βΌ CVE-2022-29972 βΌ
π Read
via "National Vulnerability Database".
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver (1.4.14 through 1.4.21.1001 and 1.4.22 through 1.4.x before 1.4.52) may allow a local user to execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28739 βΌ
π Read
via "National Vulnerability Database".
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29868 βΌ
π Read
via "National Vulnerability Database".
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used for signing in to 1Password.π Read
via "National Vulnerability Database".
π΄ Costa Rica Declares State of Emergency Under Sustained Conti Cyberattacks π΄
π Read
via "Dark Reading".
Conti's ransomware attack cripples Costa Rica's Treasury, sparking the US to offer a $15M bounty on the group.π Read
via "Dark Reading".
Darkreading
Costa Rica Declares State of Emergency Under Sustained Conti Cyberattacks
Conti's ransomware attack cripples Costa Rica's Treasury, sparking the US to offer a $15M bounty on the group.
π΄ Joker, Other Fleecewear Surges Back Into Google Play π΄
π Read
via "Dark Reading".
Some mobile apps are being weaponized with Trojans that secretly sign Android users up for paid subscription services.π Read
via "Dark Reading".
Darkreading
Joker, Other Fleeceware Surges Back Into Google Play
The infamous Joker threat is back in Google Play, along with other Trojanized mobile apps that secretly sign Android users up for paid subscription services.
βΌ CVE-2021-43712 βΌ
π Read
via "National Vulnerability Database".
Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23705 βΌ
π Read
via "National Vulnerability Database".
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow the upload, but not execution, of unauthorized update binaries to the array. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23704 βΌ
π Read
via "National Vulnerability Database".
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later.π Read
via "National Vulnerability Database".
π΄ How to Check if Your F5 BIG-IP Device Is Vulnerable π΄
π Read
via "Dark Reading".
This Tech Tip walks network administrators through the steps to address the latest critical remote code execution vulnerability (CVE-2022-1388) in F5's BIG-IP management interface.π Read
via "Dark Reading".
Darkreading
How to Check If Your F5 BIG-IP Device Is Vulnerable
This Tech Tip walks network administrators through the steps to address the latest critical remote code execution vulnerability (CVE-2022-1388) in F5's BIG-IP management interface.
β Low-rent RAT Worries Researchers β
π Read
via "Threat Post".
Researchers say a hacker is selling access to quality malware for chump change.π Read
via "Threat Post".
Threat Post
Low-rent RAT Worries Researchers
Researchers say a hacker is selling access to quality malware for chump change.
ποΈ EU targets standardization as key to bloc-wide cyber-resilience ποΈ
π Read
via "The Daily Swig".
Threat landscapeβs increasing complexity adds impetus to drive for consistency across 27 member statesπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
EU targets standardization as key to bloc-wide cyber-resilience
Threat landscapeβs increasing complexity adds impetus to drive for consistency across 27 member states
β Conti Ransomware Attack Spurs State of Emergency in Costa Rica β
π Read
via "Threat Post".
The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks.π Read
via "Threat Post".
Threat Post
Conti Ransomware Attack Spurs State of Emergency in Costa Rica
The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks.
βΌ CVE-2022-24042 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application returns an AuthToken that does not expire at the defined auto logoff delay timeout. An attacker could be able to capture this token and re-use old session credentials or session IDs for authorization.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24040 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41545 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). When the controller receives a specific BACnet protocol packet, an exception causes the BACnet communication function to go into a Γ’β¬Εout of workΓ’β¬οΏ½ state and could result in the controller going into a Γ’β¬Εfactory resetΓ’β¬οΏ½ state.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24041 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application stores the PBKDF2 derived key of users passwords with a low iteration count. An attacker with user profile access privilege can retrieve the stored password hashes of other accounts and then successfully perform an offline cracking attack and recover the plaintext passwords of other users.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42581 βΌ
π Read
via "National Vulnerability Database".
Prototype poisoning in function mapObjIndexed in Ramda 0.27.0 and earlier allows attackers to compromise integrity or availability of application via supplying a crafted object (that contains an own property "__proto__") as an argument to the function.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24039 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The Γ’β¬ΕaddCellΓ’β¬οΏ½ JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such that it is possible to inject arbitrary content (e.g., XML tags) into the generated file. An attacker with restricted privileges, by poisoning any of the content used to generate XLS reports, could be able to leverage the application to deliver malicious files against higher-privileged users and obtain Remote Code Execution (RCE) against the administratorΓ’β¬β’s workstation.π Read
via "National Vulnerability Database".
π1
ποΈ Russia behind cyber-attack on satellite internet network KA-SAT that disrupted Ukrainian infrastructure β EU ποΈ
π Read
via "The Daily Swig".
Suspected DDoS attack took place one hour before Russia invaded Ukraineπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Russia behind cyber-attack on satellite internet network KA-SAT that disrupted Ukrainian infrastructure β EU
Attack took place one hour before Russia invaded Ukraine
β Hackers Actively Exploit F5 BIG-IP Bug β
π Read
via "Threat Post".
The bug has a severe rating of 9.8, public exploits are released.π Read
via "Threat Post".
Threat Post
Hackers Actively Exploit F5 BIG-IP Bug
The bug has a severe rating of 9.8, public exploits are released.
π΄ Mastering the New CISO Playbook π΄
π Read
via "Dark Reading".
How can you safeguard your organization amid global conflict and uncertainty?π Read
via "Dark Reading".
Darkreading
Mastering the New CISO Playbook
How can you safeguard your organization amid global conflict and uncertainty?