⚠ SIM swapper sent to prison for 2FA cryptocurrency heist of over $20m ⚠
📖 Read
via "Naked Security".
Guilty party got 18 months, also has to pay back $20m he probably hasn't got, which could land him in more hot water.📖 Read
via "Naked Security".
Sophos News
Naked Security – Sophos News
🕴 What Will It Take to Secure Critical Infrastructure? 🕴
📖 Read
via "Dark Reading".
There's no quick fix after decades of underinvestment, but the process has started. Cybersecurity grants, mandatory reporting protocols, and beefed-up authentication requirements are being put in place.📖 Read
via "Dark Reading".
Dark Reading
What Will It Take to Secure Critical Infrastructure?
There's no quick fix after decades of underinvestment, but the process has started. Cybersecurity grants, mandatory reporting protocols, and beefed-up authentication requirements are being put in place.
‼ CVE-2022-23470 ‼
📖 Read
via "National Vulnerability Database".
Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is running. This vulnerability affects Galaxy 22.01 and higher, after the switch to gunicorn, which serve static contents directly. Additionally, the vulnerability is mitigated when using Nginx or Apache to serve /static/* contents, instead of Galaxy's internal middleware. This issue has been patched in commit `e5e6bda4f` and will be included in future releases. Users are advised to manually patch their installations. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30305 ‼
📖 Read
via "National Vulnerability Database".
An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 through 4.1.1, 4.0.0 through 4.0.2, 3.3.0 through 3.3.3, 3.2.0 through 3.2.2,3.1.0 through 3.1.1 and 3.0.0 through 3.0.2 may allow a remote attacker to repeatedly enter incorrect credentials without causing a log entry, and with no limit on the number of failed authentication attempts.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38379 ‼
📖 Read
via "National Vulnerability Database".
Improper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40680 ‼
📖 Read
via "National Vulnerability Database".
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiOS 6.0.7 - 6.0.15, 6.2.2 - 6.2.12, 6.4.0 - 6.4.9 and 7.0.0 - 7.0.3 allows a privileged attacker to execute unauthorized code or commands via storing malicious payloads in replacement messages.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34361 ‼
📖 Read
via "National Vulnerability Database".
IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23472 ‼
📖 Read
via "National Vulnerability Database".
Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python `random` library for random value selection. The python `random` library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator. As a result a motivated attacker may be able to guess generated passwords. This issue has been addressed in version 1.0.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35843 ‼
📖 Read
via "National Vulnerability Database".
An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23466 ‼
📖 Read
via "National Vulnerability Database".
teler is an real-time intrusion detection and threat alert dashboard. teler prior to version 2.0.0-rc.4 is vulnerable to DOM-based cross-site scripting (XSS) in the teler dashboard. When teler requests messages from the event stream on the `/events` endpoint, the log data displayed on the dashboard are not sanitized. This only affects authenticated users and can only be exploited based on detected threats if the log contains a DOM scripting payload. This vulnerability has been fixed on version `v2.0.0-rc.4`. Users are advised to upgrade. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33875 ‼
📖 Read
via "National Vulnerability Database".
An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45326 ‼
📖 Read
via "National Vulnerability Database".
An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33876 ‼
📖 Read
via "National Vulnerability Database".
Multiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to retrieve files with specific extension from the underlying Linux system via crafted HTTP requests.📖 Read
via "National Vulnerability Database".
🕴 Google Chrome Flaw Added to CISA Patch List 🕴
📖 Read
via "Dark Reading".
CISA gives agencies deadline to patch against Google Chrome bug being actively exploited in the wild.📖 Read
via "Dark Reading".
Dark Reading
Google Chrome Flaw Added to CISA Patch List
CISA gives agencies deadline to patch against Google Chrome bug being actively exploited in the wild.
🕴 Russia Readies Winter Cyberattacks As Troops Retreat From Ukraine 🕴
📖 Read
via "Dark Reading".
Microsoft warns that the Kremlin is ramping up cyberattacks against infrastructure and supply chains and starting disinformation campaigns as Russian troops lose on the battlefield.📖 Read
via "Dark Reading".
Dark Reading
Russia Readies Winter Cyberattacks As Troops Retreat From Ukraine
Microsoft warns that the Kremlin is ramping up cyberattacks against infrastructure and supply chains and starting disinformation campaigns as Russian troops lose on the battlefield.
👍2
🕴 Cambridge Centre for Risk Studies and Kivu Release Benchmark of Cost-Effective Responses to Cybercrime 🕴
📖 Read
via "Dark Reading".
📖 Read
via "Dark Reading".
Dark Reading
Cambridge Centre for Risk Studies and Kivu Release Benchmark of Cost-Effective Responses to Cybercrime
BERKELEY, Calif., Dec. 6, 2022 /PRNewswire/ -- In a report released today, The Cambridge Centre for Risk Studies (CCRS) and Kivu Consulting, Inc. have combined efforts to research and benchmark cost-effective responses to cybercrime. The research report,…
‼ CVE-2022-43867 ‼
📖 Read
via "National Vulnerability Database".
IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local attacker to execute arbitrary commands in the container. IBM X-Force ID: 239437.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46154 ‼
📖 Read
via "National Vulnerability Database".
Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users. This issue has been addressed in version 4.50. Users are advised to upgrade. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4147 ‼
📖 Read
via "National Vulnerability Database".
Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in the request.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44900 ‼
📖 Read
via "National Vulnerability Database".
A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45548 ‼
📖 Read
via "National Vulnerability Database".
AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.📖 Read
via "National Vulnerability Database".