π’ MOVEit cyber attack: Cl0p sparks speculation that itβs lost control of hack π’
π Read
via "ITPro".
The hackers return with their second major data-extortion attack of 2023, but may have bitten off more than they can chew π Read
via "ITPro".
ITPro
MOVEit cyber attack: Cl0p sparks speculation that itβs lost control of hack
The hackers return with their second major data-extortion attack of 2023, but may have bitten off more than they can chew
π’ Security consolidation is about improving results, not just cost savings π’
π Read
via "ITPro".
Channel partners can play a key role in enabling businesses to consolidate security operations and bolster resilience π Read
via "ITPro".
channelpro
Security consolidation is about improving results, not just cost savings
Channel partners can play a key role in enabling businesses to consolidate security operations and bolster resilience
βΌ CVE-2023-3140 βΌ
π Read
via "National Vulnerability Database".
Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4.0 has left users vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a button or link, to another server in which they have an identical webpage. The attacker essentially hijacks the user activity intended for the original server and sends them to the other server.π Read
via "National Vulnerability Database".
β€1
π΄ Cisco Touts New AI-Based Security, SSE Features π΄
π Read
via "Dark Reading".
Cisco laid out its AI plans and a vision for unified cloud security during Cisco Live 2023.π Read
via "Dark Reading".
Dark Reading
Cisco Touts New AI-Based Security, SSE Features
Cisco laid out its plans for artificial intelligence (AI) and a vision for unified cloud security during Cisco Live 2023.
π1
β Chrome zero-day: βThis exploit is in the wildβ, so check your version now β
π Read
via "Naked Security".
Chrome 0-day patched now, Edge patch coming soon.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ The Case for a Federal Cyber-Insurance Backstop π΄
π Read
via "Dark Reading".
By stepping in to provide aid, the federal government could help protect companies, insurers, and the economy from the impact of a widespread, catastrophic cyberattack. π Read
via "Dark Reading".
Dark Reading
The Case for a Federal Cyber-Insurance Backstop
By stepping in to provide aid, the federal government could help protect companies, insurers, and the economy from the impact of a widespread, catastrophic cyberattack.
βΌ CVE-2021-4380 βΌ
π Read
via "National Vulnerability Database".
The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wp_pinterest_automatic_parse_request' function and the 'process_form.php' script in versions up to, and including, 1.14.3. This makes it possible for unauthenticated attackers to update arbitrary options on a site that can be used to create new administrative user accounts or redirect unsuspecting site visitors.π Read
via "National Vulnerability Database".
π΄ FBI: Sextortionist Campaigns Use Deepfakes to Target Children, Adults π΄
π Read
via "Dark Reading".
Threat actors are lifting public images and videos from the Internet, altering them, and posting them online in a new wave of sextortion campaigns.π Read
via "Dark Reading".
Dark Reading
FBI: Sextortionist Campaigns Use Deepfakes to Target Children, Adults
Threat actors are lifting public images and videos from the Internet, altering them, and posting them online in a new wave of sextortion campaigns.
βΌ CVE-2023-3145 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in SourceCodester Online Discussion Forum Site 1.0. Affected by this issue is some unknown functionality of the file classes\Users.php?f=registration. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-231014 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-33498 βΌ
π Read
via "National Vulnerability Database".
alist <=3.16.3 is vulnerable to Incorrect Access Control. Low privilege accounts can upload any file.π Read
via "National Vulnerability Database".
π Falco 0.35.0 π
π Read
via "Packet Storm Security".
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.π Read
via "Packet Storm Security".
Packetstormsecurity
Falco 0.35.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Cyber Essentialism & 'Doing Less With Less' π΄
π Read
via "Dark Reading".
Cybersecurity benefits from a focus on the vital few chores rather than the trivial many. Find the "right things" to encourage strategic thinking, then move the culture needle to promote that policy.π Read
via "Dark Reading".
Dark Reading
Cyber Essentialism & 'Doing Less With Less'
Cybersecurity benefits from a focus on the vital few chores rather than the trivial many. Find the "right things" to encourage strategic thinking, then move the culture needle to promote that policy.
