π΄ Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene π΄
π Read
via "Dark Reading".
The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.π Read
via "Dark Reading".
Dark Reading
Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene
The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.
βΌ CVE-2022-0974 βΌ
π Read
via "National Vulnerability Database".
Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20891 βΌ
π Read
via "National Vulnerability Database".
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0971 βΌ
π Read
via "National Vulnerability Database".
Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0975 βΌ
π Read
via "National Vulnerability Database".
Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0977 βΌ
π Read
via "National Vulnerability Database".
Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0972 βΌ
π Read
via "National Vulnerability Database".
Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0973 βΌ
π Read
via "National Vulnerability Database".
Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0976 βΌ
π Read
via "National Vulnerability Database".
Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2327 βΌ
π Read
via "National Vulnerability Database".
io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859π Read
via "National Vulnerability Database".
βΌ CVE-2022-2209 βΌ
π Read
via "National Vulnerability Database".
io_uring uses work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. The mapping of flags is incomplete, which leads to multiple incorrect reference counts and hence use-after-free. We recommend upgrading past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859π Read
via "National Vulnerability Database".
ποΈ Grafana patches vulnerability that could lead to admin account takeover ποΈ
π Read
via "The Daily Swig".
Open source analytics platform fixes bug that could lead to authentication bypass, privilege escalationπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Grafana patches vulnerability that could lead to admin account takeover
Open source analytics platform fixes bug that could lead to authentication bypass, privilege escalation
β S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text] β
π Read
via "Naked Security".
Latest episode - listen, read or both!π Read
via "Naked Security".
Naked Security
S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]
Latest episode β listen, read or both!
β Apple patches β0-dayβ browser bug fixed 2 weeks ago in Chrome, Edge β
π Read
via "Naked Security".
One vendor's zero-day is another vendor's routine patch...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
ποΈ Zyxel firewall vulnerabilities left business networks open to abuse ποΈ
π Read
via "The Daily Swig".
Severity of code execution bug mitigated by βhigh uptakeβ of previous patchπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Zyxel firewall vulnerabilities left business networks open to abuse
Severity of code execution bug mitigated by βhigh uptakeβ of previous patch
βΌ CVE-2022-36131 βΌ
π Read
via "National Vulnerability Database".
The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31168 βΌ
π Read
via "National Vulnerability Database".
Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administrator privileges to one of their bots. The vulnerability is fixed in Zulip Server 5.5. Members who donΓΒ’Γ’β¬ÒβΒ’t own any bots, and lack permission to create them, canΓΒ’Γ’β¬ÒβΒ’t exploit the vulnerability. As a workaround for the vulnerability, an organization administrator can restrict the `Who can create bots` permission to administrators only, and change the ownership of existing bots.π Read
via "National Vulnerability Database".
π΄ What Firewalls Can β and Can't β Accomplish π΄
π Read
via "Dark Reading".
Understanding the limitations of firewalls is important to protecting the organization from evolving threats.π Read
via "Dark Reading".
Dark Reading
What Firewalls Can β and Can't β Accomplish
Understanding the limitations of firewalls is important to protecting the organization from evolving threats.
π Friday Five 7/22 π
π Read
via "".
A new PayPal phishing campaign makes the rounds, the FBI sounds the alarm on fake cryptocurrency apps, and more - catch up on the news of the week with the Friday Five!π Read
via "".
ποΈ βWeβre still fighting last decadeβs battleβ β Sonatype CTO Brian Fox on the struggle to secure the neglected software supply chain ποΈ
π Read
via "The Daily Swig".
Open source security expert warns there is still a βlong roadβ ahead to prepare for the next attack waveπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
βWeβre still fighting last decadeβs battleβ β Sonatype CTO Brian Fox on the struggle to secure the neglected software supply chain
Open source security expert warns there is still a βlong roadβ ahead to prepare for the next attack wave
βΌ CVE-2022-34509 βΌ
π Read
via "National Vulnerability Database".
The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party.π Read
via "National Vulnerability Database".