π΄ After Colonial Pipeline, Critical Infrastructure Operators Remain Blind to Cyber-Risks π΄
π Read
via "Dark Reading".
In her keynote address at Black Hat USA 2022, Kim Zetter gives scathing rebuke of Colonial Pipeline attack.π Read
via "Dark Reading".
Dark Reading
After Colonial Pipeline, Critical Infrastructure Operators Remain Blind to Cyber-Risks
In her keynote address at Black Hat USA 2022, Kim Zetter gives a scathing rebuke of Colonial Pipeline for not foreseeing the attack.
π΄ Microsoft: We Don't Want to Zero-Day Our Customers π΄
π Read
via "Dark Reading".
The head of Microsoft's Security Response Center defends keeping its initial vulnerability disclosures sparse -- it is, she says, to protect customers.π Read
via "Dark Reading".
Dark Reading
Microsoft: We Don't Want to Zero-Day Our Customers
The head of Microsoft's Security Response Center defends keeping its initial vulnerability disclosures sparse β it is, she says, to protect customers.
βΌ CVE-2022-2779 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in SourceCodester Gas Agency Management System. Affected by this vulnerability is an unknown functionality of the file /gasmark/assets/myimages/oneWord.php. The manipulation of the argument shell leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206173 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2390 βΌ
π Read
via "National Vulnerability Database".
Apps developed with Google Play Services SDK incorrectly had the mutability flag set to PendingIntents that were passed to the Notification service. As Google Play services SDK is so widely used, this bug affects many applications. For an application affected, this bug will let the attacker, gain the access to all non-exported providers and/or gain the access to other providers the victim has permissions. We recommend upgrading to version 18.0.2 of the Play Service SDK as well as rebuilding and redeploying apps.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2503 βΌ
π Read
via "National Vulnerability Database".
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5π Read
via "National Vulnerability Database".
βΌ CVE-2022-38179 βΌ
π Read
via "National Vulnerability Database".
JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attackπ Read
via "National Vulnerability Database".
βΌ CVE-2022-38180 βΌ
π Read
via "National Vulnerability Database".
In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some casesπ Read
via "National Vulnerability Database".
ποΈ GoTestWAF adds API attack testing via OpenAPI support ποΈ
π Read
via "The Daily Swig".
CI/CD support is next for WAF security toolπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
GoTestWAF adds API attack testing via OpenAPI support
CI/CD support is next for WAF security tool
β Facebookβs In-app Browser on iOS Tracks βAnything You Do on Any Websiteβ β
π Read
via "Threat Post".
Researcher shows how Instagram and Facebookβs use of an in-app browser within both its iOS apps can track interactions with external websites.π Read
via "Threat Post".
Threat Post
Facebookβs In-app Browser on iOS Tracks βAnything You Do on Any Websiteβ
Researcher shows how Instagram and Facebookβs use of an in-app browser within both its iOS apps can track interactions with external websites.
β S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text] β
π Read
via "Naked Security".
Latest episode - listen now! (Or read the transcript if you prefer.)π Read
via "Naked Security".
Naked Security
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
Latest episode β listen now! (Or read the transcript if you prefer.)
π΄ How to Clear Security Obstacles and Achieve Cloud Nirvana π΄
π Read
via "Dark Reading".
Back-end complexity of cloud computing means there's plenty of potential for security problems. Here's how to get a better handle on SaaS application security.π Read
via "Dark Reading".
Dark Reading
How to Clear Security Obstacles and Achieve Cloud Nirvana
Back-end complexity of cloud computing means there's plenty of potential for security problems. Here's how to get a better handle on SaaS application security.
ποΈ BHUSA: Make sure your security bug bounty program doesnβt create a data leak of its own ποΈ
π Read
via "The Daily Swig".
Researchers, organizations, and bug disclosure platforms can all make improvements to help protect user dataπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
BHUSA: Make sure your security bug bounty program doesnβt create a data leak of its own
Researchers, organizations, and bug disclosure platforms can all make improvements to help protect user data
π Friday Five 8/12 π
π Read
via "".
Twitterβs latest security incident, ransomware gangs, and state-sponsored hackers have taken over the news this past week. Catch up on all the latest with this weekβs Friday Five!
π Read
via "".
ποΈ IT industry guilty of βlack of imaginationβ in failure to anticipate cyber-attack evolution ποΈ
π Read
via "The Daily Swig".
βWe have a habit of reacting to threats after they occur, rather than preparing for them,β journalist Kim Zetter tells Black Hatπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
IT industry guilty of βlack of imaginationβ in failure to anticipate cyber-attack evolution
βWe have a habit of reacting to threats after they occur, rather than preparing for them,β journalist Kim Zetter tells Black Hat
π GNUnet P2P Framework 0.17.4 π
π Read
via "Packet Storm Security".
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.π Read
via "Packet Storm Security".
Packetstormsecurity
GNUnet P2P Framework 0.17.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Novel Ransomware Comes to the Sophisticated SOVA Android Banking Trojan π΄
π Read
via "Dark Reading".
Unusually, SOVA, which targets US users, now allows lateral movement for deeper data access. Version 5 adds an encryption capability.π Read
via "Dark Reading".
Dark Reading
Novel Ransomware Comes to the Sophisticated SOVA Android Banking Trojan
Unusually, SOVA, which targets US users, now allows lateral movement for deeper data access. Version 5 adds an encryption capability.
βοΈ Sounding the Alarm on Emergency Alert System Flaws βοΈ
π Read
via "Krebs on Security".
The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System -- a national public warning system used to deliver important emergency information, such as severe weather and AMBER alerts. The DHS warning came in advance of a workshop to be held this weekend at the DEFCON security conference in Las Vegas, where a security researcher is slated to demonstrate multiple weaknesses in the nationwide alert system.π Read
via "Krebs on Security".
Krebs on Security
Sounding the Alarm on Emergency Alert System Flaws
The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System -- a national public warning system used to deliver important emergency information, such asβ¦
βΌ CVE-2022-20314 βΌ
π Read
via "National Vulnerability Database".
In KeyChain, there is a possible spoof keychain chooser activity request due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-191876118π Read
via "National Vulnerability Database".
βΌ CVE-2022-20309 βΌ
π Read
via "National Vulnerability Database".
In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194694094π Read
via "National Vulnerability Database".
βΌ CVE-2022-20262 βΌ
π Read
via "National Vulnerability Database".
In ActivityManager, there is a possible way to check another process's capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218338453π Read
via "National Vulnerability Database".
βΌ CVE-2022-20295 βΌ
π Read
via "National Vulnerability Database".
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-202160584π Read
via "National Vulnerability Database".