π΄ Analysts Spot a Wave of SVB-Related Cyber Fraud Striking the Business Sector π΄
π Read
via "Dark Reading".
Over the weekend, cybercriminals laid the groundwork for Silicon Valley Bank-related fraud attacks that they're now starting to cash in on. Businesses are the targets and, sometimes, the enablers.π Read
via "Dark Reading".
Dark Reading
Analysts Spot a Wave of SVB-Related Cyber Fraud Striking the Business Sector
Over the weekend, cybercriminals laid the groundwork for Silicon Valley Bank-related fraud attacks that they're now starting to cash in on. Businesses are the targets and, sometimes, the enablers.
π΄ Telerik Bug Exploited to Steal Federal Agency Data, CISA Warns π΄
π Read
via "Dark Reading".
An unpatched Microsoft Web server allowed multiple cybersecurity threat groups to steal data from a federal civilian executive branch.π Read
via "Dark Reading".
Dark Reading
Telerik Bug Exploited to Steal Federal Agency Data, CISA Warns
An unpatched Microsoft Web server allowed multiple cybersecurity threat groups to steal data from a federal civilian executive branch.
βΌ CVE-2023-25804 βΌ
π Read
via "National Vulnerability Database".
Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a limited path traversal vulnerability. An SSH key can be saved into an unintended location, for example the `/tmp` folder using a payload `../../../../../tmp/test111_dev`. This issue has been fixed in version 6.3.5.0.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4556 βΌ
π Read
via "National Vulnerability Database".
IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 183329.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25282 βΌ
π Read
via "National Vulnerability Database".
A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43874 βΌ
π Read
via "National Vulnerability Database".
IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239963.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46774 βΌ
π Read
via "National Vulnerability Database".
IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to incorrect default permissions which could give access to a user to actions that they should not have access to. IBM X-Force ID: 242953.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26284 βΌ
π Read
via "National Vulnerability Database".
IBM MQ Certified Container 9.3.0.1 through 9.3.0.3 and 9.3.1.0 through 9.3.1.1 could allow authenticated users with the cluster to be granted administration access to the MQ console due to improper access controls. IBM X-Force ID: 248417.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4927 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191695.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24229 βΌ
π Read
via "National Vulnerability Database".
DrayTek Vigor2960 v1.5.1.4 was discovered to contain a command injection vulnerability via the mainfunction.cgi component.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22876 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.1 could allow a privileged user to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 244364.π Read
via "National Vulnerability Database".
π΄ SecurityScorecard Appoints Former US Congressman John Katko As Senior Advisor π΄
π Read
via "Dark Reading".
Capitol Hill cybersecurity leader joins the companyβs Cybersecurity Advisory Board to drive further adoption of security ratings in the public and private sectors.π Read
via "Dark Reading".
Dark Reading
SecurityScorecard Appoints Former US Congressman John Katko As Senior Advisor
Capitol Hill cybersecurity leader joins the companyβs Cybersecurity Advisory Board to drive further adoption of security ratings in the public and private sectors.
π΄ Cyberattackers Continue Assault Against Fortinet Devices π΄
π Read
via "Dark Reading".
Patched earlier this month, a code-execution vulnerability is the latest FortiOS weakness to be exploited by attackers, who see the devices as well-placed targets for initial access operations.π Read
via "Dark Reading".
Dark Reading
Cyberattackers Continue Assault Against Fortinet Devices
Patched earlier this month, a code-execution vulnerability is the latest FortiOS weakness to be exploited by attackers, who see the devices as well-placed targets for initial access operations.
π΄ DirectDefense Reports the Top Threats From 2022 and What's Trending for 2023 π΄
π Read
via "Dark Reading".
Research found that phishing threats were low in 2022, while foreign login activity and application process analysis accounted for nearly 50% of incident alerts.π Read
via "Dark Reading".
Dark Reading
DirectDefense Reports the Top Threats From 2022 and What's Trending for 2023
Research found that phishing threats were low in 2022, while foreign login activity and application process analysis accounted for nearly 50% of incident alerts.
π΄ Hornetsecurity Launches VM Backup V9 π΄
π Read
via "Dark Reading".
Hornetsecurity research highlights that more than 1 in 4 companies have fallen victim to ransomware attacks, with 14.1% losing data and 6.6% paying a ransom.π Read
via "Dark Reading".
Dark Reading
Hornetsecurity Launches VM Backup V9
Hornetsecurity research highlights that more than 1 in 4 companies have fallen victim to ransomware attacks, with 14.1% losing data and 6.6% paying a ransom.
βΌ CVE-2023-25345 βΌ
π Read
via "National Vulnerability Database".
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27597 βΌ
π Read
via "National Vulnerability Database".
OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, when a specially crafted SIP message is processed by the function `rewrite_ruri`, a crash occurs due to a segmentation fault. This issue causes the server to crash. It affects configurations containing functions that make use of the affected code, such as the function `setport`. This issue has been fixed in version 3.1.8 and 3.2.5.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27596 βΌ
π Read
via "National Vulnerability Database".
OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, OpenSIPS crashes when a malformed SDP body is sent multiple times to an OpenSIPS configuration that makes use of the `stream_process` function. This issue was discovered during coverage guided fuzzing of the function `codec_delete_except_re`. By abusing this vulnerability, an attacker is able to crash the server. It affects configurations containing functions that rely on the affected code, such as the function `codec_delete_except_re`. This issue has been fixed in version 3.1.8 and 3.2.5.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27507 βΌ
π Read
via "National Vulnerability Database".
The Kamailio SIP before 5.5.0 server mishandles INVITE requests with duplicated fields and overlength tag, leading to a buffer overflow that crashes the server or possibly have unspecified other impact.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27598 βΌ
π Read
via "National Vulnerability Database".
OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, sending a malformed `Via` header to OpenSIPS triggers a segmentation fault when the function `calc_tag_suffix` is called. A specially crafted `Via` header, which is deemed correct by the parser, will pass uninitialized strings to the function `MD5StringArray` which leads to the crash. Abuse of this vulnerability leads to Denial of Service due to a crash. Since the uninitialized string points to memory location `0x0`, no further exploitation appears to be possible. No special network privileges are required to perform this attack, as long as the OpenSIPS configuration makes use of functions such as `sl_send_reply` or `sl_gen_totag` that trigger the vulnerable code. This issue has been fixed in versions 3.1.7 and 3.2.4.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22591 βΌ
π Read
via "National Vulnerability Database".
IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. IBM X-Force ID: 243710.π Read
via "National Vulnerability Database".