🕴 Don't Have a COW: Containers on Windows and Other Container-Escape Research 🕴
📖 Read
via "Dark Reading".
Several pieces of Black Hat USA research will explore container design weaknesses and escalation of privilege attacks that can lead to container escapes.📖 Read
via "Dark Reading".
Dark Reading
Don't Have a COW: Containers on Windows and Other Container-Escape Research
Several pieces of Black Hat USA research will explore container design weaknesses and escalation of privilege attacks that can lead to container escapes.
‼ CVE-2020-4159 ‼
📖 Read
via "National Vulnerability Database".
IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. IBM X-Force ID: 174339.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39041 ‼
📖 Read
via "National Vulnerability Database".
IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. IBM X-Force ID: 214028.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29901 ‼
📖 Read
via "National Vulnerability Database".
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29900 ‼
📖 Read
via "National Vulnerability Database".
AMD microprocessor families 15h to 18h are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2385 ‼
📖 Read
via "National Vulnerability Database".
A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25875 ‼
📖 Read
via "National Vulnerability Database".
The package svelte before 3.49.0 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization and to improper escape of attributes when using objects during SSR (Server-Side Rendering). Exploiting this vulnerability is possible via objects with a custom toString() function.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-4157 ‼
📖 Read
via "National Vulnerability Database".
IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174337.📖 Read
via "National Vulnerability Database".
🛠 Suricata IDPE 6.0.6 🛠
📖 Read
via "Packet Storm Security".
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.📖 Read
via "Packet Storm Security".
Packetstormsecurity
Suricata IDPE 6.0.6 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🕴 Understanding the Omdia Threat Detection Data Life Cycle 🕴
📖 Read
via "Dark Reading".
Data quality is key in an effective TDIR solution. Omdia's threat detection data life cycle highlights the considerations for effective data-driven threat detection.📖 Read
via "Dark Reading".
Dark Reading
Understanding the Omdia Threat Detection Data Life Cycle
Data quality is key in an effective TDIR solution. Omdia's threat detection data life cycle highlights the considerations for effective data-driven threat detection.
🕴 Privitar Announces Kormoon Acquisition, Extending Data Privacy and Provisioning Capabilities 🕴
📖 Read
via "Dark Reading".
.📖 Read
via "Dark Reading".
Dark Reading
Privitar Announces Kormoon Acquisition, Extending Data Privacy and Provisioning Capabilities
🕴 Microsoft Issues Fixes for 84 Vulnerabilities: Here's What to Patch Now 🕴
📖 Read
via "Dark Reading".
July's security update included fixes for one actively exploited flaw, more than 30 bugs in Azure Site Recovery, and four privilege escalation bugs in Windows Print Spooler.📖 Read
via "Dark Reading".
Dark Reading
Microsoft Issues Fixes for 84 Vulnerabilities: Here's What to Patch Now
July's security update included fixes for one actively exploited flaw, more than 30 bugs in Azure Site Recovery, and four privilege escalation bugs in Windows Print Spooler.
‼ CVE-2022-32247 ‼
📖 Read
via "National Vulnerability Database".
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the User inputs while interacting on the Network. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31655 ‼
📖 Read
via "National Vulnerability Database".
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts.📖 Read
via "National Vulnerability Database".
‼ CVE-2011-4916 ‼
📖 Read
via "National Vulnerability Database".
Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35168 ‼
📖 Read
via "National Vulnerability Database".
Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker can perform a denial-of-service attack rendering the system temporarily inoperative.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-35170 ‼
📖 Read
via "National Vulnerability Database".
SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on confidentiality and integrity of data.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29187 ‼
📖 Read
via "National Vulnerability Database".
Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31134 ‼
📖 Read
via "National Vulnerability Database".
Zulip is an open-source team collaboration tool. Zulip Server versions 2.1.0 above have a user interface tool, accessible only to server owners and server administrators, which provides a way to download a "public data" export. While this export is only accessible to administrators, in many configurations server administrators are not expected to have access to private messages and private streams. However, the "public data" export which administrators could generate contained the attachment contents for all attachments, even those from private messages and streams. Zulip Server version 5.4 contains a patch for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31012 ‼
📖 Read
via "National Vulnerability Database".
Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows' installer execute a binary into `C:\mingw64\bin\git.exe` by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is included in version 2.37.1. Two workarounds are available. Create the `C:\mingw64` folder and remove read/write access from this folder, or disallow arbitrary authenticated users to create folders in `C:\`.📖 Read
via "National Vulnerability Database".