits, review your Gemfile.lock and look for gems whose platform changed when the version number did not change. For example, gemname-3.1.2 updating to gemname-3.1.2-java could indicate a possible abuse of this vulnerability. RubyGems.org has been patched and is no longer vulnerable to this issue as of the 5th of May 2022.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29175 βΌ
π Read
via "National Vulnerability Database".
Vyper is a pythonic smart contract language for the ethereum virtual machine. Since version 0.3.2, decimals use the full range of the underlying int168 type. multiplication of 168 bit integers can wrap in 256-bit arithmetic, but safemul does not check for that. This has been patched in v0.3.4. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29172 βΌ
π Read
via "National Vulnerability Database".
Auth0 is an authentication broker that supports both social and enterprise identity providers, including Active Directory, LDAP, Google Apps, and Salesforce. In versions before `11.33.0`, when the ΓΒ’Γ’βΒ¬Γ
βadditional signup fieldsΓΒ’Γ’βΒ¬? feature [is configured](https://github.com/auth0/lock#additional-sign-up-fields), a malicious actor can inject invalidated HTML code into these additional fields, which is then stored in the service `user_metdata` payload (using the `name` property). Verification emails, when applicable, are generated using this metadata. It is therefor possible for an actor to craft a malicious link by injecting HTML, which is then rendered as the recipient's name within the delivered email template. You are impacted by this vulnerability if you are using `auth0-lock` version `11.32.2` or lower and are using the ΓΒ’Γ’βΒ¬Γ
βadditional signup fieldsΓΒ’Γ’βΒ¬? feature in your application. Upgrade to version `11.33.0`.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29167 βΌ
π Read
via "National Vulnerability Database".
Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse `Host` HTTP header (`Hawk.utils.parseHost()`), which was subject to regular expression DoS attack - meaning each added character in the attacker's input increases the computation time exponentially. `parseHost()` was patched in `9.0.1` to use built-in `URL` class to parse hostname instead. `Hawk.authenticate()` accepts `options` argument. If that contains `host` and `port`, those would be used instead of a call to `utils.parseHost()`.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29535 βΌ
π Read
via "National Vulnerability Database".
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.π Read
via "National Vulnerability Database".
π’ Millions of Lenovo laptops thought to be vulnerable to newly discovered UEFI malware attacks π’
π Read
via "ITPro".
ESET researchers said the core vulnerabilities were 'easy' to spot due to "unfortunate" and "honest" driver namesπ Read
via "ITPro".
IT PRO
Millions of Lenovo laptops thought to be vulnerable to newly discovered UEFI malware attacks | IT PRO
ESET researchers said the core vulnerabilities were 'easy' to spot due to "unfortunate" and "honest" driver names
π’ ConnectWise unveils new incident response service π’
π Read
via "ITPro".
New offering provides an βimmediate lifelineβ to a team of cyber experts in the event of a security breachπ Read
via "ITPro".
IT PRO
ConnectWise unveils new incident response service | IT PRO
New offering provides an βimmediate lifelineβ to a team of cyber experts in the event of a security breach
π’ REvil ransomware group's infrastructure comes back online hinting at fresh campaign π’
π Read
via "ITPro".
The ransomware gang's old deep web infrastructure is now redirecting to a new website with new victimsπ Read
via "ITPro".
IT PRO
REvil ransomware group's infrastructure comes back online hinting at fresh campaign | IT PRO
The ransomware gang's old deep web infrastructure is now redirecting to a new website with new victims
π’ Exclusive: Former Shiseido staff say company was aware of data breach weeks before official notice π’
π Read
via "ITPro".
Fake companies were created using the stolen identities of hundreds of Shiseido employees, former staff claimπ Read
via "ITPro".
IT PRO
Exclusive: Former Shiseido staff say company was aware of data breach weeks before official notice | IT PRO
Fake companies were created using the stolen identities of hundreds of Shiseido employees, former staff claim
π’ Report: UK businesses are less secure when using police-endorsed cyber security tool π’
π Read
via "ITPro".
The cyber security researcher found the developer of the free software to be "incompetent" and the myriad flaws in the cyber crime-fighting monitoring tool left businesses more at risk of cyber attacksπ Read
via "ITPro".
IT PRO
Report: UK businesses are less secure when using police-endorsed cyber security tool | IT PRO
The cyber security researcher found the developer of the free software to be "incompetent" and the myriad flaws in the cyber crime-fighting monitoring tool left businesses more at risk of cyber attacks
π’ Microsoft announces lucrative new bug bounty awards for M365 products and services π’
π Read
via "ITPro".
The new awards will focus on scenario-based weaknesses and offer bonuses of up to 30% for the most severe bugsπ Read
via "ITPro".
ITPro
Microsoft announces lucrative new bug bounty awards for M365 products and services
The new awards will focus on scenario-based weaknesses and offer bonuses of up to 30% for the most severe bugs
π’ Tech leaders share how to break into the tech industry π’
π Read
via "ITPro".
βYou have to feel like a true member of the IT world before you actually become a member"π Read
via "ITPro".
IT PRO
Tech leaders share how to break into the tech industry | IT PRO
βYou have to feel like a true member of the IT world before you actually become a member"
π’ Funky Pigeon site offline after "cyber incident" π’
π Read
via "ITPro".
The WH Smith-owned card site has reported the breach to "the relevant regulators"π Read
via "ITPro".
IT PRO
Funky Pigeon site offline after "cyber incident" | IT PRO
The WH Smith-owned card site has reported the breach to "the relevant regulators"