βΌ CVE-2021-3555 βΌ
π Read
via "National Vulnerability Database".
A Buffer Overflow vulnerability in the RSTP server component of Eufy Indoor 2K Indoor Camera allows a local attacker to achieve remote code execution. This issue affects: Eufy Indoor 2K Indoor Camera 2.0.9.3 version and prior versions.π Read
via "National Vulnerability Database".
β EnemyBot Malware Targets Web Servers, CMS Tools and Android OS β
π Read
via "Threat Post".
Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot.π Read
via "Threat Post".
Threat Post
EnemyBot Malware Targets Web Servers, CMS Tools and Android OS
Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot.
ποΈ Connecticut becomes fifth US state to enact comprehensive consumer privacy law ποΈ
π Read
via "The Daily Swig".
The newly signed CTPA is more consumer-friendly than similar legislation in other US statesπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Connecticut becomes fifth US state to enact comprehensive consumer privacy law
The newly signed CTPA is more consumer-friendly than similar legislation in other US states
π΄ How to Keep Your Enterprise Safe From Digital Supply Chain Attacks π΄
π Read
via "Dark Reading".
Digital supply chains are more vulnerable than ever; here's what you need to do to secure them.π Read
via "Dark Reading".
Dark Reading
How to Keep Your Enterprise Safe From Digital Supply Chain Attacks
Digital supply chains are more vulnerable than ever; here's what you need to do to secure them.
βΌ CVE-2022-1942 βΌ
π Read
via "National Vulnerability Database".
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30973 βΌ
π Read
via "National Vulnerability Database".
We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.3.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23082 βΌ
π Read
via "National Vulnerability Database".
In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function ΓΒ’Γ’βΒ¬ΓΕisFileOutsideDirΓΒ’Γ’β¬ÒβΒ’ fails to sanitize the user input which may lead to path traversal.π Read
via "National Vulnerability Database".
ποΈ Bug Bounty Radar // The latest bug bounty programs for June 2022 ποΈ
π Read
via "The Daily Swig".
New web targets for the discerning hackerπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Bug Bounty Radar // The latest bug bounty programs for June 2022
New web targets for the discerning hacker
π΄ New CyberCatch Research Discovers Alarming Increase in Cyber Vulnerabilities for Small and Medium Sized Businesses in US and Canada π΄
π Read
via "Dark Reading".
For the first time, CyberCatch's SMBVR detected significant vulnerability to 'session riding' attacks among North American SMBs.π Read
via "Dark Reading".
Dark Reading
New CyberCatch Research Discovers Alarming Increase in Cyber Vulnerabilities for Small and Medium Sized Businesses in US and Canada
For the first time, CyberCatch's SMBVR detected significant vulnerability to 'session riding' attacks among North American SMBs.
π΄ Fewer DDoS Attacks in 2021, Still Above Pre-Pandemic Levels π΄
π Read
via "Dark Reading".
New research finds a rise in TCP acknowledgement (ACK) DDoS attacks, which rely on a smaller amount of traffic to disrupt targets.π Read
via "Dark Reading".
Dark Reading
Fewer DDoS Attacks in 2021, Still Above Pre-Pandemic Levels
New research finds a rise in TCP acknowledgement (ACK) DDoS attacks, which rely on a smaller amount of traffic to disrupt targets.
βΌ CVE-2022-29258 βΌ
π Read
via "National Vulnerability Database".
XWiki Platform Filter UI provides a generic user interface to convert from a XWiki Filter input stream to an output stream with settings for each stream. Starting with versions 6.0-milestone-2 and 5.4.4 and prior to versions 12.10.11, 14.0-rc-1, 13.4.7, and 13.10.3, XWiki Platform Filter UI contains a possible cross-site scripting vector in the `Filter.FilterStreamDescriptorForm` wiki page related to pretty much all the form fields printed in the home page of the application. The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, and 13.10.3. The easiest workaround is to edit the wiki page `Filter.FilterStreamDescriptorForm` (with wiki editor) according to the instructions in the GitHub Security Advisory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29243 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.7 and 23.0.4, missing input-size validation of new session names allows users to create app passwords with long names. These long names are then loaded into memory on usage, resulting in impacted performance. Versions 22.2.7 and 23.0.4 contain a fix for this issue. There are currently no known workarounds available.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22361 βΌ
π Read
via "National Vulnerability Database".
IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19.0.0.1 through 19.0.0.3, 18.0.0.0 through 18.0.0.1, IBM Business Automation Workflow containers V21.0.1 - V21.0.3 20.0.0.1 through 20.0.0.2, IBM Business Process Manager 8.6.0.0 through 8.6.0.201803, and 8.5.0.0 through 8.5.0.201706 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29220 βΌ
π Read
via "National Vulnerability Database".
github-action-merge-dependabot is an action that automatically approves and merges dependabot pull requests (PRs). Prior to version 3.2.0, github-action-merge-dependabot does not check if a commit created by dependabot is verified with the proper GPG key. There is just a check if the actor is set to `dependabot[bot]` to determine if the PR is a legit PR. Theoretically, an owner of a seemingly valid and legit action in the pipeline can check if the PR is created by dependabot and if their own action has enough permissions to modify the PR in the pipeline. If so, they can modify the PR by adding a second seemingly valid and legit commit to the PR, as they can set arbitrarily the username and email in for commits in git. Because the bot only checks if the actor is valid, it would pass the malicious changes through and merge the PR automatically, without getting noticed by project maintainers. It would probably not be possible to determine where the malicious commit came from, as it would only say `dependabot[bot]` and the corresponding email-address. Version 3.2.0 contains a patch for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29245 βΌ
π Read
via "National Vulnerability Database".
SSH.NET is a Secure Shell (SSH) library for .NET. In versions 2020.0.0 and 2020.0.1, during an `X25519` key exchange, the clientΓΒ’Γ’β¬ÒβΒ’s private key is generated with `System.Random`. `System.Random` is not a cryptographically secure random number generator, it must therefore not be used for cryptographic purposes. When establishing an SSH connection to a remote host, during the X25519 key exchange, the private key is generated with a weak random number generator whose seed can be brute forced. This allows an attacker who is able to eavesdrop on the communications to decrypt them. Version 2020.0.2 contains a patch for this issue. As a workaround, one may disable support for `curve25519-sha256` and `curve25519-sha256@libssh.org` key exchange algorithms.π Read
via "National Vulnerability Database".
βοΈ Costa Rica May Be Pawn in Conti Ransomware Groupβs Bid to Rebrand, Evade Sanctions βοΈ
π Read
via "Krebs on Security".
Costa Ricaβs national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang β Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.π Read
via "Krebs on Security".
Krebs on Security
Costa Rica May Be Pawn in Conti Ransomware Groupβs Bid to Rebrand, Evade Sanctions
Costa Ricaβs national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a dataβ¦
βΌ CVE-2022-31002 βΌ
π Read
via "National Vulnerability Database".
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue.π Read
via "National Vulnerability Database".
π΄ Surefire Cyber Launches to Help Cyber Insurance Ecosystem from Response to Resilience, with $10 Million in Funding by Forgepoint Capital π΄
π Read
via "Dark Reading".
Industry veterans roll out end-to-end incident response services and innovative tech-enabled platform, following successful incubation.π Read
via "Dark Reading".
Dark Reading
Surefire Cyber Launches to Help Cyber Insurance Ecosystem from Response to Resilience, with $10 Million in Funding by Forgepointβ¦
Industry veterans roll out end-to-end incident response services and innovative tech-enabled platform, following successful incubation.
π΄ Biometric Data Offers Added Security β But Don't Lose Sight of These Important Risks π΄
π Read
via "Dark Reading".
With rising fraud, businesses are seeking authentication methods that are security- and user-friendly. But with that comes a few complications.π Read
via "Dark Reading".
Dark Reading
Biometric Data Offers Added Security β But Don't Lose Sight of These Important Risks
With rising fraud, businesses are seeking authentication methods that are security- and user-friendly. But with that comes a few complications.
π΄ New Microsoft Zero-Day Attack Underway π΄
π Read
via "Dark Reading".
"Follina" vulnerability in Microsoft Support Diagnostic Tool (MSDT) affects all currently supported Windows versions and can be triggered via specially crafted Office documents.π Read
via "Dark Reading".
Dark Reading
New Microsoft Zero-Day Attack Underway
"Follina" vulnerability in Microsoft Support Diagnostic Tool (MSDT) affects all currently supported Windows versions and can be triggered via specially crafted Office documents.
π΄ 3.6M MySQL Servers Found Exposed Online π΄
π Read
via "Dark Reading".
Researchers from Shadowserver recommend removing the servers from the Internet to shrink external attack surface.π Read
via "Dark Reading".
Dark Reading
3.6M MySQL Servers Found Exposed Online
Researchers from Shadowserver recommend removing the servers from the Internet to shrink external attack surface.