βΌ CVE-2023-1428 βΌ
π Read
via "National Vulnerability Database".
There exists an vulnerability causing an abort() to be called in gRPC.Γ The following headers cause gRPC's C++ implementation to abort() when called via http2:te: x (x != trailers):scheme: x (x != http, https)grpclb_client_stats: x (x == anything)On top of sending one of those headers, a later header must be sent that gets the total header size past 8KB. We recommend upgrading past git commitΓ 2485fa94bd8a723e5c977d55a3ce10b301b437f8 or v1.53 and above.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32731 βΌ
π Read
via "National Vulnerability Database".
When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained inΓ https://github.com/grpc/grpc/pull/32309 https://github.com/grpc/grpc/pull/32309π Read
via "National Vulnerability Database".
π΄ How Continuous Monitoring and Threat Intel Can Help Prevent Ransomware π΄
π Read
via "Dark Reading".
Security teams should be empowered with the right amount of intelligence to track new and emerging threats and connect that intel to historical data.π Read
via "Dark Reading".
Dark Reading
How Continuous Monitoring and Threat Intel Can Help Prevent Ransomware
Security teams should be empowered with the right amount of intelligence to track new and emerging threats and connect that intel to historical data.
βΌ CVE-2023-3183 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Performance Indicator System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addproduct.php. The manipulation of the argument prodname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231163.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3184 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=save. The manipulation of the argument firstname/middlename/lastname/username leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-231164.π Read
via "National Vulnerability Database".
π΄ 5 Tips for Modernizing Your Security Operations Center Strategy π΄
π Read
via "Dark Reading".
A solid, dependable SOC strategy that is scalable in the face of various security threats is essential to reduce cybersecurity risks to your business.π Read
via "Dark Reading".
Dark Reading
5 Tips for Modernizing Your Security Operations Center Strategy
A solid, dependable SOC strategy that is scalable in the face of various security threats is essential to reduce cybersecurity risks to your business.
π Tenshi Log Monitoring Program 0.18 π
π Read
via "Packet Storm Security".
tenshi is a log monitoring program, designed to watch one or more log files for lines matching user defined regular expressions and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.π Read
via "Packet Storm Security".
Packetstormsecurity
Tenshi Log Monitoring Program 0.18 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ South African Female Students Offered Cyber Scholarship π΄
π Read
via "Dark Reading".
Women of color are being offered a scholarship opportunity in South Africa β the offer will cover costs for pursuing a cyber career and encourage greater diversity of those studying cybersecurity courses.π Read
via "Dark Reading".
Dark Reading
South African Female Students Offered Cyber Scholarship
Women of color are being offered a scholarship opportunity in South Africa β the offer will cover costs for pursuing a cyber career and encourage greater diversity of those studying cybersecurity courses.
β S3 Ep138: I like to MOVEit, MOVEit β
π Read
via "Naked Security".
Backdoors, exploits, and Little Bobby Tables. Listen now! (Full transcript available...)π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Cl0P Gang Sat on Exploit for MOVEit Flaw for Nearly 2 Years π΄
π Read
via "Dark Reading".
Over that time, the group carried multiple tests to see if the exploit worked and to identify potential victims. It was like "turning the doorknob" to check for access, a researcher says.π Read
via "Dark Reading".
Dark Reading
Cl0P Gang Sat on Exploit for MOVEit Flaw for Nearly 2 Years
Over that time, the group carried multiple tests to see if the exploit worked and to identify potential victims. It was like "turning the doorknob" to check for access, a researcher says.
β Thoughts on scheduled password changes (donβt call them rotations!) β
π Read
via "Naked Security".
Does swapping your password regularly make it a better password?π Read
via "Naked Security".
Naked Security
Thoughts on scheduled password changes (donβt call them rotations!)
Does swapping your password regularly make it a better password?
βΌ CVE-2023-2121 βΌ
π Read
via "National Vulnerability Database".
Vault and Vault Enterprise's (Vault) key-value v2 (kv-v2) diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11.π Read
via "National Vulnerability Database".
π΄ 3 Elite Communication Skills to Help Security Pros Get Projects Funded π΄
π Read
via "Dark Reading".
It's not enough to know how to better protect the enterprise β you have to be able to convince decision-makers that your plans are necessary.π Read
via "Dark Reading".
Dark Reading
3 Elite Communication Skills to Help Security Pros Get Projects Funded
It's not enough to know how to better protect the enterprise β you have to be able to convince decision-makers that your plans are necessary.
βΌ CVE-2023-29712 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the X-Rewrite-URL parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29714 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via the username, password, and language cookies parameter.π Read
via "National Vulnerability Database".
π΄ 'Asylum Ambuscade' Cyberattackers Blend Financial Heists & Cyber Espionage π΄
π Read
via "Dark Reading".
In a rare mix of motivations, the cyberattack group has been linked to both financial cybercrime and political spying efforts on governments.π Read
via "Dark Reading".
Dark Reading
'Asylum Ambuscade' Cyberattackers Blend Financial Heists & Cyber Espionage
In a rare mix of motivations, the cyberattack group has been linked to both financial cybercrime and political spying efforts on governments.
π΄ DOS Attacks Dominate, but System Intrusions Cause Most Pain π΄
π Read
via "Dark Reading".
In the latest Verizon "Data Breach Investigations Report," denial-of-service attacks are the most common type of security incident, but when it comes to breaches, nearly four-in-ten attackers compromise systems.π Read
via "Dark Reading".
Dark Reading
DOS Attacks Dominate, but System Intrusions Cause Most Pain
In the latest Verizon "Data Breach Investigations Report," denial-of-service attacks are the most common type of security incident, but when it comes to breaches, nearly four-in-ten attackers compromise systems.
π΄ Brand-New Security Bugs Affect All MOVEit Transfer Versions π΄
π Read
via "Dark Reading".
Progress has issued a second patch for additional SQL flaws that are distinct from the zero-day that Cl0p ransomware gang is exploiting.π Read
via "Dark Reading".
Dark Reading
Brand-New Security Bugs Affect All MOVEit Transfer Versions
Progress has issued a second patch for additional SQL flaws that are distinct from the zero-day that the Cl0p ransomware gang is exploiting.
β Thoughts on scheduled password changes (donβt call them rotations!) β
π Read
via "Naked Security".
Does swapping your password regularly make it a better password?π Read
via "Naked Security".
Naked Security
Thoughts on scheduled password changes (donβt call them rotations!)
Does swapping your password regularly make it a better password?
β More MOVEit mitigations: new patches published for further protection β
π Read
via "Naked Security".
Good news... more patches, this time available proactivelyπ Read
via "Naked Security".
Naked Security
More MOVEit mitigations: new patches published for further protection
Good news⦠more patches, this time available proactively
βΌ CVE-2023-29752 βΌ
π Read
via "National Vulnerability Database".
An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the component.π Read
via "National Vulnerability Database".