π΄ Western Digital Confirms Customer Data Stolen in Ransomware Attack π΄
π Read
via "Dark Reading".
Company refutes BlackCat claims, saying it still controls digital signature infrastructure. π Read
via "Dark Reading".
Dark Reading
Western Digital Confirms Customer Data Stolen in Ransomware Attack
Company refutes BlackCat claims, saying it still controls digital signature infrastructure.
βΌ CVE-2023-1979 βΌ
π Read
via "National Vulnerability Database".
The Web Stories for WordPress plugin supports the WordPress built-in functionality of protecting content with a password. The content is then only accessible to website visitors after entering the password. In WordPress, users with the "Author" role can create stories, but don't have the ability to edit password protected stories. The vulnerability allowed users with said role to bypass this permission check when trying to duplicate the protected story in the plugin's own dashboard, giving them access to the seemingly protected content. We recommend upgrading to version 1.32 or beyond commitΓ ad49781c2a35c5c92ef704d4b621ab4e5cb77d68 https://github.com/GoogleForCreators/web-stories-wp/commit/ad49781c2a35c5c92ef704d4b621ab4e5cb77d68π Read
via "National Vulnerability Database".
βΌ CVE-2023-2583 βΌ
π Read
via "National Vulnerability Database".
Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30837 βΌ
π Read
via "National Vulnerability Database".
Vyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. This issue was fixed in version 0.3.8.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30551 βΌ
π Read
via "National Vulnerability Database".
Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash due to out of memory (OOM) conditions caused by reading archive metadata files into memory without checking their sizes first. Verification of a JAR file submitted to Rekor can cause an out of memory crash if files within the META-INF directory of the JAR are sufficiently large. Parsing of an APK file submitted to Rekor can cause an out of memory crash if the .SIGN or .PKGINFO files within the APK are sufficiently large. The OOM crash has been patched in Rekor version 1.1.1. There are no known workarounds.π Read
via "National Vulnerability Database".
π΄ 1M NextGen Patient Records Compromised in Data Breach π΄
π Read
via "Dark Reading".
BlackCat ransomware operators reportedly stole the sensitive data. π Read
via "Dark Reading".
Dark Reading
1M NextGen Patient Records Compromised in Data Breach
Company says a database was accessed by an "unknown third party" with stolen credentials.
βΌ CVE-2023-30844 βΌ
π Read
via "National Vulnerability Database".
Mutagen provides real-time file synchronization and flexible network forwarding for developers. Prior to versions 0.16.6 and 0.17.1 in `mutagen` and prior to version 0.17.1 in `mutagen-compose`, Mutagen `list` and `monitor` commands are susceptible to control characters that could be provided by remote endpoints. This could cause terminal corruption, either intentional or unintentional, if these characters were present in error messages or file paths/names. This could be used as an attack vector if synchronizing with an untrusted remote endpoint, synchronizing files not under control of the user, or forwarding to/from an untrusted remote endpoint. On very old systems with terminals susceptible to issues such as CVE-2003-0069, the issue could theoretically cause code execution. The problem has been patched in Mutagen v0.16.6 and v0.17.1. Earlier versions of Mutagen are no longer supported and will not be patched. Versions of Mutagen after v0.18.0 will also have the patch merged. As a workaround, avoiding synchronization of untrusted files or interaction with untrusted remote endpoints should mitigate any risk.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30860 βΌ
π Read
via "National Vulnerability Database".
WWBN AVideo is an open source video platform. In AVideo prior to version 12.4, a normal user can make a Meeting Schedule where the user can invite another user in that Meeting, but it does not properly sanitize the malicious characters when creating a Meeting Room. This allows attacker to insert malicious scripts. Since any USER including the ADMIN can see the meeting room that was created by the attacker this can lead to cookie hijacking and takeover of any accounts. Version 12.4 contains a patch for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30855 βΌ
π Read
via "National Vulnerability Database".
