π΄ Should Hacking Have A Code Of Conduct? π΄
π Read
via "Dark Reading".
For white hats who play by the rules, here are five ethical tenets to consider.π Read
via "Dark Reading".
Dark Reading
Attacks/Breaches recent news | page 1 of 869 | Dark Reading
Breaking news, news analysis, and expert commentary on cyberattacks and data breaches, as well as tools, technologies, and practices for threat defense
βΌ CVE-2022-20364 βΌ
π Read
via "National Vulnerability Database".
In sysmmu_unmap of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233606615References: N/Aπ Read
via "National Vulnerability Database".
βΌ CVE-2022-3212 βΌ
π Read
via "National Vulnerability Database".
<bytes::Bytes as axum_core::extract::FromRequest>::from_request would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large (or infinite) body your server might run out of memory and crash. This also applies to these extractors which used Bytes::from_request internally: axum::extract::Form axum::extract::Json Stringπ Read
via "National Vulnerability Database".
βΌ CVE-2022-0029 βΌ
π Read
via "National Vulnerability Database".
An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20231 βΌ
π Read
via "National Vulnerability Database".
In smc_intc_request_fiq of arm_gic.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211485702References: N/Aπ Read
via "National Vulnerability Database".
βΌ CVE-2021-38924 βΌ
π Read
via "National Vulnerability Database".
IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 210163.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31143 βΌ
π Read
via "National Vulnerability Database".
GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. It was found that in affected versions there is an exposure of private information defined in setup of GLPI (like smtp or cas hosts). Note that passwords are not exposed. Users are advised to upgrade to version 10.0.3. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36113 βΌ
π Read
via "National Vulnerability Database".
Cargo is a package manager for the rust programming language. After a package is downloaded, Cargo extracts its source code in the ~/.cargo folder on disk, making it available to the Rust projects it builds. To record when an extraction is successful, Cargo writes "ok" to the .cargo-ok file at the root of the extracted source code once it extracted all the files. It was discovered that Cargo allowed packages to contain a .cargo-ok symbolic link, which Cargo would extract. Then, when Cargo attempted to write "ok" into .cargo-ok, it would actually replace the first two bytes of the file the symlink pointed to with ok. This would allow an attacker to corrupt one file on the machine using Cargo to extract the package. Note that by design Cargo allows code execution at build time, due to build scripts and procedural macros. The vulnerabilities in this advisory allow performing a subset of the possible damage in a harder to track down way. Your dependencies must still be trusted if you want to be protected from attacks, as it's possible to perform the same attacks with build scripts and procedural macros. The vulnerability is present in all versions of Cargo. Rust 1.64, to be released on September 22nd, will include a fix for it. Since the vulnerability is just a more limited way to accomplish what a malicious build scripts or procedural macros can do, we decided not to publish Rust point releases backporting the security fix. Patch files are available for Rust 1.63.0 are available in the wg-security-response repository for people building their own toolchain. Mitigations We recommend users of alternate registries to exercise care in which package they download, by only including trusted dependencies in their projects. Please note that even with these vulnerabilities fixed, by design Cargo allows arbitrary code execution at build time thanks to build scripts and procedural macros: a malicious dependency will be able to cause damage regardless of these vulnerabilities. crates.io implemented server-side checks to reject these kinds of packages years ago, and there are no packages on crates.io exploiting these vulnerabilities. crates.io users still need to exercise care in choosing their dependencies though, as remote code execution is allowed by design there as well.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1972 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2078. Reason: This candidate is a reservation duplicate of CVE-2022-2078. Notes: All CVE users should reference CVE-2022-2078 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36114 βΌ
π Read
via "National Vulnerability Database".
Cargo is a package manager for the rust programming language. It was discovered that Cargo did not limit the amount of data extracted from compressed archives. An attacker could upload to an alternate registry a specially crafted package that extracts way more data than its size (also known as a "zip bomb"), exhausting the disk space on the machine using Cargo to download the package. Note that by design Cargo allows code execution at build time, due to build scripts and procedural macros. The vulnerabilities in this advisory allow performing a subset of the possible damage in a harder to track down way. Your dependencies must still be trusted if you want to be protected from attacks, as it's possible to perform the same attacks with build scripts and procedural macros. The vulnerability is present in all versions of Cargo. Rust 1.64, to be released on September 22nd, will include a fix for it. Since the vulnerability is just a more limited way to accomplish what a malicious build scripts or procedural macros can do, we decided not to publish Rust point releases backporting the security fix. Patch files are available for Rust 1.63.0 are available in the wg-security-response repository for people building their own toolchain. We recommend users of alternate registries to excercise care in which package they download, by only including trusted dependencies in their projects. Please note that even with these vulnerabilities fixed, by design Cargo allows arbitrary code execution at build time thanks to build scripts and procedural macros: a malicious dependency will be able to cause damage regardless of these vulnerabilities. crates.io implemented server-side checks to reject these kinds of packages years ago, and there are no packages on crates.io exploiting these vulnerabilities. crates.io users still need to excercise care in choosing their dependencies though, as the same concerns about build scripts and procedural macros apply here.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1835 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29922 βΌ
π Read
via "National Vulnerability Database".
