ποΈ ParseThru: HTTP parameter smuggling flaw uncovered in several Go applications ποΈ
π Read
via "The Daily Swig".
Harbor, Traefik, and Skipper projects tackle unsafe URL parsing methodsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
ParseThru: HTTP parameter smuggling flaw uncovered in several Go applications
Harbor, Traefik, and Skipper projects tackle unsafe URL parsing methods
π1
βΌ CVE-2022-32963 βΌ
π Read
via "National Vulnerability Database".
OMICARD EDMΓ’β¬β’s mail file relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32965 βΌ
π Read
via "National Vulnerability Database".
OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code, manipulate system data and disrupt service.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-2653 βΌ
π Read
via "National Vulnerability Database".
With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35216 βΌ
π Read
via "National Vulnerability Database".
OMICARD EDMΓ’β¬β’s mail image relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32964 βΌ
π Read
via "National Vulnerability Database".
OMICARD EDMΓ’β¬β’s API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to access, modify, delete database or disrupt service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2652 βΌ
π Read
via "National Vulnerability Database".
Depending on the way the format strings in the card label are crafted it's possible to leak kernel stack memory. There is also the possibility for DoS due to the v4l2loopback kernel module crashing when providing the card label on request (reproduce e.g. with many %s modifiers in a row).π Read
via "National Vulnerability Database".
π΄ Ping Identity to Go Private After $2.8B Acquisition π΄
π Read
via "Dark Reading".
The identity-services company is being acquired by Thoma Bravo software investment for cash, before being delisted.π Read
via "Dark Reading".
Dark Reading
Ping Identity to Go Private After $2.8B Acquisition
The identity-services company is being acquired by Thoma Bravo software investment for cash, before being delisted.
π1
π΄ Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale π΄
π Read
via "Dark Reading".
Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.π Read
via "Dark Reading".
Dark Reading
Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale
Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.
π΄ The Myth of Protection Online β and What Comes Next π΄
π Read
via "Dark Reading".
It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.π Read
via "Dark Reading".
Dark Reading
The Myth of Protection Online β and What Comes Next
It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.
ποΈ Chromium site isolation bypass allows wide range of attacks on browsers ποΈ
π Read
via "The Daily Swig".
Flaw that opened the door to cookie modification and data theft resolvedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Chromium site isolation bypass allows wide range of attacks on browsers
Flaw that opened the door to cookie modification and data theft resolved
π΄ Massive China-Linked Disinformation Campaign Taps PR Firm for Help π΄
π Read
via "Dark Reading".
A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.π Read
via "Dark Reading".
Dark Reading
Massive China-Linked Disinformation Campaign Taps PR Firm for Help
A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.
βοΈ Scammers Sent Uber to Take Elderly Lady to the Bank βοΈ
π Read
via "Krebs on Security".
Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. In this case, the woman figured out she was being scammed before embarking for the bank, but her story is a chilling reminder of how far crooks will go these days to rip people off.π Read
via "Krebs on Security".
Krebs on Security
Scammers Sent Uber to Take Elderly Lady to the Bank
Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. In this case, theβ¦
βΌ CVE-2022-25168 βΌ
π Read
via "National Vulnerability Database".
Apache Hadoop's FileUtil.unTar(File, File) API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in Hadoop 2.x for yarn localization, which does enable remote code execution. It is used in Apache Spark, from the SQL command ADD ARCHIVE. As the ADD ARCHIVE command adds new binaries to the classpath, being able to execute shell scripts does not confer new permissions to the caller. SPARK-38305. "Check existence of file before untarring/zipping", which is included in 3.3.0, 3.1.4, 3.2.2, prevents shell commands being executed, regardless of which version of the hadoop libraries are in use. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.3 or upper (including HADOOP-18136).π Read
via "National Vulnerability Database".
β S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text] β
π Read
via "Naked Security".
Lastest episode - listen now! (Or read if that's what you prefer.)π Read
via "Naked Security".
Naked Security
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
Latest episode β listen now! (Or read if thatβs what you prefer.)
βΌ CVE-2022-31118 βΌ
π Read
via "National Vulnerability Database".
Nextcloud server is an open source personal cloud solution. In affected versions an attacker could brute force to find if federated sharing is being used and potentially try to brute force access tokens for federated shares (`a-zA-Z0-9` ^ 15). It is recommended that the Nextcloud Server is upgraded to 22.2.9, 23.0.6 or 24.0.2. Users unable to upgrade may disable federated sharing via the Admin Sharing settings in `index.php/settings/admin/sharing`.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31132 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php`π Read
via "National Vulnerability Database".
βΌ CVE-2022-31120 βΌ
π Read
via "National Vulnerability Database".
Nextcloud server is an open source personal cloud solution. The audit log is used to get a full trail of the actions which has been incompletely populated. In affected versions federated share events were not properly logged which would allow brute force attacks to go unnoticed. This behavior exacerbates the impact of CVE-2022-31118. It is recommended that the Nextcloud Server is upgraded to 22.2.7, 23.0.4 or 24.0.0. There are no workarounds available.π Read
via "National Vulnerability Database".
π΄ How Email Security Is Evolving π΄
π Read
via "Dark Reading".
Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.π Read
via "Dark Reading".
Dark Reading
How Email Security Is Evolving
Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.
π΄ High-Severity Bug in Kaspersky VPN Client Opens Door to PC Takeover π΄
π Read
via "Dark Reading".
The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.π Read
via "Dark Reading".
Dark Reading
Bug in Kaspersky VPN Client Allows Privilege Escalation
The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.
βΌ CVE-2022-34862 βΌ
π Read
via "National Vulnerability Database".
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when an LTM virtual server is configured to perform normalization, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.π Read
via "National Vulnerability Database".