π΄ Fool Me Thrice? How to Avoid Double and Triple Ransomware Extortion π΄
π Read
via "Dark Reading".
To stay safer, restrict access to data, monitor for breaches in the supply chain, track relevant data that is sold on the Dark Web, and implement best safety practices.π Read
via "Dark Reading".
Dark Reading
Fool Me Thrice? How to Avoid Double and Triple Ransomware Extortion
To stay safer, restrict access to data, monitor for breaches in the supply chain, track relevant data that is sold on the Dark Web, and implement best safety practices.
π΄ Google: With Cloud Comes APIs & Security Headaches π΄
π Read
via "Dark Reading".
APIs are key to cloud transformation, but two Google surveys find that cyberattacks targeting them are reaching a tipping point, even as general cloud security issues abound.π Read
via "Dark Reading".
Dark Reading
Google: With Cloud Comes APIs & Security Headaches
APIs are key to cloud transformation, but two Google surveys find that cyberattacks targeting them are reaching a tipping point, even as general cloud security issues abound.
π2
βΌ CVE-2022-47941 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-43551 βΌ
π Read
via "National Vulnerability Database".
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-4698 βΌ
π Read
via "National Vulnerability Database".
The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several form fields in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47942 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in ksmbd in the Linux kernel before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46642 βΌ
π Read
via "National Vulnerability Database".
D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4697 βΌ
π Read
via "National Vulnerability Database".
The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Γ’β¬Λwp_user_cover_default_image_urlΓ’β¬β’ parameter in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.π Read
via "National Vulnerability Database".
βΌ CVE-2022-44565 βΌ
π Read
via "National Vulnerability Database".
An improper access validation vulnerability exists in airMAX AC <8.7.11, airFiber 60/LR <2.6.2, airFiber 60 XG/HD <v1.0.0 and airFiber GBE <1.4.1 that allows a malicious actor to retrieve status and usage data from the UISP device.π Read
via "National Vulnerability Database".
βΌ CVE-2022-44567 βΌ
π Read
via "National Vulnerability Database".
A command injection vulnerability exists in Rocket.Chat-Desktop <3.8.14 that could allow an attacker to pass a malicious url of openInternalVideoChatWindow to shell.openExternal(), which may lead to remote code execution (internalVideoChatWindow.ts#L17). To exploit the vulnerability, the internal video chat window must be disabled or a Mac App Store build must be used (internalVideoChatWindow.ts#L14). The vulnerability may be exploited by an XSS attack because the function openInternalVideoChatWindow is exposed in the Rocket.Chat-Desktop-API.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23547 βΌ
π Read
via "National Vulnerability Database".
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as commit in the master branch.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38757 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. This vulnerability allows administrators with rights to perform actions (e.g., install a bundle) on a set of managed devices, to be able to exercise these rights on managed devices in the ZENworks zone but which are outside the scope of the administrator. This vulnerability does not result in the administrators gaining additional rights on the managed devices, either in the scope or outside the scope of the administrator.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47940 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in ksmbd in the Linux kernel before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47939 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46641 βΌ
π Read
via "National Vulnerability Database".
D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47938 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNNECT.π Read
via "National Vulnerability Database".
β S3 Ep114: Preventing cyberthreats β stop them before they stop you! [Audio + Text] β
π Read
via "Naked Security".
Join world-renowned expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode on how to fight cybercrime.π Read
via "Naked Security".
Naked Security
S3 Ep114: Preventing cyberthreats β stop them before they stop you! [Audio + Text]
Join world-renowned expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode on how to fight cybercrime.
π΄ Videoconferencing Worries Grow, With SMBs in Cyberattack Crosshairs π΄
π Read
via "Dark Reading".
Securing videoconferencing solutions is just one of many IT security challenges small businesses are facing, often with limited financial and human resources.π Read
via "Dark Reading".
Dark Reading
Videoconferencing Worries Grow, With SMBs in Cyberattack Crosshairs
Securing videoconferencing solutions is just one of many IT security challenges small businesses are facing, often with limited financial and human resources.
π΄ LastPass Cops to Massive Breach Including Customer Vault Data π΄
π Read
via "Dark Reading".
The follow-on attack from August's source-code breach could fuel future campaigns against LastPass customers.π Read
via "Dark Reading".
Dark Reading
LastPass Cops to Massive Breach Including Customer Vault Data
The follow-on attack from August's source-code breach could fuel future campaigns against LastPass customers.
β LastPass finally admits: They did steal your password vaults after all β
π Read
via "Naked Security".
The crooks now know who you are, where you live, which computers are yours... and they got those password vaults, too.π Read
via "Naked Security".
Naked Security
LastPass finally admits: Those crooks who got in? They did steal your password vaults, after allβ¦
The crooks now know who you are, where you live, which computers are yours, where you go online⦠and they got those password vaults, too.
βΌ CVE-2022-47943 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in ksmbd in the Linux kernel before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.π Read
via "National Vulnerability Database".