βΌ CVE-2022-33179 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with Γ’β¬Εset contextΓ’β¬οΏ½ and escalate privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28170 βΌ
π Read
via "National Vulnerability Database".
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33182 βΌ
π Read
via "National Vulnerability Database".
A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands Γ’β¬ΕsupportlinkΓ’β¬οΏ½, Γ’β¬ΕfirmwaredownloadΓ’β¬οΏ½, Γ’β¬Εportcfgupload, license, and Γ’β¬ΕfosexecΓ’β¬οΏ½.π Read
via "National Vulnerability Database".
β Apple megaupdate: Ventura out, iOS and iPad kernel zero-day β act now! β
π Read
via "Naked Security".
Ventura hits the market with 112 patches, Catalina's gone missing, and iPhones and iPads get a critical kernel-level zero-day patch...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Clearview AI image-scraping face recognition service hit with β¬20m fine in France β
π Read
via "Naked Security".
"We told you to stop but you ignored us," said the French regulator, "so now we're coming after you again."π Read
via "Naked Security".
Naked Security
Clearview AI image-scraping face recognition service hit with β¬20m fine in France
βWe told you to stop but you ignored us,β said the French regulator, βso now weβre coming after you again.β
βΌ CVE-2022-43750 βΌ
π Read
via "National Vulnerability Database".
drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43747 βΌ
π Read
via "National Vulnerability Database".
baramundi Management Agent (bMA) in baramundi Management Suite (bMS) 2021 R1 and R2 and 2022 R1 allows remote code execution. This is fixed in 2022 R2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31256 βΌ
π Read
via "National Vulnerability Database".
A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25849 βΌ
π Read
via "National Vulnerability Database".
The package joyqi/hyper-down from 0.0.0 are vulnerable to Cross-site Scripting (XSS) because the module of parse markdown does not filter the href attribute very well.π Read
via "National Vulnerability Database".
π΄ Dark Reading Launches New Section Dedicated to ICS/OT Security π΄
π Read
via "Dark Reading".
ICS/OT Security joins the lineup of 14 cybersecurity topic sections on the media site.π Read
via "Dark Reading".
Dark Reading
Dark Reading Launches New Section Dedicated to ICS/OT Security
ICS/OT Security joins the lineup of 14 cybersecurity topic sections on the media site.
π΄ Top 10 Kubernetes Security Risks Every DevSecOps Pro Should Know π΄
π Read
via "Dark Reading".
The mission to run any containerized application on any infrastructure makes security a challenge on Kubernetes.π Read
via "Dark Reading".
Dark Reading
Top 10 Kubernetes Security Risks Every DevSecOps Pro Should Know
The mission to run any containerized application on any infrastructure makes security a challenge on Kubernetes.
π΄ Baltimore/Washington International Thurgood Marshall Airport Selects Telos to Process Background Checks for Aviation Workers π΄
π Read
via "Dark Reading".
Telos' aviation channeling service offers increased efficiency and flexibility in credentialing operations at the busiest airport in the Washington-Baltimore region.π Read
via "Dark Reading".
Dark Reading
Baltimore/Washington International Thurgood Marshall Airport Selects Telos to Process Background Checks for Aviation Workers
Telos' aviation channeling service offers increased efficiency and flexibility in credentialing operations at the busiest airport in the Washington-Baltimore region.
π nfstream 6.5.3 π
π Read
via "Packet Storm Security".
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.π Read
via "Packet Storm Security".
Packetstormsecurity
nfstream 6.5.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Rezilion Vulnerability Scanner Benchmark Report Finds Top Scanners Only 73% Accurate π΄
π Read
via "Dark Reading".
Majority of vulnerability scanner tools overwhelming teams with false positives and missing exploitable vulnerabilities.π Read
via "Dark Reading".