β Firefox 114 is out: No 0-days, but one fascinating βteachable momentβ bug β
π Read
via "Naked Security".
With the right (or wrong, if you're on the right side of the fence) timing...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2023-1825 βΌ
π Read
via "National Vulnerability Database".
An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It was possible to disclose issue notes to an unauthorized user at project export.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-3146 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\categories\manage_category.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231015.π Read
via "National Vulnerability Database".
π΄ Microsoft Fined $20M For Xbox Child Data Collection π΄
π Read
via "Dark Reading".
The FTC has demanded additional data privacy protections for kids using Xbox gaming systems, extending COPPA protections.π Read
via "Dark Reading".
Dark Reading
Microsoft Fined $20M For Xbox Child Data Collection
The FTC has demanded additional data privacy protections for kids using Xbox gaming systems, extending COPPA protections.
βΌ CVE-2023-34234 βΌ
π Read
via "National Vulnerability Database".
OpenZeppelin Contracts is a library for smart contract development. By frontrunning the creation of a proposal, an attacker can become the proposer and gain the ability to cancel it. The attacker can do this repeatedly to try to prevent a proposal from being proposed at all. This impacts the `Governor` contract in v4.9.0 only, and the `GovernorCompatibilityBravo` contract since v4.3.0. This problem has been patched in 4.9.1 by introducing opt-in frontrunning protection. Users are advised to upgrade. Users unable to upgrade may submit the proposal creation transaction to an endpoint with frontrunning protection as a workaround.π Read
via "National Vulnerability Database".
βΌ CVE-2023-34108 βΌ
π Read
via "National Vulnerability Database".
mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration. A vulnerability has been discovered in mailcow which allows an attacker to manipulate internal Dovecot variables by using specially crafted passwords during the authentication process. The issue arises from the behavior of the `passwd-verify.lua` script, which is responsible for verifying user passwords during login attempts. Upon a successful login, the script returns a response in the format of "password=<valid-password>", indicating the successful authentication. By crafting a password with additional key-value pairs appended to it, an attacker can manipulate the returned string and influence the internal behavior of Dovecot. For example, using the password "123 mail_crypt_save_version=0" would cause the `passwd-verify.lua` script to return the string "password=123 mail_crypt_save_version=0". Consequently, Dovecot will interpret this string and set the internal variables accordingly, leading to unintended consequences. This vulnerability can be exploited by an authenticated attacker who has the ability to set their own password. Successful exploitation of this vulnerability could result in unauthorized access to user accounts, bypassing security controls, or other malicious activities. This issue has been patched in version `2023-05a`. Users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
π΄ Defenders Buckle Up for a Future of Detecting Deepfakes π΄
π Read
via "Dark Reading".
Today, technology companies have high success rates against generative AI-created voices and videos, but future detection will be much more difficult.π Read
via "Dark Reading".
Dark Reading
Defenders Buckle Up for a Future of Detecting Deepfakes
Today technology companies have high success rates against generative AI-created voices and videos, but future detection will be much more difficult.
π΄ Minecraft Malware Spreading Through Mods, Plug-ins π΄
π Read
via "Dark Reading".
A worm virus called "fracturizer" has been embedded in modpacks from various sites, including CurseForge and CraftBukkit.π Read
via "Dark Reading".
Dark Reading
Minecraft Malware Spreading Through Mods, Plug-ins
A worm virus called "fracturizer" has been embedded in modpacks from various sites, including CurseForge and CraftBukkit.
π΄ BeyondID Launches Initiative to Accelerate Zero Trust With Okta Identity Engine π΄
π Read
via "Dark Reading".
OIE upgrade roadmap helps organizations become more secure; saves time, resources.π Read
via "Dark Reading".
Dark Reading
BeyondID Launches Initiative to Accelerate Zero Trust With Okta Identity Engine
OIE upgrade roadmap helps organizations become more secure; saves time, resources.