🕴 Raspberry Robin Worm Hatches a Highly Complex Upgrade 🕴
📖 Read
via "Dark Reading".
The Evil Corp-linked malware family has undergone an evolution, becoming more obfuscated and "several times more complex," as the group behind it tests how far the worm can be spread.📖 Read
via "Dark Reading".
Dark Reading
Raspberry Robin Worm Hatches a Highly Complex Upgrade
The Evil Corp-linked malware family has undergone an evolution, becoming more obfuscated and "several times more complex," as the group behind it tests how far the worm can be spread.
❤1
‼ CVE-2021-32821 ‼
📖 Read
via "National Vulnerability Database".
MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular Expression Denial of Service (ReDoS). An attack requires that an attacker can inject a string into a CSS selector at runtime, which is quite common with e.g. jQuery CSS selectors. No patches are available for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39947 ‼
📖 Read
via "National Vulnerability Database".
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.2, FortiADC version 6.2.0 through 6.2.3, FortiADC version version 6.1.0 through 6.1.6, FortiADC version 6.0.0 through 6.0.4, FortiADC version 5.4.0 through 5.4.5 may allow an attacker to execute unauthorized code or commands via specifically crafted HTTP requests.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35845 ‼
📖 Read
via "National Vulnerability Database".
Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through 3.9.1 may allow an authenticated attacker to execute arbitrary commands in the underlying shell.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41336 ‼
📖 Read
via "National Vulnerability Database".
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiPortal versions 6.0.0 through 6.0.11 and all versions of 5.3, 5.2, 5.1, 5.0 management interface may allow a remote authenticated attacker to perform a stored cross site scripting (XSS) attack via sending request with specially crafted columnindex parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42471 ‼
📖 Read
via "National Vulnerability Database".
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.4.0 through 6.4.2, FortiWeb version 6.3.6 through 6.3.20 may allow an authenticated and remote attacker to inject arbitrary headers.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-32824 ‼
📖 Read
via "National Vulnerability Database".
Apache Dubbo is a java based, open source RPC framework. Versions prior to 2.6.10 and 2.7.10 are vulnerable to pre-auth remote code execution via arbitrary bean manipulation in the Telnet handler. The Dubbo main service port can be used to access a Telnet Handler which offers some basic methods to collect information about the providers and methods exposed by the service and it can even allow to shutdown the service. This endpoint is unprotected. Additionally, a provider method can be invoked using the `invoke` handler. This handler uses a safe version of FastJson to process the call arguments. However, the resulting list is later processed with `PojoUtils.realize` which can be used to instantiate arbitrary classes and invoke its setters. Even though FastJson is properly protected with a default blocklist, `PojoUtils.realize` is not, and an attacker can leverage that to achieve remote code execution. Versions 2.6.10 and 2.7.10 contain fixes for this issue.📖 Read
via "National Vulnerability Database".
🕴 WordPress Sites Under Attack from Newly Found Linux Trojan 🕴
📖 Read
via "Dark Reading".
Researchers who discovered the backdoor Linux malware say it may have been around for more than three years — and it targets 30+ plugin bugs.📖 Read
via "Dark Reading".
Dark Reading
WordPress Sites Under Attack From Newly Found Linux Trojan
Researchers who discovered the backdoor Linux malware say it may have been around for more than three years — and it targets 30+ plug-in bugs.
📢 Offensive Security bans use of ChatGPT in cyber security certification exams 📢
📖 Read
via "ITPro".
It becomes the second major IT organisation to ban the use of the powerful tool that's taken the industry by storm📖 Read
via "ITPro".
ITPro
Offensive Security bans use of ChatGPT in cyber security certification exams
It becomes the second major IT organisation to ban the use of the powerful tool that's taken the industry by storm
🤔1
📢 LockBit issues rare apology for Toronto SickKids ransomware attack 📢
📖 Read
via "ITPro".
The December attack on the SickKids hospital disrupted services and caused delays for patients📖 Read
via "ITPro".
ITPro
LockBit issues rare apology for Toronto SickKids ransomware attack
The December attack on the SickKids hospital disrupted services and caused delays for patients
🕴 C2A Security To Showcase Automotive Cybersecurity DevOps Platform at CES In Las Vegas, January 5-8 🕴
📖 Read
via "Dark Reading".
📖 Read
via "Dark Reading".
Dark Reading
C2A Security To Showcase Automotive Cybersecurity DevOps Platform at CES In Las Vegas, January 5-8
JERUSALEM, ISRAEL (PRWEB) JANUARY 03, 2023 -- C2A Security, a leading provider of automated cybersecurity solutions for connected, autonomous, and electric vehicles will showcase its flagship product, EVSec, during the Consumer Electronics Show (CES 2023)…
‼ CVE-2022-45867 ‼
📖 Read
via "National Vulnerability Database".
MyBB before 1.8.33 allows Directory Traversal. The Admin CP Languages module allows remote authenticated users, with high privileges, to achieve local file inclusion and execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-22456 ‼
📖 Read
via "National Vulnerability Database".
ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by an otherwise trusted ViewVC instance. The attack vector involves files with unsafe names (names that, when embedded into an HTML stream, would cause the browser to run unwanted code), which themselves can be challenging to create. Users should update to at least version 1.2.2 (if they are using a 1.2.x version of ViewVC) or 1.1.29 (if they are using a 1.1.x version). ViewVC 1.0.x is no longer supported, so users of that release lineage should implement a workaround. Users can edit their ViewVC EZT view templates to manually HTML-escape changed paths during rendering. Locate in your template set's `revision.ezt` file references to those changed paths, and wrap them with `[format "html"]` and `[end]`. For most users, that means that references to `[changes.path]` will become `[format "html"][changes.path][end]`. (This workaround should be reverted after upgrading to a patched version of ViewVC, else changed path names will be doubly escaped.)📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45143 ‼
📖 Read
via "National Vulnerability Database".
The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32658 ‼
📖 Read
via "National Vulnerability Database".
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32659 ‼
📖 Read
via "National Vulnerability Database".
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32639 ‼
📖 Read
via "National Vulnerability Database".
In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32648 ‼
📖 Read
via "National Vulnerability Database".
In disp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535964; Issue ID: ALPS06535964.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32651 ‼
📖 Read
via "National Vulnerability Database".
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225857; Issue ID: ALPS07225857.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32657 ‼
📖 Read
via "National Vulnerability Database".
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32644 ‼
📖 Read
via "National Vulnerability Database".
In vow, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494473; Issue ID: ALPS07494473.📖 Read
via "National Vulnerability Database".