βοΈ No SOCKS, No Shoes, No Malware Proxy Services! βοΈ
π Read
via "Krebs on Security".
With the recent demise of several popular "proxy" services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers.π Read
via "Krebs on Security".
Krebs on Security
No SOCKS, No Shoes, No Malware Proxy Services!
With the recent demise of several popular "proxy" services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. Compounding the problem, severalβ¦
π΄ Manufacturing Sector in 2022 Is More Vulnerable to Account Compromise and Supply Chain Attacks in the Cloud than Other Verticals π΄
π Read
via "Dark Reading".
Netwrix study reveals that manufacturing organizations experienced these types of attacks more often than any other industry surveyed.π Read
via "Dark Reading".
Dark Reading
Manufacturing Sector in 2022 Is More Vulnerable to Account Compromise and Supply Chain Attacks in the Cloud than Other Verticals
Netwrix study reveals that manufacturing organizations experienced these types of attacks more often than any other industry surveyed.
π΄ From Babuk Source Code to Darkside Custom Listings β Exposing a Thriving Ransomware Marketplace on the Dark Web π΄
π Read
via "Dark Reading".
Venafi investigation of 35 million Dark Web URLs shows macro-enabled ransomware widely available at bargain prices.π Read
via "Dark Reading".
Dark Reading
From Babuk Source Code to Darkside Custom Listings β Exposing a Thriving Ransomware Marketplace on the Dark Web
Venafi investigation of 35 million Dark Web URLs shows macro-enabled ransomware widely available at bargain prices.
π΄ Massive New Phishing Campaign Targets Microsoft Email Service Users π΄
π Read
via "Dark Reading".
The campaign uses adversary-in-the-middle techniques to bypass multifactor authentication, evade detection.π Read
via "Dark Reading".
Dark Reading
Massive New Phishing Campaign Targets Microsoft Email Service Users
The campaign uses adversary-in-the-middle techniques to bypass multifactor authentication, evade detection.
π΄ Large Language AI Models Have Real Security Benefits π΄
π Read
via "Dark Reading".
Complex neural networks, including GPT-3, can deliver useful cybersecurity capabilities such as explaining malware and quickly classifying websites, researchers find.π Read
via "Dark Reading".
Dark Reading
Large Language AI Models Have Real Security Benefits
Complex neural networks, including GPT-3, can deliver useful cybersecurity capabilities, such as explaining malware and quickly classifying websites, researchers find.
βΌ CVE-2022-35925 βΌ
π Read
via "National Vulnerability Database".
BookWyrm is a social network for tracking reading. Versions prior to 0.4.5 were found to lack rate limiting on authentication views which allows brute-force attacks. This issue has been patched in version 0.4.5. Admins with existing instances will need to update their `nginx.conf` file that was created when the instance was set up. Users are advised advised to upgrade. Users unable to upgrade may update their nginx.conf files with the changes manually.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34924 βΌ
π Read
via "National Vulnerability Database".
Lanling OA Landray Office Automation (OA) internal patch number #133383/#137780 contains an arbitrary file read vulnerability via the component /sys/ui/extend/varkind/custom.jsp.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35923 βΌ
π Read
via "National Vulnerability Database".
v8n is a javascript validation library. Versions of v8n prior to 1.5.1 were found to have an inefficient regular expression complexity in the `lowercase()` and `uppercase()` regex which could lead to a denial of service attack. In testing of the `lowercase()` function a payload of 'a' + 'a'.repeat(i) + 'A' with 32 leading characters took 29443 ms to execute. The same issue happens with uppercase(). Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
π΄ Thousands of Mobile Apps Leaking Twitter API Keys π΄
π Read
via "Dark Reading".
New finding comes amid report of overall surge in threats targeting mobile and IoT devices over the past year.π Read
via "Dark Reading".
Dark Reading
Thousands of Mobile Apps Leaking Twitter API Keys
New finding comes amid report of overall surge in threats targeting mobile and IoT devices over the past year.
β Universities Put Email Users at Cyber Risk β
π Read
via "Threat Post".
DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails.π Read
via "Threat Post".
Threat Post
Universities Put Email Users at Cyber Risk
DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails.
βΌ CVE-2022-37035 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation.π Read
via "National Vulnerability Database".
π€―1
βΌ CVE-2022-29807 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34619 βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29808 βΌ
π Read
via "National Vulnerability Database".
In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation occurs when appliance linking is enabled.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36968 βΌ
π Read
via "National Vulnerability Database".
In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36967 βΌ
π Read
via "National Vulnerability Database".
In Progress WS_FTP Server prior to version 8.7.3, multiple reflected cross-site scripting (XSS) vulnerabilities exist in the administrative web interface. It is possible for a remote attacker to inject arbitrary JavaScript into a WS_FTP administrator's web session. This would allow the attacker to execute code within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30285 βΌ
π Read
via "National Vulnerability Database".
In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash collision is possible during authentication. This may allow authentication with invalid credentials.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33917 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the Arm Mali GPU Kernel Driver (Valhall r29p0 through r38p0). A non-privileged user can make improper GPU processing operations to gain access to already freed memory.π Read
via "National Vulnerability Database".
π’ UK safety tech sees another year of growth, amidst backlash π’
π Read
via "ITPro".
Record investment in the sector has led to widespread implementation of safety measures, but rights groups and some experts still aren't convincedπ Read
via "ITPro".
IT PRO
UK safety tech sees another year of growth, amidst backlash | IT PRO
Record investment in the sector has led to widespread implementation of safety measures, but rights groups and some experts still aren't convinced
π’ First Choice Community Healthcare hit by data breach π’
π Read
via "ITPro".
The Albuquerque-based firm first learned of the breach in March 2022π Read
via "ITPro".
IT PRO
First Choice Community Healthcare hit by data breach | IT PRO
The Albuquerque-based firm first learned of the breach in March 2022
π’ Tim Hortons 'offers free coffee and donut' to app users to settle data lawsuit π’
π Read
via "ITPro".
Canadian privacy commissioners found that the coffee giant had tracked and recorded the movements of its app users every few minutes of the day, even when the app wasnβt openπ Read
via "ITPro".
IT PRO
Tim Hortons 'offers free coffee and donut' to app users to settle data lawsuit | IT PRO
Canadian privacy commissioners found that the coffee giant had tracked and recorded the movements of its app users every few minutes of the day, even when the app wasnβt open