🕴 BlackByte Ransomware Gang Returns With Twitter Presence, Tiered Pricing 🕴
📖 Read
via "Dark Reading".
Version 2.0 of the ransomware group's operation borrows extortion tactics from the LockBit 3.0 group.📖 Read
via "Dark Reading".
Dark Reading
BlackByte Ransomware Gang Returns With Twitter Presence, Tiered Pricing
Version 2.0 of the ransomware group's operation borrows extortion tactics from the LockBit 3.0 group.
👍2
🕴 State-Sponsored APTs Dangle Job Opps to Lure In Spy Victims 🕴
📖 Read
via "Dark Reading".
APTs continue to exploit the dynamic job market and the persistent phenomenon of remote working, as explored by PwC at Black Hat USA.📖 Read
via "Dark Reading".
Dark Reading
State-Sponsored APTs Dangle Job Opps to Lure In Spy Victims
APTs continue to exploit the dynamic job market and the persistent phenomenon of remote working, as explored by PwC at Black Hat USA.
🕴 Cybersecurity Solutions Must Evolve, Says Netography CEO 🕴
📖 Read
via "Dark Reading".
Just as cyber criminals change tactics and strategy for more effectiveness, so must infosec pros and their organizations, according to Martin Roesch of Netography.📖 Read
via "Dark Reading".
Darkreading
Cybersecurity Solutions Must Evolve, Says Netography CEO
Just as cyber criminals change tactics and strategy for more effectiveness, so must infosec pros and their organizations, according to Martin Roesch of Netography.
‼ CVE-2022-0542 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - DOM in GitHub repository chatwoot/chatwoot prior to 2.7.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22489 ‼
📖 Read
via "National Vulnerability Database".
IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226339.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23459 ‼
📖 Read
via "National Vulnerability Database".
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer types which may point to alterable data where the pointer itself is not updated. This issue exists on the current commit of the jsonxx project. The project itself has been archived and updates are not expected. Users are advised to find a replacement.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37175 ‼
📖 Read
via "National Vulnerability Database".
Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23460 ‼
📖 Read
via "National Vulnerability Database".
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized (ASAN) build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the current commit of the jsonxx project and the project itself has been archived. Updates are not expected. Users are advised to find a replacement.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36170 ‼
📖 Read
via "National Vulnerability Database".
MapGIS 10.5 Pro IGServer has hardcoded credentials in the front-end and can lead to escalation of privileges and arbitrary file deletion.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2788 ‼
📖 Read
via "National Vulnerability Database".
Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering station onto Windows in a way that executes the malicious code.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36031 ‼
📖 Read
via "National Vulnerability Database".
Directus is a free and open-source data platform for headless content management. The Directus process can be aborted by having an authorized user update the `filename_disk` value to a folder and accessing that file through the `/assets` endpoint. This vulnerability has been patched and release v9.15.0 contains the fix. Users are advised to upgrade. Users unable to upgrade may prevent this problem by making sure no (untrusted) non-admin users have permissions to update the `filename_disk` field on `directus_files`.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36009 ‼
📖 Read
via "National Vulnerability Database".
gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the `"events_default"` key of the `m.room.power_levels` event, defaulting the event default power level to zero in all cases. Power levels are the matrix terminology for user access level. In rooms where the `"events_default"` power level had been changed, this could result in events either being incorrectly authorised or rejected by Dendrite servers. gomatrixserverlib contains a fix as of commit `723fd49` and Dendrite 0.9.3 has been updated accordingly. Matrix rooms where the `"events_default"` power level has not been changed from the default of zero are not vulnerable. Users are advised to upgrade. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36008 ‼
📖 Read
via "National Vulnerability Database".
Frontier is Substrate's Ethereum compatibility layer. A security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause an overflow panic. No action is needed unless you have a bridge node that needs to distinguish different reversion exit reasons and you used RPC for this. There are currently no known workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36030 ‼
📖 Read
via "National Vulnerability Database".
Project-nexus is a general-purpose blog website framework. Affected versions are subject to SQL injection due to a lack of sensitization of user input. This issue has not yet been patched. Users are advised to restrict user input and to upgrade when a new release becomes available.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2909 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206845 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2921 ‼
📖 Read
via "National Vulnerability Database".
This will lead to privilege escalation from AP officers account to the System Administrator account. and gain more functionality such as Create/Update Companies. Install/Update Languages. Install/Activate Extensions. Install/Activate Themes. Install/Activate Chart of Accounts. Software Upgrade.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30036 ‼
📖 Read
via "National Vulnerability Database".
MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's position is that the product was designed for isolated networks. Also, the successor product, grandMA3, is not affected by this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36198 ‼
📖 Read
via "National Vulnerability Database".
Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, and buspassms/admin/edit-pass-detail.php📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36251 ‼
📖 Read
via "National Vulnerability Database".
Clinic's Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php.📖 Read
via "National Vulnerability Database".
❌ Fake Reservation Links Prey on Weary Travelers ❌
📖 Read
via "Threat Post".
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.📖 Read
via "Threat Post".
Threat Post
Fake Reservation Links Prey on Weary Travelers
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
‼ CVE-2022-1340 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.📖 Read
via "National Vulnerability Database".
👏1