π΄ Israel's Top Tech University Targeted by DarkBit Ransomware π΄
π Read
via "Dark Reading".
An Israeli university is being blackmailed by hackers. However, they aren't just after money but are looking to send a political message β and maybe something more.π Read
via "Dark Reading".
Dark Reading
Israel's Top Tech University Targeted by DarkBit Ransomware
An Israeli university is being blackmailed by hackers. However, they aren't just after money but are looking to send a political message β and maybe something more.
βΌ CVE-2017-20178 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Codiad 2.8.0. It has been rated as problematic. Affected by this issue is the function saveJSON of the file components/install/process.php. The manipulation of the argument data leads to information disclosure. The attack may be launched remotely. Upgrading to version 2.8.1 is able to address this issue. The name of the patch is 517119de673e62547ee472a730be0604f44342b5. It is recommended to upgrade the affected component. VDB-221498 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.π Read
via "National Vulnerability Database".
βΌ CVE-2015-10085 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in GoPistolet. It has been declared as problematic. This vulnerability affects unknown code of the component MTA. The manipulation leads to denial of service. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The name of the patch is b91aa4674d460993765884e8463c70e6d886bc90. It is recommended to apply a patch to fix this issue. VDB-221506 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0943 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, has been found in SourceCodester Best POS Management System 1.0. This issue affects some unknown processing of the file index.php?page=site_settings of the component Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-221591.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48282 βΌ
π Read
via "National Vulnerability Database".
Under very specific circumstances (see Required configuration section below), a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C#. This affects all MongoDB .NET/C# Driver versions prior to and including v2.18.0π Read
via "National Vulnerability Database".
βΌ CVE-2023-0942 βΌ
π Read
via "National Vulnerability Database".
The Japanized For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the Γ’β¬ΛtabΓ’β¬β’ parameter in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
π΄ Malwarebytes Expands Platform With New Application Block Capabilities π΄
π Read
via "Dark Reading".
Latest threat prevention module helps resource-strapped security teams block unsafe, untrusted or vulnerable applications.π Read
via "Dark Reading".
Dark Reading
Malwarebytes Expands Platform With New Application Block Capabilities
Latest threat prevention module helps resource-strapped security teams block unsafe, untrusted or vulnerable applications.
π΄ Analysts Slam Twitter's Decision to Disable SMS-Based 2FA π΄
π Read
via "Dark Reading".
Making the option available only to paid subscribers β while also claiming SMS authentication is broken β doesn't make sense, some say. Is it a cash grab?π Read
via "Dark Reading".
Dark Reading
Analysts Slam Twitter's Decision to Disable SMS-Based 2FA
Making the option available only to paid subscribers β while also claiming SMS authentication is broken β doesn't make sense, some say. Is it a cash grab?
βΌ CVE-2023-0946 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in SourceCodester Best POS Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file billing/index.php?id=9. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The identifier VDB-221593 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25811 βΌ
π Read
via "National Vulnerability Database".
Uptime Kuma is a self-hosted monitoring tool. In versions prior to 1.20.0 the Uptime Kuma `name` parameter allows a persistent XSS attack. Users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46637 βΌ
π Read
via "National Vulnerability Database".
Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20179 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in InSTEDD Pollit 2.3.1. It has been rated as critical. This issue affects the function TourController of the file app/controllers/tour_controller.rb. The manipulation leads to an unknown weakness. The attack may be initiated remotely. Upgrading to version 2.3.2 is able to address this issue. The name of the patch is 6ef04f8b5972d5f16f8b86f8b53f62fac68d5498. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-221507.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25810 βΌ
π Read
via "National Vulnerability Database".
Uptime Kuma is a self-hosted monitoring tool. In versions prior to 1.20.0 the Uptime Kuma status page allows a persistent XSS attack. Users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25158 βΌ
π Read
via "National Vulnerability Database".
GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore implementations. Users are advised to upgrade to either version 27.4 or to 28.2 to resolve this issue. Users unable to upgrade may disable `encode functions` for PostGIS DataStores or enable `prepared statements` for JDBCDataStores as a partial mitigation.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25812 βΌ
π Read
via "National Vulnerability Database".
