π΄ Opus Security Emerges from Stealth with $10M in Funding for Cloud SecOps and Remediation Processes π΄
π Read
via "Dark Reading".
Siemplify veterans introduce Cloud Security Orchestration and Remediation platform, backed by high-profile investors including YL Ventures, Tiger Global, and CEOs of CrowdStrike and CyberArkπ Read
via "Dark Reading".
Dark Reading
Opus Security Emerges from Stealth with $10M in Funding for Cloud SecOps and Remediation Processes
Siemplify veterans introduce Cloud Security Orchestration and Remediation platform, backed by high-profile investors including YL Ventures, Tiger Global, and CEOs of CrowdStrike and CyberArk
π΄ Name That Toon: Shiver Me Timbers! π΄
π Read
via "Dark Reading".
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading".
Dark Reading
Name That Toon: Shiver Me Timbers!
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
π CISA Seeks Comment on Cyber Incident Reporting Rules π
π Read
via "".
CISA has taken the first step towards implementing a law that will require U.S. critical infrastructure to report cybersecurity incidents to the government.π Read
via "".
π€1π€―1
βΌ CVE-2022-36020 βΌ
π Read
via "National Vulnerability Database".
The typo3/html-sanitizer package is an HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. Due to a parsing issue in the upstream package `masterminds/html5`, malicious markup used in a sequence with special HTML comments cannot be filtered and sanitized. This allows for a bypass of the cross-site scripting mechanism of `typo3/html-sanitizer`. This issue has been addressed in versions 1.0.7 and 2.0.16 of the `typo3/html-sanitizer` package. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36103 βΌ
π Read
via "National Vulnerability Database".
Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR (certificate signing request) Talos control plane node might issue Talos API certificate which allows full access to Talos API on a control plane node. Accessing Talos API with full level access on a control plane node might reveal sensitive information which allows full level access to the cluster (Kubernetes and Talos PKI, etc.). Talos API join token is stored in the machine configuration on the worker node. When configured correctly, Kubernetes workloads don't have access to the machine configuration, but due to a misconfiguration workload might access the machine configuration and reveal the join token. This problem has been fixed in Talos 1.2.2. Enabling the Pod Security Standards mitigates the vulnerability by denying hostPath mounts and host networking by default in the baseline policy. Clusters that don't run untrusted workloads are not affected. Clusters with correct Pod Security configurations which don't allow hostPath mounts, and secure access to cloud metadata server (or machine configuration is not supplied via cloud metadata server) are not affected.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35298 βΌ
π Read
via "National Vulnerability Database".
SAP NetWeaver Enterprise Portal (KMC) - version 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. KMC servlet is vulnerable to XSS attack. The execution of script content by a victim registered on the portal could compromise the confidentiality and integrity of victimΓ’β¬β’s web browser session.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35292 βΌ
π Read
via "National Vulnerability Database".
In SAP Business One application when a service is created, the executable path contains spaces and isnΓ’β¬β’t enclosed within quotes, leading to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges. If the service is exploited by adversaries, it can be used to gain privileged permissions on a system or network leading to high impact on Confidentiality, Integrity, and Availability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3170 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id->name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially escalate their privileges on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2022-39799 βΌ
π Read
via "National Vulnerability Database".
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35295 βΌ
π Read
via "National Vulnerability Database".
Under certain conditions, the application SAP BusinessObjects Business Intelligence Platform (Version Management System) - versions 420, 430, exposes sensitive information to an actor over the network with high privileges that is not explicitly authorized to have access to that information, leading to a high impact on Confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3179 βΌ
π Read
via "National Vulnerability Database".
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-39801 βΌ
π Read
via "National Vulnerability Database".
SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the firewall. On successful exploitation the attacker can gain access to admin session and completely compromise the application.π Read
via "National Vulnerability Database".
βΌ CVE-2022-39014 βΌ
π Read
via "National Vulnerability Database".
Under certain conditions SAP BusinessObjects Business Intelligence Platform Central Management Console (CMC) - version 430, allows an attacker to access certain unencrypted sensitive parameters which would otherwise be restricted.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35294 βΌ
π Read
via "National Vulnerability Database".
An attacker with basic business user privileges could craft and upload a malicious file to SAP NetWeaver Application Server ABAP, which is then downloaded and viewed by other users resulting in a stored Cross-Site-Scripting attack. This could lead to information disclosure including stealing authentication information and impersonating the affected user.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3029 βΌ
π Read
via "National Vulnerability Database".
In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files that isnΓΒ’Γ’β¬ÒβΒ’t correctly base 64 encoded is treated as a fatal error and causes Routinator to exit. Worst case impact of this vulnerability is denial of service for the RPKI data that Routinator provides to routers. This may stop your network from validating route origins based on RPKI data. This vulnerability does not allow an attacker to manipulate RPKI data.π Read
via "National Vulnerability Database".
π΄ Cyberattackers Abuse Facebook Ad Manager in Savvy Credential-Harvesting Campaign π΄
π Read
via "Dark Reading".
Facebook lead-generation forms are being repurposed to collect passwords and credit card information from unsuspecting Facebook advertisers.π Read
via "Dark Reading".
Dark Reading
Cyberattackers Abuse Facebook Ad Manager in Savvy Credential-Harvesting Campaign
Facebook lead-generation forms are being repurposed to collect passwords and credit card information from unsuspecting Facebook advertisers.
π΄ U-Haul Customer Contract Search Tool Compromised π΄
π Read
via "Dark Reading".
Password compromise led to unauthorized access to a customer contract search tool over a five-month window, according to the company.π Read
via "Dark Reading".
Dark Reading
U-Haul Customer Contract Search Tool Compromised
Password compromise led to unauthorized access to a customer contract search tool over a five-month window, according to the company.
π΄ ShadowPad Threat Actors Return With Fresh Government Strikes, Updated Tools π΄
π Read
via "Dark Reading".
Cyber spies are using legitimate apps for DLL sideloading, deploying an updated range of malware, including the new "Logdatter" info-stealer.π Read
via "Dark Reading".
Dark Reading
ShadowPad Threat Actors Return With Fresh Government Strikes, Updated Tools
Cyber spies are using legitimate apps for DLL sideloading, deploying an updated range of malware, including the new "Logdatter" info-stealer.
βΌ CVE-2022-26929 βΌ
π Read
via "National Vulnerability Database".
.NET Framework Remote Code Execution Vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35830 βΌ
π Read
via "National Vulnerability Database".
Remote Procedure Call Runtime Remote Code Execution Vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34722 βΌ
π Read
via "National Vulnerability Database".
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34721.π Read
via "National Vulnerability Database".