Pimcore is an open source data and experience management platform. Versions of Pimcore prior to 10.5.18 are vulnerable to path traversal. The impact of this path traversal and arbitrary extension is limited to creation of arbitrary files and appending data to existing files. When combined with the SQL Injection, the exported data `RESTRICTED DIFFUSION 9 / 9` can be controlled and a webshell can be uploaded. Attackers can use that to execute arbitrary PHP code on the server with the permissions of the webserver. Users may upgrade to version 10.5.18 to receive a patch or, as a workaround, apply the patch manually.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30840 βΌ
π Read
via "National Vulnerability Database".
Fluid is an open source Kubernetes-native distributed dataset orchestrator and accelerator for data-intensive applications. Starting in version 0.7.0 and prior to version 0.8.6, if a malicious user gains control of a Kubernetes node running fluid csi pod (controlled by the `csi-nodeplugin-fluid` node-daemonset), they can leverage the fluid-csi service account to modify specs of all the nodes in the cluster. However, since this service account lacks `list node` permissions, the attacker may need to use other techniques to identify vulnerable nodes.Once the attacker identifies and modifies the node specs, they can manipulate system-level-privileged components to access all secrets in the cluster or execute pods on other nodes. This allows them to elevate privileges beyond the compromised node and potentially gain full privileged access to the whole cluster.To exploit this vulnerability, the attacker can make all other nodes unschedulable (for example, patch node with taints) and wait for system-critical components with high privilege to appear on the compromised node. However, this attack requires two prerequisites: a compromised node and identifying all vulnerable nodes through other means.Version 0.8.6 contains a patch for this issue. As a workaround, delete the `csi-nodeplugin-fluid` daemonset in `fluid-system` namespace and avoid using CSI mode to mount FUSE file systems. Alternatively, using sidecar mode to mount FUSE file systems is recommended.π Read
via "National Vulnerability Database".
π΄ Government, Industry Efforts to Thwart Ransomware Slowly Start to Pay Off π΄
π Read
via "Dark Reading".
Public-private collaboration, law enforcement, and better defenses are helping make inroads in the war against ransomware, according to the Ransomware Task Force.π Read
via "Dark Reading".
Dark Reading
Government, Industry Efforts to Thwart Ransomware Slowly Start to Pay Off
Public-private collaboration, law enforcement, and better defenses are helping make inroads in the war against ransomware, according to the Ransomware Task Force.
π΄ Whiteford Taylor & Preston LLP Issues Notice of Data Incident π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Whiteford Taylor & Preston LLP Issues Notice of Data Incident
BALTIMORE, May 5, 2023 /PRNewswire/ -- On or about May 11, 2022, Whiteford Taylor & Preston, LLP ("Whiteford") became aware of a potential unauthorized access into the Whiteford email account of one of its attorneys, despite our robust multi-factor authenticationβ¦
π΄ Consilient Inc. and Harex InfoTech Partner to Fight Financial Crime in South Korea π΄
π Read
via "Dark Reading".
Companies bring generative AI-Federated Learning to the forefront to transform business processes and enable dynamic risk management.π Read
via "Dark Reading".
Dark Reading
Consilient Inc. and Harex InfoTech Partner to Fight Financial Crime in South Korea
Companies bring generative AI-Federated Learning to the forefront to transform business processes and enable dynamic risk management.
βΌ CVE-2023-23543 βΌ
π Read
via "National Vulnerability Database".
The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A sandboxed app may be able to determine which app is currently using the cameraπ Read
via "National Vulnerability Database".
βΌ CVE-2022-46727 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32874 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27969 βΌ
π Read
via "National Vulnerability Database".
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privilegesπ Read
via "National Vulnerability Database".
βΌ CVE-2023-27967 βΌ
π Read
via "National Vulnerability Database".
The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privilegesπ Read
via "National Vulnerability Database".
βΌ CVE-2023-27965 βΌ
π Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privilegesπ Read
via "National Vulnerability Database".
βΌ CVE-2022-42804 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32873 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".