🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33672 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".

84 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33653 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".

85 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33669 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".

88 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-31105 ‼

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious (or otherwise untrustworthy) OpenID Connect (OIDC) provider. A patch for this vulnerability has been released in Argo CD versions 2.4.5, 2.3.6, and 2.2.11. There are no complete workarounds, but a partial workaround is available. Those who use an external OIDC provider (not the bundled Dex instance), can mitigate the issue by setting the `oidc.config.rootCA` field in the `argocd-cm` ConfigMap. This mitigation only forces certificate validation when the API server handles login flows. It does not force certificate verification when verifying tokens on API calls.

📖 Read

via "National Vulnerability Database".

93 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33650 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".

96 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33676 ‼

Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33678.

📖 Read

via "National Vulnerability Database".

92 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-29601 ‼

The seminars (aka Seminar Manager) extension through 4.1.3 for TYPO3 allows SQL Injection.

📖 Read

via "National Vulnerability Database".

93 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33667 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".

100 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-22050 ‼

Windows Fax Service Elevation of Privilege Vulnerability.

📖 Read

via "National Vulnerability Database".

101 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33661 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".

104 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-22024 ‼

Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027.

📖 Read

via "National Vulnerability Database".

105 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33655 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".

112 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-30224 ‼

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30202.

📖 Read

via "National Vulnerability Database".

114 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33671 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".

132 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33675 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".

161 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-22711 ‼

Windows BitLocker Information Disclosure Vulnerability.

📖 Read

via "National Vulnerability Database".

197 views00:32

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-35628 ‼

A SQL injection issue was discovered in the lux extension before 17.6.1, and 18.x through 24.x before 24.0.2, for TYPO3.

📖 Read

via "National Vulnerability Database".

237 views00:32

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-22022 ‼

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22041, CVE-2022-30206, CVE-2022-30226.

📖 Read

via "National Vulnerability Database".

275 views00:32

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-22036 ‼

Performance Counters for Windows Elevation of Privilege Vulnerability.

📖 Read

via "National Vulnerability Database".

368 views00:32

🛡 Cybersecurity & Privacy 🛡 - News

♟️ Microsoft Patch Tuesday, July 2022 Edition ♟️

Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant also has made a controversial decision to put the brakes on a plan to block macros in Office documents downloaded from the Internet.

📖 Read

via "Krebs on Security".

Krebs on Security

Microsoft Patch Tuesday, July 2022 Edition

Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant…

434 views01:47

🛡 Cybersecurity & Privacy 🛡 - News

❌ Large-Scale Phishing Campaign Bypasses MFA ❌

Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use victim mailboxes to launch BEC attacks against other targets.

📖 Read

via "Threat Post".

Threat Post

Large-Scale Phishing Campaign Bypasses MFA

Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use victim mailboxes to launch BEC attacks against other targets.

388 views12:08

About

Blog

Apps

Platform