ποΈ Bug Bounty Radar // The latest bug bounty programs for June 2022 ποΈ
π Read
via "The Daily Swig".
New web targets for the discerning hackerπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Bug Bounty Radar // The latest bug bounty programs for June 2022
New web targets for the discerning hacker
π΄ New CyberCatch Research Discovers Alarming Increase in Cyber Vulnerabilities for Small and Medium Sized Businesses in US and Canada π΄
π Read
via "Dark Reading".
For the first time, CyberCatch's SMBVR detected significant vulnerability to 'session riding' attacks among North American SMBs.π Read
via "Dark Reading".
Dark Reading
New CyberCatch Research Discovers Alarming Increase in Cyber Vulnerabilities for Small and Medium Sized Businesses in US and Canada
For the first time, CyberCatch's SMBVR detected significant vulnerability to 'session riding' attacks among North American SMBs.
π΄ Fewer DDoS Attacks in 2021, Still Above Pre-Pandemic Levels π΄
π Read
via "Dark Reading".
New research finds a rise in TCP acknowledgement (ACK) DDoS attacks, which rely on a smaller amount of traffic to disrupt targets.π Read
via "Dark Reading".
Dark Reading
Fewer DDoS Attacks in 2021, Still Above Pre-Pandemic Levels
New research finds a rise in TCP acknowledgement (ACK) DDoS attacks, which rely on a smaller amount of traffic to disrupt targets.
βΌ CVE-2022-29258 βΌ
π Read
via "National Vulnerability Database".
XWiki Platform Filter UI provides a generic user interface to convert from a XWiki Filter input stream to an output stream with settings for each stream. Starting with versions 6.0-milestone-2 and 5.4.4 and prior to versions 12.10.11, 14.0-rc-1, 13.4.7, and 13.10.3, XWiki Platform Filter UI contains a possible cross-site scripting vector in the `Filter.FilterStreamDescriptorForm` wiki page related to pretty much all the form fields printed in the home page of the application. The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, and 13.10.3. The easiest workaround is to edit the wiki page `Filter.FilterStreamDescriptorForm` (with wiki editor) according to the instructions in the GitHub Security Advisory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29243 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.7 and 23.0.4, missing input-size validation of new session names allows users to create app passwords with long names. These long names are then loaded into memory on usage, resulting in impacted performance. Versions 22.2.7 and 23.0.4 contain a fix for this issue. There are currently no known workarounds available.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22361 βΌ
π Read
via "National Vulnerability Database".
IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19.0.0.1 through 19.0.0.3, 18.0.0.0 through 18.0.0.1, IBM Business Automation Workflow containers V21.0.1 - V21.0.3 20.0.0.1 through 20.0.0.2, IBM Business Process Manager 8.6.0.0 through 8.6.0.201803, and 8.5.0.0 through 8.5.0.201706 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29220 βΌ
π Read
via "National Vulnerability Database".
github-action-merge-dependabot is an action that automatically approves and merges dependabot pull requests (PRs). Prior to version 3.2.0, github-action-merge-dependabot does not check if a commit created by dependabot is verified with the proper GPG key. There is just a check if the actor is set to `dependabot[bot]` to determine if the PR is a legit PR. Theoretically, an owner of a seemingly valid and legit action in the pipeline can check if the PR is created by dependabot and if their own action has enough permissions to modify the PR in the pipeline. If so, they can modify the PR by adding a second seemingly valid and legit commit to the PR, as they can set arbitrarily the username and email in for commits in git. Because the bot only checks if the actor is valid, it would pass the malicious changes through and merge the PR automatically, without getting noticed by project maintainers. It would probably not be possible to determine where the malicious commit came from, as it would only say `dependabot[bot]` and the corresponding email-address. Version 3.2.0 contains a patch for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29245 βΌ
π Read
via "National Vulnerability Database".
SSH.NET is a Secure Shell (SSH) library for .NET. In versions 2020.0.0 and 2020.0.1, during an `X25519` key exchange, the clientΓΒ’Γ’β¬ÒβΒ’s private key is generated with `System.Random`. `System.Random` is not a cryptographically secure random number generator, it must therefore not be used for cryptographic purposes. When establishing an SSH connection to a remote host, during the X25519 key exchange, the private key is generated with a weak random number generator whose seed can be brute forced. This allows an attacker who is able to eavesdrop on the communications to decrypt them. Version 2020.0.2 contains a patch for this issue. As a workaround, one may disable support for `curve25519-sha256` and `curve25519-sha256@libssh.org` key exchange algorithms.π Read
via "National Vulnerability Database".
βοΈ Costa Rica May Be Pawn in Conti Ransomware Groupβs Bid to Rebrand, Evade Sanctions βοΈ
π Read
via "Krebs on Security".
