βΌ CVE-2023-33544 βΌ
π Read
via "National Vulnerability Database".
hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43760 βΌ
π Read
via "National Vulnerability Database".
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SUSE Rancher allows users in some higher-privileged groups to to inject code that is executed within another user's browser, allowing the attacker to steal sensitive information, manipulate web content, or perform other malicious activities on behalf of the victims. This could result in a user with write access to the affected areas being able to act on behalf of an administrator, once an administrator opens the affected web page.This issue affects Rancher: from >= 2.6.0 before < 2.6.13, from >= 2.7.0 before < 2.7.4.π Read
via "National Vulnerability Database".
π AIEngine 2.4.0 π
π Read
via "Packet Storm Security".
AIEngine is a next generation interactive/programmable Python/Ruby/Java/Lua and Go network intrusion detection system engine. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.π Read
via "Packet Storm Security".
Packetstormsecurity
AIEngine 2.4.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Serious Security: That KeePass βmaster password crackβ, and what we can learn from it β
π Read
via "Naked Security".
Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don't panic.)π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β€1
π΄ Biometric Bypass: BrutePrint Makes Short Work of Fingerprint Security π΄
π Read
via "Dark Reading".
Bugs in the biometric protections on Android phones and iPhones allow the limit on the number of tries to unlock the devices with a fingerprint can be bypassed, allowing automated brute-force attacks.π Read
via "Dark Reading".
Dark Reading
Biometric Bypass: BrutePrint Makes Short Work of Fingerprint Security
Bugs in the biometric protections on Android phones and iPhones allow the limit on the number of tries to unlock the devices with a fingerprint can be bypassed, allowing automated brute-force attacks.
βΌ CVE-2023-33965 βΌ
π Read
via "National Vulnerability Database".
Brook is a cross-platform programmable network tool. The `tproxy` server is vulnerable to a drive-by command injection. An attacker may fool a victim into visiting a malicious web page which will trigger requests to the local `tproxy` service leading to remote code execution. A patch is available in version 20230606.π Read
via "National Vulnerability Database".
βοΈ Ask Fitis, the Bear: Real Crooks Sign Their Malware βοΈ
π Read
via "Krebs on Security".
Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on "Megatraffer," a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015.π Read
via "Krebs on Security".
Krebs on Security
Ask Fitis, the Bear: Real Crooks Sign Their Malware
Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten codeβ¦
π’ Warning issued over βwidespreadβ exploitation of Zyxel NAS devices π’
π Read
via "ITPro".
Zyxel has been forced to issue patches for several vulnerabilities affecting NAS devices π Read
via "ITPro".
Cloud Pro
Warning issued over βwidespreadβ exploitation of Zyxel NAS devices
Zyxel has been forced to issue patches for several vulnerabilities affecting NAS devices
β S3 Ep137: 16th century crypto skullduggery β
π Read
via "Naked Security".
Lots to learn, clearly explained in plain English... listen now! (Full transcript inside.)π Read
via "Naked Security".
Naked Security
S3 Ep137: 16th century crypto skullduggery
Lots to learn, clearly explained in plain English⦠listen now! (Full transcript inside.)
β Serious Security: That KeePass βmaster password crackβ, and what we can learn from it β
π Read
via "Naked Security".
Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don't panic.)π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Where SBOMs Stand Today π΄
π Read
via "Dark Reading".
It's been two years since Executive Order 14028. By using SBOMs as a standard, organizations can manage software risks, protect their reputation, and improve their cybersecurity posture.π Read
via "Dark Reading".
Dark Reading
Where SBOMs Stand Today
It's been two years since Executive Order 14028. By using SBOMs as a standard, organizations can manage software risks, protect their reputation, and improve their cybersecurity posture.
π΄ Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection π΄
π Read
via "Dark Reading".
In an already fraught environment surrounding the popular Python programming language software package manager, hackers are coming up with new ways to sneak malicious goodies past cybersecurity buffers.π Read
via "Dark Reading".
Dark Reading
Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection
In an already fraught environment surrounding the popular Python programming language software package manager, hackers are coming up with new ways to sneak malicious goodies past cybersecurity buffers.
π΄ Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace π΄
π Read
via "Dark Reading".
No activity logging in the free subscription for Google's Web-based productivity suite exposes enterprises to insider and other threats, researchers say.π Read
via "Dark Reading".
Dark Reading
Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace
No activity logging in the free subscription for Google's Web-based productivity suite exposes enterprises to insider and other threats, researchers say.
π΄ Sustained 'Red Deer' Phishing Attacks Impersonate Israel Post, Drop RATs π΄
π Read
via "Dark Reading".
The "missed package" phishing messages, likely the work of a hacking-for-hire group, bounds into inboxes, bearing ASyncRAT.π Read
via "Dark Reading".
Dark Reading
Sustained 'Red Deer' Phishing Attacks Impersonate Israel Post, Drop RATs
The "missed package" phishing messages, likely the work of a hacking-for-hire group, bounds into inboxes, bearing ASyncRAT.
βΌ CVE-2023-32310 βΌ
π Read
via "National Vulnerability Database".
DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This could result in a user deleting another user's dashboard or messages or interfering with the interface for marking messages read. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32713 βΌ
π Read
via "National Vulnerability Database".
In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user.π Read
via "National Vulnerability Database".
π΄ How Do I Reduce Security Tool Sprawl in My Environment? π΄
π Read
via "Dark Reading".
When it comes to tool consolidation, focus on platforms over products.π Read
via "Dark Reading".
Dark Reading
How Do I Reduce Security Tool Sprawl in My Environment?
When it comes to tool consolidation, focus on platforms over products.
π΄ Jetpack WordPress Plug-in API Bug Triggers Mass Updates π΄
π Read
via "Dark Reading".
An audit uncovers an API-related security vulnerability dating back to Jetpack version 2.0 released in 2012 β and it affects millions of websites.π Read
via "Dark Reading".
Dark Reading
Jetpack WordPress Plug-in API Bug Triggers Mass Updates
An audit uncovers an API-related security vulnerability dating back to Jetpack version 2.0 released in 2012 β and it affects millions of websites.
β€1
βΌ CVE-2023-34339 βΌ
π Read
via "National Vulnerability Database".
In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's messageπ Read
via "National Vulnerability Database".
π΄ Amazon Pays $30.8M to Settle Ring Spying & Alexa Privacy Lawsuits π΄
π Read
via "Dark Reading".
The global e-commerce company will pay millions of dollars in two separate lawsuits because of privacy and security violations, the FTC says.π Read
via "Dark Reading".
Dark Reading
Amazon Pays $30.8M to Settle Ring Spying & Alexa Privacy Lawsuits
The global e-commerce company will pay millions of dollars in two separate lawsuits because of privacy and security violations, the FTC says.
π΄ Tel Aviv Stock Exchange Selects CardinalOps to Reduce Risk of Breaches Due to Undetected Attacks π΄
π Read
via "Dark Reading".
Enables financial services firm to operationalize MITRE ATT&CK with Splunk and eliminate detection coverage gaps based on organizational risk and priorities.π Read
via "Dark Reading".
Dark Reading
Tel Aviv Stock Exchange Selects CardinalOps to Reduce Risk of Breaches Due to Undetected Attacks
Enables financial services firm to operationalize MITRE ATT&CK with Splunk and eliminate detection coverage gaps based on organizational risk and priorities.