Improper Input Validation vulnerability in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. The vulnerability may cause a denial-of-service on the IEC 61850 OPC Server part of the SYS600 product. This issue affects: Hitachi Energy MicroSCADA Pro SYS600 version 9.4 FP2 Hotfix 4 and earlier versions Hitachi Energy MicroSCADA X SYS600 version 10 to version 10.3.1. cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*π Read
via "National Vulnerability Database".
βΌ CVE-2022-2277 βΌ
π Read
via "National Vulnerability Database".
Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP stack during the ICCP communication establishment causes a denial-of-service when ICCP of SYS600 is request to forward any data item updates with timestamps too distant in the future to any remote ICCP system. By default, ICCP is not configured and not enabled. This issue affects: Hitachi Energy MicroSCADA X SYS600 version 10.2 to version 10.3.1. cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*π Read
via "National Vulnerability Database".
βοΈ Say Hello to Crazy Thin βDeep Insertβ ATM Skimmers βοΈ
π Read
via "Krebs on Security".
A number of financial institutions in and around New York City are dealing with a rash of super-thin "deep insert" card skimming devices designed to fit inside the mouth of an ATM's card acceptance slot. The card skimmers are paired with tiny pinhole cameras that are cleverly disguised as part of the cash machine. Here's a look at some of the more sophisticated deep insert skimmer technology that fraud investigators have recently found in the wild.π Read
via "Krebs on Security".
Krebs on Security
Say Hello to Crazy Thin βDeep Insertβ ATM Skimmers
A number of financial institutions in and around New York City are dealing with a rash of super-thin "deep insert" card skimming devices designed to fit inside the mouth of an ATM's card acceptance slot. The card skimmers are pairedβ¦
π2
π’ Infinigate becomes sole distributor of the Cybereason Defense Platform in Europe π’
π Read
via "ITPro".
Exclusive distribution agreement aims to help more organisations detect and respond to cyberattacks at speed and scaleπ Read
via "ITPro".
IT PRO
Infinigate becomes sole distributor of the Cybereason Defense Platform in Europe | IT PRO
Exclusive distribution agreement aims to help more organisations detect and respond to cyberattacks at speed and scale
π’ Cisco confirms data breach following Yanluowang ransomware attack in May π’
π Read
via "ITPro".
The tech giant insists its business was unaffected by the attackπ Read
via "ITPro".
IT PRO
Cisco confirms data breach following Yanluowang ransomware attack in May | IT PRO
The tech giant insists its business was unaffected by the attack
π’ Gartner: Most businesses are dropping security vendors to improve cyber resiliency π’
π Read
via "ITPro".
The vast majority of organisations around the world are pursuing vendor consolidation to improve security and decrease complexityπ Read
via "ITPro".
IT PRO
Gartner: Most businesses are dropping security vendors to improve cyber resiliency | IT PRO
The vast majority of organisations around the world are pursuing vendor consolidation to improve security and decrease complexity
π’ Apple patches yet another zero-day flaw in substantial security update π’
π Read
via "ITPro".
The updates include fixes for kernel-level code execution bugs, privacy issues, and more - all impacting iPhone and iPad usersπ Read
via "ITPro".
ITPro
Apple patches yet another zero-day flaw in substantial security update
The updates include fixes for kernel-level code execution bugs, privacy issues, and more - all impacting iPhone and iPad users
π’ US Commerce Department inks deal with Google to develop chips for researchers π’
π Read
via "ITPro".
The news breaks weeks after the US restricted CHIPS-funded companies' investments in Chinaπ Read
via "ITPro".
IT PRO
US Commerce Department inks deal with Google to develop chips for researchers | IT PRO
The news breaks weeks after the US restricted CHIPS-funded companies' investments in China
π’ Sophos XGS 116 review: A small and mighty appliance π’
π Read
via "ITPro".
This clever and compact security gateway brings outstanding security and remote management features at a tempting priceπ Read
via "ITPro".
IT PRO
Sophos XGS 116 review: A small and mighty appliance | IT PRO
This clever and compact security gateway brings outstanding security and remote management features at a tempting price
π’ Exertis Enterprise announces expanded Progress partnership π’
π Read
via "ITPro".
Distributor moves to strengthen NetSecOps in the UK with availability of Progress WhatsUp Gold and Progress Flowmonπ Read
via "ITPro".
IT PRO
Exertis Enterprise announces expanded Progress partnership | IT PRO
Distributor moves to strengthen NetSecOps in the UK with availability of Progress WhatsUp Gold and Progress Flowmon