βΌ CVE-2023-34112 βΌ
π Read
via "National Vulnerability Database".
JavaCPP Presets is a project providing Java distributions of native C++ libraries. All the actions in the `bytedeco/javacpp-presets` use the `github.event.head_commit.message?` parameter in an insecure way. For example, the commit message is used in a run statement - resulting in a command injection vulnerability due to string interpolation. No exploitation has been reported. This issue has been addressed in version 1.5.9. Users of JavaCPP Presets are advised to upgrade as a precaution.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3172 βΌ
π Read
via "National Vulnerability Database".
Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1978 βΌ
π Read
via "National Vulnerability Database".
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0992 βΌ
π Read
via "National Vulnerability Database".
The Shield Security plugin for WordPress is vulnerable to stored Cross-Site Scripting in versions up to, and including, 17.0.17 via the 'User-Agent' header. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1910 βΌ
π Read
via "National Vulnerability Database".
The Getwid Γ’β¬β Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the get_remote_templates function in versions up to, and including, 1.8.3. This makes it possible for authenticated attackers with subscriber-level permissions or above to flush the remote template cache. Cached template information can also be accessed via this endpoint but these are not considered sensitive as they are publicly accessible from the developer's site.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1895 βΌ
π Read
via "National Vulnerability Database".
The Getwid Γ’β¬β Gutenberg Blocks plugin for WordPress is vulnerable to Server Side Request Forgery via the get_remote_content REST API endpoint in versions up to, and including, 1.8.3. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2189 βΌ
π Read
via "National Vulnerability Database".
The Elementor Addons, Widgets and Enhancements Γ’β¬β Stax plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the toggle_widget function in versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to enable or disable Elementor widgets.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2086 βΌ
π Read
via "National Vulnerability Database".
The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the template_count function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to obtain plugin template information. While a nonce check is present, it is only executed when a nonce is provided. Not providing a nonce results in the nonce verification to be skipped. There is no capability check.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2895 βΌ
π Read
via "National Vulnerability Database".
The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_bulk_activate_product function. This makes it possible for unauthenticated attackers to bulk activate products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
π’ Arctic Wolf expands $1 million security operations warranty to Europe and ANZ π’
π Read
via "ITPro".
Qualifying customers now have access to fully underwritten financial assistance of up to $1 million in the event of a cyber attack π Read
via "ITPro".
channelpro
Arctic Wolf expands $1 million security operations warranty to Europe and ANZ
Qualifying customers now have access to fully underwritten financial assistance of up to $1 million in the event of a cyber attack
π’ University of Manchester admits cyber incident "likely" led to data theft π’
π Read
via "ITPro".
The university said it is working with relevant authorities as part of its investigation π Read
via "ITPro".
ITPro
University of Manchester admits cyber incident "likely" led to data theft
The university said it is working with relevant authorities as part of its investigation
βΌ CVE-2023-1428 βΌ
π Read
via "National Vulnerability Database".
There exists an vulnerability causing an abort() to be called in gRPC.Γ The following headers cause gRPC's C++ implementation to abort() when called via http2:te: x (x != trailers):scheme: x (x != http, https)grpclb_client_stats: x (x == anything)On top of sending one of those headers, a later header must be sent that gets the total header size past 8KB. We recommend upgrading past git commitΓ 2485fa94bd8a723e5c977d55a3ce10b301b437f8 or v1.53 and above.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32731 βΌ
π Read
via "National Vulnerability Database".
When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained inΓ https://github.com/grpc/grpc/pull/32309 https://github.com/grpc/grpc/pull/32309π Read
via "National Vulnerability Database".
π΄ How Continuous Monitoring and Threat Intel Can Help Prevent Ransomware π΄
π Read
via "Dark Reading".
Security teams should be empowered with the right amount of intelligence to track new and emerging threats and connect that intel to historical data.π Read
via "Dark Reading".
Dark Reading
How Continuous Monitoring and Threat Intel Can Help Prevent Ransomware
Security teams should be empowered with the right amount of intelligence to track new and emerging threats and connect that intel to historical data.
βΌ CVE-2023-3183 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Performance Indicator System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addproduct.php. The manipulation of the argument prodname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231163.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3184 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=save. The manipulation of the argument firstname/middlename/lastname/username leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-231164.π Read
via "National Vulnerability Database".
π΄ 5 Tips for Modernizing Your Security Operations Center Strategy π΄
π Read
via "Dark Reading".
A solid, dependable SOC strategy that is scalable in the face of various security threats is essential to reduce cybersecurity risks to your business.π Read
via "Dark Reading".
Dark Reading
5 Tips for Modernizing Your Security Operations Center Strategy
A solid, dependable SOC strategy that is scalable in the face of various security threats is essential to reduce cybersecurity risks to your business.
π Tenshi Log Monitoring Program 0.18 π
π Read
via "Packet Storm Security".
tenshi is a log monitoring program, designed to watch one or more log files for lines matching user defined regular expressions and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.π Read
via "Packet Storm Security".
Packetstormsecurity
Tenshi Log Monitoring Program 0.18 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ South African Female Students Offered Cyber Scholarship π΄
π Read
via "Dark Reading".
Women of color are being offered a scholarship opportunity in South Africa β the offer will cover costs for pursuing a cyber career and encourage greater diversity of those studying cybersecurity courses.π Read
via "Dark Reading".
Dark Reading
South African Female Students Offered Cyber Scholarship
Women of color are being offered a scholarship opportunity in South Africa β the offer will cover costs for pursuing a cyber career and encourage greater diversity of those studying cybersecurity courses.
β S3 Ep138: I like to MOVEit, MOVEit β
π Read
via "Naked Security".
Backdoors, exploits, and Little Bobby Tables. Listen now! (Full transcript available...)π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Cl0P Gang Sat on Exploit for MOVEit Flaw for Nearly 2 Years π΄
π Read
via "Dark Reading".
Over that time, the group carried multiple tests to see if the exploit worked and to identify potential victims. It was like "turning the doorknob" to check for access, a researcher says.π Read
via "Dark Reading".
Dark Reading
Cl0P Gang Sat on Exploit for MOVEit Flaw for Nearly 2 Years
Over that time, the group carried multiple tests to see if the exploit worked and to identify potential victims. It was like "turning the doorknob" to check for access, a researcher says.