π΄ It Isn't Time to Worry About Quantum Computing Just Yet π΄
π Read
via "Dark Reading".
Don't let something that's a decade away distract you from today's cyber threats.π Read
via "Dark Reading".
Dark Reading
It Isn't Time to Worry About Quantum Computing Just Yet
Don't let something that's a decade away distract you from today's cyber threats.
π΄ Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting and Financial Data in Year Ahead π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting and Financial Data in Year Ahead
NEW YORK, Feb. 8, 2023 /PRNewswire/ -- Nearly half (48.8%) of C-suite and other executives expect the number and size of cyber events targeting their organizations' accounting and financial data to increase in the year ahead, according to a new Deloitte Centerβ¦
π΄ Gigamon Exits NDR Market, Sells ThreatINSIGHT Business to Fortinet π΄
π Read
via "Dark Reading".
Omdia has learned that Gigamon sold its ThreatINSIGHT NDR business to Fortinet for approximately $31 million. The deal highlights what may be a pivot point for the NDR market.π Read
via "Dark Reading".
Dark Reading
Gigamon Exits NDR Market, Sells ThreatInsight Business to Fortinet
Omdia has learned that Gigamon sold its ThreatInsight NDR business to Fortinet for approximately $31 million. The deal highlights what may be a pivot point for the NDR market.
π΄ Corelight Expands Partnership With CrowdStrike to Provide Network Detection and Response Technology for CrowdStrike Services π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Corelight Expands Partnership With CrowdStrike to Provide Network Detection and Response Technology for CrowdStrike Services
SAN FRANCISCO, Feb. 8, 2023 -- Corelight, the leader in open network detection and response (NDR), today announced it has expanded its partnership with CrowdStrike, a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data. Underβ¦
π΄ GAO Calls for Action to Protect Cybersecurity of Critical Energy, Communications Networks π΄
π Read
via "Dark Reading".
Enhanced industrial control systems cybersecurity for energy and communications sector among top recommendations in new GAO cybersecurity assessment.π Read
via "Dark Reading".
Dark Reading
GAO Calls for Action to Protect Cybersecurity of Critical Energy, Communications Networks
Enhanced industrial control systems cybersecurity for energy and communications sector among top recommendations in new GAO cybersecurity assessment.
π΄ SecuriThings Brings Managed Service Capabilities to Physical Security, With New Managed Service Platform π΄
π Read
via "Dark Reading".
Platform opens new opportunities for managed service providers to manage, visualize, and secure customer devices from a single pane of glass, including automated maintenance and other operations.π Read
via "Dark Reading".
Dark Reading
SecuriThings Brings Managed Service Capabilities to Physical Security, With New Managed Service Platform
Platform opens new opportunities for managed service providers to manage, visualize, and secure customer devices from a single pane of glass, including automated maintenance and other operations.
βΌ CVE-2023-0002 βΌ
π Read
via "National Vulnerability Database".
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent.π Read
via "National Vulnerability Database".
π₯1
βΌ CVE-2023-0001 βΌ
π Read
via "National Vulnerability Database".
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0003 βΌ
π Read
via "National Vulnerability Database".
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.π Read
via "National Vulnerability Database".
π΄ Skybox Security Appoints Cybersecurity Veteran Mordecai Rosen as CEO π΄
π Read
via "Dark Reading".
Skybox closes $50 million in financing to drive growth of its SaaS-based security platform.π Read
via "Dark Reading".
Dark Reading
Skybox Security Appoints Cybersecurity Veteran Mordecai Rosen as CEO
Skybox closes $50 million in financing to drive growth of its SaaS-based security platform.
π΄ ActZero Unveils Next-Generation MDR Platform π΄
π Read
via "Dark Reading".
Latest release gives small and mid-sized enterprises AI-driven analysis tools and unified visibility across IT environments for stronger ransomware protection.π Read
via "Dark Reading".
Dark Reading
ActZero Unveils Next-Generation MDR Platform
Latest release gives small and mid-sized enterprises AI-driven analysis tools and unified visibility across IT environments for stronger ransomware protection.
π΄ Leading Energy Companies Tap Fortress to Build and Operate Industry Repository to Identify and Remediate Critical Software Vulnerabilities π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Leading Energy Companies Tap Fortress to Build and Operate Industry Repository to Identify and Remediate Critical Software Vulnerabilities
ORLANDO, Fla., Feb. 8, 2023 /PRNewswire/ -- The U.S. utilities industry is banding together to help suppliers identify and remediate vulnerabilities in software managing mission-critical applications for the U.S. energy industry. Several investor-owned utilitiesβ¦
βΌ CVE-2023-25396 βΌ
π Read
via "National Vulnerability Database".
Privilege escalation in the MSI repair functionality in Caphyon Advanced Installer 20.0 and below allows attackers to access and manipulate system files.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34362 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling Secure Proxy 6.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 230523.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4304 βΌ
π Read
via "National Vulnerability Database".
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0217 βΌ
π Read
via "National Vulnerability Database".
An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0401 βΌ
π Read
via "National Vulnerability Database".
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0216 βΌ
π Read
via "National Vulnerability Database".
An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25166 βΌ
π Read
via "National Vulnerability Database".
formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0690 βΌ
π Read
via "National Vulnerability Database".
HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI workerΓ’β¬β’s disk. This issue is fixed in version 0.12.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25165 βΌ
π Read
via "National Vulnerability Database".
Helm is a tool that streamlines installing and managing Kubernetes applications.`getHostByName` is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a DNS lookup. The DNS lookup happens when used with `helm install|upgrade|template` or when the Helm SDK is used to render a chart. Information passed into the chart can be disclosed to the DNS servers used to lookup the IP address. For example, a malicious chart could inject `getHostByName` into a chart in order to disclose values to a malicious DNS server. The issue has been fixed in Helm 3.11.1. Prior to using a chart with Helm verify the `getHostByName` function is not being used in a template to disclose any information you do not want passed to DNS servers.π Read
via "National Vulnerability Database".