🕴 5 Russia-Linked Groups Target Ukraine in Cyberwar 🕴
📖 Read
via "Dark Reading".
Information on the attributed cyberattacks conducted since the beginning of the Russia-Ukraine war shows that a handful of groups conducted more than two dozen attacks.📖 Read
via "Dark Reading".
Dark Reading
5 Russia-Linked Groups Target Ukraine in Cyberwar
Information on the attributed cyberattacks conducted since the beginning of the Russia-Ukraine war shows that a handful of groups conducted more than two dozen attacks.
‼ CVE-2022-37060 ‼
📖 Read
via "National Vulnerability Database".
FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files located outside of the server's restricted path.📖 Read
via "National Vulnerability Database".
🕴 Mac Attack: North Korea's Lazarus APT Targets Apple's M1 Chip 🕴
📖 Read
via "Dark Reading".
Lazarus continues to expand an aggressive, ongoing spy campaign, using fake Coinbase job openings to lure in victims.📖 Read
via "Dark Reading".
Dark Reading
Mac Attack: North Korea's Lazarus APT Targets Apple's M1 Chip
Lazarus continues to expand an aggressive, ongoing spy campaign, using fake Coinbase job openings to lure in victims.
‼ CVE-2022-36023 ‼
📖 Read
via "National Vulnerability Database".
Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. Version 2.4.6 checks for the malformed gateway request and returns an error to the gateway client. There are no known workarounds, users must upgrade to version 2.4.6.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2874 ‼
📖 Read
via "National Vulnerability Database".
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0223.📖 Read
via "National Vulnerability Database".
🕴 China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload 🕴
📖 Read
via "Dark Reading".
The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access.📖 Read
via "Dark Reading".
Dark Reading
China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload
The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access.
👍1
‼ CVE-2020-27787 ‼
📖 Read
via "National Vulnerability Database".
A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35174 (starterkit) ‼
📖 Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37061 (flir_ax8_firmware) ‼
📖 Read
via "National Vulnerability Database".
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2625 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability found in postgresql. On this security issue an attack requires permission to create non-temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there's no need to modify individual extensions.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-32862 ‼
📖 Read
via "National Vulnerability Database".
The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer).📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27790 ‼
📖 Read
via "National Vulnerability Database".
A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service. The highest impact is to Availability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35975 ‼
📖 Read
via "National Vulnerability Database".
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that are shared amongst other users are affected by this issue. The only safe mitigation is to update to the latest version of the extension.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37063 (flir_ax8_firmware) ‼
📖 Read
via "National Vulnerability Database".
All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the attacker to insert malicious JavaScript code.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37422 ‼
📖 Read
via "National Vulnerability Database".
Payara through 5.2022.2 allows directory traversal without authentication. This affects Payara Server, Payara Micro, and Payara Server Embedded.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35204 ‼
📖 Read
via "National Vulnerability Database".
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37062 (flir_ax8_firmware) ‼
📖 Read
via "National Vulnerability Database".
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35976 ‼
📖 Read
via "National Vulnerability Database".
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or users are affected by this issue. Please note that the vulnerability is specific to this extension, and the same kubeconfig would not result in arbitrary code execution when used with kubectl. Using only trust-worthy kubeconfigs is a safe mitigation. However, updating to the latest version of the extension is still highly recommended.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35175 (barangay_management_system) ‼
📖 Read
via "National Vulnerability Database".
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /blotter/blotter.php.📖 Read
via "National Vulnerability Database".
🕴 Easing the Cyber-Skills Crisis With Staff Augmentation 🕴
📖 Read
via "Dark Reading".
Filling cybersecurity roles can be costly, slow, and chancy. More firms are working with third-party service providers to quickly procure needed expertise.📖 Read
via "Dark Reading".
Dark Reading
Easing the Cyber-Skills Crisis With Staff Augmentation
Filling cybersecurity roles can be costly, slow, and chancy. More firms are working with third-party service providers to quickly procure needed expertise.
‼ CVE-2021-33128 ‼
📖 Read
via "National Vulnerability Database".
Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.1.9 may allow a privileged user to potentially enable denial of service via local access.📖 Read
via "National Vulnerability Database".