‼ CVE-2022-40746 ‼
📖 Read
via "National Vulnerability Database".
IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236581.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45422 ‼
📖 Read
via "National Vulnerability Database".
When LG SmartShare is installed, local privilege escalation is possible through DLL Hijacking attack. The LG ID is LVE-HOT-220005.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44178 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44177 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44175 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44176 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic.📖 Read
via "National Vulnerability Database".
🕴 Name That Toon: Fall Cleanup 🕴
📖 Read
via "Dark Reading".
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.📖 Read
via "Dark Reading".
Dark Reading
Name That Toon: Fall Cleanup
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
🕴 Investors Are Pouring Cash Into These 10 Cybersecurity Startups 🕴
📖 Read
via "Dark Reading".
Following the dollars reveals pen-test and intrusion-detection startups are the most attractive to investors right now, collectively getting more than $3 billion in funding.📖 Read
via "Dark Reading".
Dark Reading
Investors Are Pouring Cash Into These 10 Cybersecurity Startups
Following the dollars reveals pen-test and intrusion-detection startups are the most attractive to investors right now, collectively getting more than $3 billion in funding.
🕴 Luna Moth's Novel, Malware-Free Extortion Campaign Takes Flight 🕴
📖 Read
via "Dark Reading".
Luna Moth is relying solely on call-back phishing, as well as legitimate tools, to steal data and extract ransoms from victims of all stripes in an expanding cyberattack effort.📖 Read
via "Dark Reading".
Dark Reading
Luna Moth's Novel, Malware-Free Extortion Campaign Takes Flight
Luna Moth is relying solely on call-back phishing, as well as legitimate tools, to steal data and extract ransoms from victims of all stripes in an expanding cyberattack effort.
🕴 Google Releases YARA Rules to Disrupt Cobalt Strike Abuse 🕴
📖 Read
via "Dark Reading".
The popular pen-testing tool is often cracked and repurposed by threat actors. Google now has a plan to address that.📖 Read
via "Dark Reading".
Dark Reading
Google Releases YARA Rules to Disrupt Cobalt Strike Abuse
The popular pen-testing tool is often cracked and repurposed by threat actors. Google now has a plan to address that.
🕴 Microsoft Warns of Rise in Stolen Cloud Tokens Used to Bypass MFA 🕴
📖 Read
via "Dark Reading".
Analysts see an uptick in token theft from authenticated users, allowing threat actors to bypass MFA protections.📖 Read
via "Dark Reading".
Dark Reading
Microsoft Warns of Rise in Stolen Cloud Tokens Used to Bypass MFA
Analysts see an uptick in token theft from authenticated users, allowing threat actors to bypass MFA protections.
‼ CVE-2022-3388 ‼
📖 Read
via "National Vulnerability Database".
An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4105 ‼
📖 Read
via "National Vulnerability Database".
A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack (clickjacking) and an HTML injection which disables the use of the history page.📖 Read
via "National Vulnerability Database".
🕴 Identity Security Needs Humans and AI Working Hand in Hand 🕴
📖 Read
via "Dark Reading".
In the cybersecurity world, augmenting the human touch with artificial intelligence has produced extremely positive results.📖 Read
via "Dark Reading".
Darkreading
Identity Security Needs Humans and AI Working Hand in Hand
In the cybersecurity world, augmenting the human touch with artificial intelligence has produced extremely positive results.
‼ CVE-2022-42096 ‼
📖 Read
via "National Vulnerability Database".
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via Post content.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43143 ‼
📖 Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error modal container.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30257 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30258 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-23582 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to create Multiple WLAN BSSID.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44787 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Appalti & Contratti 9.12.2. The web applications are vulnerable to a Reflected Cross-Site Scripting issue. The idPagina parameter is reflected inside the server response without any HTML encoding, resulting in XSS when the victim moves the mouse pointer inside the page. As an example, the onmouseenter attribute is not sanitized.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44784 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the Axis 1.4 instance, embedded directly into the applications, as hinted by the WEB-INF/web.xml file leaked through Local File Inclusion. Among the exposed services, there is the Axis AdminService, which, through the default configuration, should normally be accessible only by the localhost. Nevertheless, by trying to access the mentioned service, both in LFS and DL229, the service can actually be reached even by remote users, allowing creation of arbitrary services on the server side. When an attacker can reach the AdminService, they can use it to instantiate arbitrary services on the server. The exploit procedure is well known and described in Generic AXIS-SSRF exploitation. Basically, the attack consists of writing a JSP page inside the root directory of the web application, through the org.apache.axis.handlers.LogHandler class.📖 Read
via "National Vulnerability Database".