🗓️ Log4Shell legacy? Patching times plummet for most critical vulnerabilities – report 🗓️
📖 Read
via "The Daily Swig".
Trustwave report also finds 2022 is set to surpass 2021 for volume of critical CVEs📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Log4Shell legacy? Patching times plummet for most critical vulnerabilities – report
Trustwave report also finds 2022 is set to surpass 2021 for volume of critical CVEs
🛠 Zeek 5.0.1 🛠
📖 Read
via "Packet Storm Security".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.📖 Read
via "Packet Storm Security".
Packetstormsecurity
Zeek 5.0.1 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
❌ Watering Hole Attacks Push ScanBox Keylogger ❌
📖 Read
via "Threat Post".
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.📖 Read
via "Threat Post".
Threat Post
Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
‼ CVE-2022-37149 ‼
📖 Read
via "National Vulnerability Database".
WAVLINK WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability when operating the file adm.cgi. This vulnerability allows attackers to execute arbitrary commands via the username parameter.📖 Read
via "National Vulnerability Database".
⚠ JavaScript bugs aplenty in Node.js ecosystem – found automatically ⚠
📖 Read
via "Naked Security".
How to get the better of bugs in all the possible packages in your supply chain?📖 Read
via "Naked Security".
Naked Security
JavaScript bugs aplenty in Node.js ecosystem – found automatically
How to get the better of bugs in all the possible packages in your supply chain?
🕴 Security Culture: An OT Survival Story 🕴
📖 Read
via "Dark Reading".
The relationship between information technology and operational technology will need top-down support if a holistic security culture is to truly thrive.📖 Read
via "Dark Reading".
Dark Reading
Security Culture: An OT Survival Story
The relationship between information technology and operational technology will need top-down support if a holistic security culture is to truly thrive.
🕴 Chinese Hackers Target Energy Sector in Australia, South China Sea 🕴
📖 Read
via "Dark Reading".
The phishing campaign deploying a ScanBox reconnaissance framework has targeted the Australian government and companies maintaining wind turbines in the South China Sea.📖 Read
via "Dark Reading".
Dark Reading
Chinese Hackers Target Energy Sector in Australia, South China Sea
The phishing campaign deploying a ScanBox reconnaissance framework has targeted the Australian government and companies maintaining wind turbines in the South China Sea.
‼ CVE-2022-37176 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36552 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37237 ‼
📖 Read
via "National Vulnerability Database".
An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely. Affected version is below commit 7d8b212a3c3368bc2f6507cb74664fc419eb9327.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-29864 ‼
📖 Read
via "National Vulnerability Database".
IBM Security Identity Manager 6.0 and 6.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 206089📖 Read
via "National Vulnerability Database".
🕴 Don't Let 'Perfect' Be the Enemy of a Good AppSec Program 🕴
📖 Read
via "Dark Reading".
These five suggestions provide a great place to start building a scalable and affordable program for creating secure apps.📖 Read
via "Dark Reading".
Dark Reading
Don't Let 'Perfect' Be the Enemy of a Good AppSec Program
These five suggestions provide a great place to start building a scalable and affordable program for creating secure apps.
🕴 New ODGen Tool Unearths 180 Zero-Days in Node.js Libraries 🕴
📖 Read
via "Dark Reading".
New graph-based tool offers a better alternative to current approaches for finding vulnerabilities in JavaScript code, they note.📖 Read
via "Dark Reading".
Dark Reading
New ODGen Tool Unearths 180 Zero-Days in Node.js Libraries
New graph-based tool offers a better alternative to current approaches for finding vulnerabilities in JavaScript code, they note.
‼ CVE-2022-36563 ‼
📖 Read
via "National Vulnerability Database".
Incorrect access control in the install directory (C:\RailsInstaller) of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34368 ‼
📖 Read
via "National Vulnerability Database".
Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36561 ‼
📖 Read
via "National Vulnerability Database".
XPDF v4.0.4 was discovered to contain a segmentation violation via the component /xpdf/AcroForm.cc:538.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37173 ‼
📖 Read
via "National Vulnerability Database".
An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36565 ‼
📖 Read
via "National Vulnerability Database".
Incorrect access control in the install directory (C:\Wamp64) of Wamp v3.2.6 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33935 ‼
📖 Read
via "National Vulnerability Database".
Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36657 ‼
📖 Read
via "National Vulnerability Database".
Library Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /librarian/edit_book_details.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34374 ‼
📖 Read
via "National Vulnerability Database".
Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to to execute arbitrary OS commands on the affected system.📖 Read
via "National Vulnerability Database".