βΌ CVE-2022-38934 βΌ
π Read
via "National Vulnerability Database".
readelf in ToaruOS 2.0.1 has some arbitrary address read vulnerabilities when parsing a crafted ELF file.π Read
via "National Vulnerability Database".
π΄ Phishing Attacks Crushed Records Last Quarter, Driven by Mobile π΄
π Read
via "Dark Reading".
Shocking phishing numbers (more than 1 million in a single quarter) are being driven by vishing, smishing, and other lures that target mobile devices.π Read
via "Dark Reading".
Dark Reading
Phishing Attacks Crushed Records Last Quarter, Driven by Mobile
Shocking phishing numbers (more than 1 million in a single quarter) are being driven by vishing, smishing, and other lures that target mobile devices.
π΄ Google Cloud DORA: Securing the Supply Chain Begins With Culture π΄
π Read
via "Dark Reading".
The team's annual survey finds that the right development culture is better than technical measures when it comes to shoring up software supply chain security practices. An additional benefit: Less burnout.π Read
via "Dark Reading".
Dark Reading
Google Cloud DORA: Securing the Supply Chain Begins With Culture
The team's annual survey finds that the right development culture is better than technical measures when it comes to shoring up software supply chain security practices. An additional benefit: Less burnout.
βΌ CVE-2022-40929 βΌ
π Read
via "National Vulnerability Database".
XXL-JOB 2.2.0 has a Command execution vulnerability in background tasks.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3193 βΌ
π Read
via "National Vulnerability Database".
An HTML injection/reflected Cross-site scripting (XSS) vulnerability was found in the ovirt-engine. A parameter "error_description" fails to sanitize the entry, allowing the vulnerability to trigger on the Windows Service Accounts home pages.π Read
via "National Vulnerability Database".
π΄ Container Supply Chain Attacks Cash In on Cryptojacking π΄
π Read
via "Dark Reading".
Cloud-native threats are costing cloud customer victims money as cryptojackers mine their vulnerable cloud instances.π Read
via "Dark Reading".
Dark Reading
Container Supply Chain Attacks Cash In on Cryptojacking
Cloud-native threats are costing cloud customer victims money as cryptojackers mine their vulnerable cloud instances.
π΄ Fast Company CMS Hack Raises Security Questions π΄
π Read
via "Dark Reading".
The company's website remains offline after hackers used its compromised CMS to send out racist messages.π Read
via "Dark Reading".
Dark Reading
Fast Company CMS Hack Raises Security Questions
The company's website remains offline after hackers used its compromised CMS to send out racist messages.
π΄ Sophisticated Covert Cyberattack Campaign Targets Military Contractors π΄
π Read
via "Dark Reading".
Malware used in the STEEP#MAVERICK campaign features rarely seen obfuscation, anti-analysis, and evasion capabilities.π Read
via "Dark Reading".
Dark Reading
Sophisticated Covert Cyberattack Campaign Targets Military Contractors
Malware used in the STEEP#MAVERICK campaign features rarely seen obfuscation, anti-analysis, and evasion capabilities.
π΄ Google Quashes 5 High-Severity Bugs With Chrome 106 Update π΄
π Read
via "Dark Reading".
External researchers contributed 16 of the 20 security updates included in the new Chrome 106 Stable Channel rollout, including five high-severity bugs.π Read
via "Dark Reading".
Dark Reading
Google Quashes 5 High-Severity Bugs With Chrome 106 Update
External researchers contributed 16 of the 20 security updates included in the new Chrome 106 Stable Channel rollout, including five high-severity bugs.
π΄ Plug Your Data Leaks: Integrating Data Loss Prevention into Your Security Stack π΄
π Read
via "Dark Reading".
The average cost of a data-exposing cybersecurity incident is $4.35 million. If your business canβt avoid to pay, make sure youβve got a strong data loss prevention practice in place.π Read
via "Dark Reading".
Dark Reading
Plug Your Data Leaks: Integrating Data Loss Prevention into Your Security Stack
The average cost of a data-exposing cybersecurity incident is $4.35 million. If your business canβt avoid to pay, make sure youβve got a strong data loss prevention practice in place.
βΌ CVE-2022-3215 βΌ
π Read
via "National Vulnerability Database".
NIOHTTP1 and projects using it for generating HTTP responses can be subject to a HTTP Response Injection attack. This occurs when a HTTP/1.1 server accepts user generated input from an incoming request and reflects it into a HTTP/1.1 response header in some form. A malicious user can add newlines to their input (usually in encoded form) and "inject" those newlines into the returned HTTP response. This capability allows users to work around security headers and HTTP/1.1 framing headers by injecting entirely false responses or other new headers. The injected false responses may also be treated as the response to subsequent requests, which can lead to XSS, cache poisoning, and a number of other flaws. This issue was resolved by adding validation to the HTTPHeaders type, ensuring that there's no whitespace incorrectly present in the HTTP headers provided by users. As the existing API surface is non-failable, all invalid characters are replaced by linear whitespace.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1270 βΌ
π Read
via "National Vulnerability Database".
In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.π Read
via "National Vulnerability Database".
βΌ CVE-2022-39246 βΌ
π Read
via "National Vulnerability Database".
matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others. This attack is possible due to the key forwarding strategy implemented in the matrix-android-sdk2 that is too permissive. Starting with version 1.5.1, the default policy for accepting key forwards has been made more strict in the matrix-android-sdk2. The matrix-android-sdk2 will now only accept forwarded keys in response to previously issued requests and only from own, verified devices. The SDK now sets a `trusted` flag on the decrypted message upon decryption, based on whether the key used to decrypt the message was received from a trusted source. Clients need to ensure that messages decrypted with a key with `trusted = false` are decorated appropriately (for example, by showing a warning for such messages). As a workaroubnd, current users of the SDK can disable key forwarding in their forks using `CryptoService#enableKeyGossiping(enable: Boolean)`.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3292 βΌ
π Read
via "National Vulnerability Database".
Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8.π Read
via "National Vulnerability Database".
βΌ CVE-2022-39249 βΌ
π Read
via "National Vulnerability Database".
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others. This attack is possible due to the matrix-js-sdk implementing a too permissive key forwarding strategy on the receiving end. Starting with version 19.7.0, the default policy for accepting key forwards has been made more strict in the matrix-js-sdk. matrix-js-sdk will now only accept forwarded keys in response to previously issued requests and only from own, verified devices. The SDK now sets a `trusted` flag on the decrypted message upon decryption, based on whether the key used to decrypt the message was received from a trusted source. Clients need to ensure that messages decrypted with a key with `trusted = false` are decorated appropriately, for example, by showing a warning for such messages. This attack requires coordination between a malicious homeserver and an attacker, and those who trust your homeservers do not need a workaround.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34424 βΌ
π Read
via "National Vulnerability Database".
Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40710 βΌ
π Read
via "National Vulnerability Database".
A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36781 βΌ
π Read
via "National Vulnerability Database".
WiseConnect - ScreenConnect Session Code Bypass. An attacker would have to use a proxy to monitor the traffic, and perform a brute force on the session code in order to get in. Sensitive data about the company , get in a session.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34394 βΌ
π Read
via "National Vulnerability Database".
Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40707 βΌ
π Read
via "National Vulnerability Database".
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23716 βΌ
π Read
via "National Vulnerability Database".
A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.π Read
via "National Vulnerability Database".