Costa Ricaβs national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang β Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.π Read
via "Krebs on Security".
Krebs on Security
Costa Rica May Be Pawn in Conti Ransomware Groupβs Bid to Rebrand, Evade Sanctions
Costa Ricaβs national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a dataβ¦
βΌ CVE-2022-31002 βΌ
π Read
via "National Vulnerability Database".
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue.π Read
via "National Vulnerability Database".
π΄ Surefire Cyber Launches to Help Cyber Insurance Ecosystem from Response to Resilience, with $10 Million in Funding by Forgepoint Capital π΄
π Read
via "Dark Reading".
Industry veterans roll out end-to-end incident response services and innovative tech-enabled platform, following successful incubation.π Read
via "Dark Reading".
Dark Reading
Surefire Cyber Launches to Help Cyber Insurance Ecosystem from Response to Resilience, with $10 Million in Funding by Forgepointβ¦
Industry veterans roll out end-to-end incident response services and innovative tech-enabled platform, following successful incubation.
π΄ Biometric Data Offers Added Security β But Don't Lose Sight of These Important Risks π΄
π Read
via "Dark Reading".
With rising fraud, businesses are seeking authentication methods that are security- and user-friendly. But with that comes a few complications.π Read
via "Dark Reading".
Dark Reading
Biometric Data Offers Added Security β But Don't Lose Sight of These Important Risks
With rising fraud, businesses are seeking authentication methods that are security- and user-friendly. But with that comes a few complications.
π΄ New Microsoft Zero-Day Attack Underway π΄
π Read
via "Dark Reading".
"Follina" vulnerability in Microsoft Support Diagnostic Tool (MSDT) affects all currently supported Windows versions and can be triggered via specially crafted Office documents.π Read
via "Dark Reading".
Dark Reading
New Microsoft Zero-Day Attack Underway
"Follina" vulnerability in Microsoft Support Diagnostic Tool (MSDT) affects all currently supported Windows versions and can be triggered via specially crafted Office documents.
π΄ 3.6M MySQL Servers Found Exposed Online π΄
π Read
via "Dark Reading".
Researchers from Shadowserver recommend removing the servers from the Internet to shrink external attack surface.π Read
via "Dark Reading".
Dark Reading
3.6M MySQL Servers Found Exposed Online
Researchers from Shadowserver recommend removing the servers from the Internet to shrink external attack surface.
π΄ ESET Launches NetProtect Suite of Advanced Cybersecurity Offerings for Telcos and ISPs π΄
π Read
via "Dark Reading".
.π Read
via "Dark Reading".
Dark Reading
ESET Launches NetProtect Suite of Advanced Cybersecurity Offerings for Telcos and ISPs
βΌ CVE-2022-31005 βΌ
π Read
via "National Vulnerability Database".
Vapor is an HTTP web framework for Swift. Users of Vapor prior to version 4.60.3 with FileMiddleware enabled are vulnerable to an integer overflow vulnerability that can crash the application. Version 4.60.3 contains a patch for this issue. As a workaround, disable FileMiddleware and serve via a Content Delivery Network.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31001 βΌ
π Read
via "National Vulnerability Database".
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0)`, which will make `n` bigger and trigger out-of-bound access when `IS_NON_WS(s[n])`. Version 1.13.8 contains a patch for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31011 βΌ
π Read
via "National Vulnerability Database".
TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. TiDB version 5.3.1 contains a patch for this issue. Other mitigation strategies include turning off Security Enhanced Mode (SEM), disabling local login for non-root accounts, and ensuring that the same IP cannot be logged in as root and normal user at the same time.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31003 βΌ
π Read
via "National Vulnerability Database".
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code execution. Version 1.13.8 contains a patch for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31007 βΌ
π Read
via "National Vulnerability Database".
eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrator account. The issue has been corrected in eLabFTW version 4.3.0. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigned team/teams. A system administrator account can manage all accounts, teams and edit system-wide settings within the application. The impact is not deemed as high, as it requires the attacker to have access to an administrator account. Regular user accounts cannot exploit this to gain admin rights. A workaround for one if the issues is removing the ability of administrators to create accounts.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31013 βΌ
π Read
via "National Vulnerability Database".
Chat Server is the chat server for Vartalap, an open-source messaging application. Versions 2.3.2 until 2.6.0 suffer from a bug in validating the access token, resulting in authentication bypass. The function `this.authProvider.verifyAccessKey` is an async function, as the code is not using `await` to wait for the verification result. Every time the function responds back with success, along with an unhandled exception if the token is invalid. A patch is available in version 2.6.0.π Read
via "National Vulnerability Database".