Dark Reading
Rezilion Vulnerability Scanner Benchmark Report Finds Top Scanners Only 73% Accurate
Majority of vulnerability scanner tools overwhelming teams with false positives and missing exploitable vulnerabilities.
π΄ Open Source Is Just the Tip of the Iceberg in Software Supply Chain Security π΄
π Read
via "Dark Reading".
As more of the software stack consists of third-party code, it's time for a more-advanced open source vetting system.π Read
via "Dark Reading".
Dark Reading
Open Source Is Just the Tip of the Iceberg in Software Supply Chain Security
As more of the software stack consists of third-party code, it's time for a more-advanced open source vetting system.
π΄ BlackBerry Launches Cyber Threat Intelligence Service to Strengthen Cyber Defenses π΄
π Read
via "Dark Reading".
New service from BlackBerry's Threat Research and Intelligence Team reduces unknowns to enhance detection and response.π Read
via "Dark Reading".
Dark Reading
BlackBerry Launches Cyber Threat Intelligence Service to Strengthen Cyber Defenses
New service from BlackBerry's Threat Research and Intelligence Team reduces unknowns to enhance detection and response.
π΄ Valence Security Announces $25M Series A to Scale Delivery of Collaborative SaaS Security Remediation Solutions to Customers π΄
π Read
via "Dark Reading".
Led by Microsoft's M12 venture fund, Valence's Series A round accelerates the company's ability to help customers secure their SaaS mesh from risk created by democratized end-user adoption, third-party integrations, unmanaged identities, and external data sharing.π Read
via "Dark Reading".
Dark Reading
Valence Security Announces $25M Series A to Scale Delivery of Collaborative SaaS Security Remediation Solutions to Customers
Led by Microsoft's M12 venture fund, Valence's Series A round accelerates the company's ability to help customers secure their SaaS mesh from risk created by democratized end-user adoption, third-party integrations, unmanaged identities, and external dataβ¦
π΄ Google Enters Into Stipulated Agreement to Improve Legal Process Compliance Program π΄
π Read
via "Dark Reading".
Google admitted to loss of data responsive to 2016 search warrant and agreed to program enhancements, reporting obligations, and a first-of-its-kind Independent Compliance Professional.π Read
via "Dark Reading".
Dark Reading
Google Enters Into Stipulated Agreement to Improve Legal Process Compliance Program
Google admitted to loss of data responsive to 2016 search warrant and agreed to program enhancements, reporting obligations, and a first-of-its-kind Independent Compliance Professional.
π΄ 54% of Staff Would Reconsider Working for a Firm That Had Experienced a Cyber Breach, Research Finds π΄
π Read
via "Dark Reading".
Independent research from Encore uncovers hidden costs of cyber attacks.π Read
via "Dark Reading".
Dark Reading
54% of Staff Would Reconsider Working for a Firm That Had Experienced a Cyber Breach, Research Finds
Independent research from Encore uncovers hidden costs of cyber attacks.
π΄ Content Security Market Worth $2.2 Million by 2027 - Exclusive Study by MarketsandMarkets(TM) π΄
π Read
via "Dark Reading".
Concerns about breaches of sensitive information due to execution of malware scripts and growing adoption of cloud-based services are fueling growth of the content security market.π Read
via "Dark Reading".
Dark Reading
Content Security Market Worth $2.2 Million by 2027 - Exclusive Study by MarketsandMarkets(TM)
Concerns about breaches of sensitive information due to execution of malware scripts and growing adoption of cloud-based services are fueling growth of the content security market.
π΄ Cisco Warns AnyConnect VPNs Under Active Cyberattack π΄
π Read
via "Dark Reading".
Older bugs in the AnyConnect Secure Mobility Client are being targeted in the wild, showcasing patch-management failures.π Read
via "Dark Reading".
Dark Reading
Cisco Warns AnyConnect VPNs Under Active Cyberattack
Older bugs in the AnyConnect Secure Mobility Client are being targeted in the wild, showcasing patch-management failures.