βΌ CVE-2022-28624 βΌ
π Read
via "National Vulnerability Database".
A potential security vulnerability has been identified in certain HPE FlexNetwork and FlexFabric switch products. The vulnerability could be remotely exploited to allow cross site scripting (XSS). HPE has made the following software updates to resolve the vulnerability. HPE FlexNetwork 5130EL_7.10.R3507P02 and HPE FlexFabric 5945_7.10.R6635.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32115 βΌ
π Read
via "National Vulnerability Database".
An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-30852 βΌ
π Read
via "National Vulnerability Database".
Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).π Read
via "National Vulnerability Database".
βΌ CVE-2022-28623 βΌ
π Read
via "National Vulnerability Database".
Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve these vulnerabilities. HPE IceWall SSO version 10.0 certd library Patch 9 for RHEL and HPE IceWall SSO version 10.0 certd library Patch 9 for HP-UX.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33011 βΌ
π Read
via "National Vulnerability Database".
Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header injection attack.π Read
via "National Vulnerability Database".
ποΈ Decentralized Identifiers: Everything you need to know about the next-gen web ID tech ποΈ
π Read
via "The Daily Swig".
DID promises to give web users more control over their digital identitiesπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Decentralized Identifiers: Everything you need to know about the next-gen web ID tech
DID promises to give web users more control over their digital identities
π΄ Zero Trust Bolsters Our National Defense Against Rising Cyber Threats π΄
π Read
via "Dark Reading".
The Colonial Pipeline and JBS attacks, among others, showed us our national resilience is only as strong as public-private sector collaboration.π Read
via "Dark Reading".
Dark Reading
Zero Trust Bolsters Our National Defense Against Rising Cyber Threats
The Colonial Pipeline and JBS attacks, among others, showed us our national resilience is only as strong as public-private sector collaboration.
β Sneaky Orbit Malware Backdoors Linux Devices β
π Read
via "Threat Post".
The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine.π Read
via "Threat Post".
Threat Post
Sneaky Orbit Malware Backdoors Linux Devices
The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine.
π Friday Five 7/8 π
π Read
via "".
In this weekβs Friday Five, read more about what Apple is doing to protect users against government-backed malware, why U.S. healthcare organizations should be on high alert, how threat actors are changing their tactics, and much more.
π Read
via "".
π΄ Coalition Closes $250 Million in Series F Funding, Valuing the Cyber Insurance Provider at $5 Billion π΄
π Read
via "Dark Reading".
Funding from Allianz X, Valor Equity Partners, Kinetic Partners, and existing investors will accelerate Coalitionβs vision to provide security for all.π Read
via "Dark Reading".
Dark Reading
Coalition Closes $250 Million in Series F Funding, Valuing the Cyber Insurance Provider at $5 Billion
Funding from Allianz X, Valor Equity Partners, Kinetic Partners, and existing investors will accelerate Coalitionβs vision to provide security for all.
π΄ Swimlane Secures $70M Growth Round to Fuel Global Expansion of Next Generation Low-Code Security Automation Platform π΄
π Read
via "Dark Reading".
.π Read
via "Dark Reading".
Dark Reading
Swimlane Secures $70M Growth Round to Fuel Global Expansion of Next Generation Low-Code Security Automation Platform
π΄ Worldwide Enterprise Endpoint Security Industry to 2027: Focus on Antivirus, Firewall, Endpoint Device Control, and Anti-Spyware/Anti-Malware π΄
π Read
via "Dark Reading".
.π Read
via "Dark Reading".
Dark Reading
Worldwide Enterprise Endpoint Security Industry to 2027: Focus on Antivirus, Firewall, Endpoint Device Control, and Anti-Spyware/Antiβ¦
ποΈ AstraLocker ransomware decryptors released by Emsisoft ποΈ
π Read
via "The Daily Swig".
Threat actor released decryption keys after abandoning malware to focus on cryptojackingπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
AstraLocker ransomware decryptors released by Emsisoft
Threat actor released decryption keys after abandoning malware to focus on cryptojacking
π΄ SOAR Market Worth $2.3 Billion by 2027, According to Exclusive Report by MarketsandMarkets π΄
π Read
via "Dark Reading".
.π Read
via "Dark Reading".
Dark Reading
SOAR Market Worth $2.3 Billion by 2027, According to Exclusive Report by MarketsandMarkets
π΄ Welcome-Back-to-the-Future Shock π΄
π Read
via "Dark Reading".
This year's RSA Conference saw a strange mix of selling the future and the past β for good reason.π Read
via "Dark Reading".
Dark Reading
Welcome-Back-to-the-Future Shock
This year's RSA Conference saw a strange mix of selling the future and the past β for good reason.
βΌ CVE-2022-34166 βΌ
π Read
via "National Vulnerability Database".
IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229430.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34160 βΌ
π Read
via "National Vulnerability Database".
IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 229330.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34306 βΌ
π Read
via "National Vulnerability Database".
IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 229435.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35406 βΌ
π Read
via "National Vulnerability Database".
A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34167 βΌ
π Read
via "National Vulnerability Database".
IBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229432.π Read
via "National Vulnerability Database".
π΄ DoJ Charges CEO for Dealing $1B in Fake Cisco Gear π΄
π Read
via "Dark Reading".
Fraudster allegedly passed off refurbished, modified Cisco equipment as new to hospitals, schools, and even the military.π Read
via "Dark Reading".
Dark Reading
DoJ Charges CEO for Dealing $1B in Fake Cisco Gear
Fraudster allegedly passed off refurbished, modified Cisco equipment as new to hospitals, schools, and even the military.