Minio is a Multi-Cloud Object Storage framework. Affected versions do not correctly honor a `Deny` policy on ByPassGoverance. Ideally, minio should return "Access Denied" to all users attempting to DELETE a versionId with the special header `X-Amz-Bypass-Governance-Retention: true`. However, this was not honored instead the request will be honored and an object under governance would be incorrectly deleted. All users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0945 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in SourceCodester Best POS Management System 1.0. Affected is an unknown function of the file index.php?page=add-category. The manipulation of the argument Name with the input "><img src=x onerror=prompt(document.domain);> leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-221592.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25157 βΌ
π Read
via "National Vulnerability Database".
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25657 βΌ
π Read
via "National Vulnerability Database".
Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions earlier than 1.5.7 are impacted by a remote code execution vulnerability. Nautobot did not properly sandbox Jinja2 template rendering. In Nautobot 1.5.7 has enabled sandboxed environments for the Jinja2 template engine used internally for template rendering for the following objects: `extras.ComputedField`, `extras.CustomLink`, `extras.ExportTemplate`, `extras.Secret`, `extras.Webhook`. While no active exploits of this vulnerability are known this change has been made as a preventative measure to protect against any potential remote code execution attacks utilizing maliciously crafted template code. This change forces the Jinja2 template engine to use a `SandboxedEnvironment` on all new installations of Nautobot. This addresses any potential unsafe code execution everywhere the helper function `nautobot.utilities.utils.render_jinja2` is called. Additionally, the documentation that had previously suggesting the direct use of `jinja2.Template` has been revised to suggest `render_jinja2`. Users are advised to upgrade to Nautobot 1.5.7 or newer. For users that are unable to upgrade to the latest release of Nautobot, you may add the following setting to your `nautobot_config.py` to apply the sandbox environment enforcement: `TEMPLATES[1]["OPTIONS"]["environment"] = "jinja2.sandbox.SandboxedEnvironment"` After applying this change, you must restart all Nautobot services, including any Celery worker processes. **Note:** *Nautobot specifies two template engines by default, the first being Γ’β¬ΕdjangoΓ’β¬οΏ½ for the Django built-in template engine, and the second being Γ’β¬ΕjinjaΓ’β¬οΏ½ for the Jinja2 template engine. This recommended setting will update the second item in the list of template engines, which is the Jinja2 engine.* For users that are unable to immediately update their configuration such as if a Nautobot service restart is too disruptive to operations, access to provide custom Jinja2 template values may be mitigated using permissions to restrict Γ’β¬ΕchangeΓ’β¬οΏ½ (write) actions to the affected object types listed in the first section. **Note:** *This solution is intended to be stopgap until you can successfully update your `nautobot_config.py` or upgrade your Nautobot instance to apply the sandboxed environment enforcement.*π Read
via "National Vulnerability Database".
βΌ CVE-2023-24320 βΌ
π Read
via "National Vulnerability Database".
An access control issue in Axcora POS #0~gitf77ec09 allows unauthenticated attackers to execute arbitrary commands via unspecified vectors.π Read
via "National Vulnerability Database".
π΄ CREST Calls for Greater Equity, Inclusion and Diversity As Part of National Cyber Security Strategy π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
CREST Calls for Greater Equity, Inclusion and Diversity As Part of National Cyber Security Strategy
21 Feb 2023: CREST, the global not-for-profit community of cyber security businesses and professionals working to keep our information safe in a digital world, today launches its latest best practice guide, describing how to foster greater equity, inclusionβ¦
π΄ Scrut Automation Raises Funding of $7.5M, Led by MassMutual Ventures, Lightspeed, and Endiya Partners π΄
π Read
via "Dark Reading".
With the fresh capital, Scrut aims to focus on simplifying risk management and infosec compliance for cloud-native SaaS, Fintech, and Healthtech companiesπ Read
via "Dark Reading".
Dark Reading
Scrut Automation Raises Funding of $7.5M, Led by MassMutual Ventures, Lightspeed, and Endiya Partners
With the fresh capital, Scrut aims to focus on simplifying risk management and infosec compliance for cloud-native SaaS, Fintech, and Healthtech companies