βΌ CVE-2023-34122 βΌ
π Read
via "National Vulnerability Database".
Improper input validation in the installer for Zoom for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3214 βΌ
π Read
via "National Vulnerability Database".
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)π Read
via "National Vulnerability Database".
βοΈ Microsoft Patch Tuesday, June 2023 Edition βοΈ
π Read
via "Krebs on Security".
Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month's relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn't marred by the active exploitation of a zero-day vulnerability in Microsoft's products.π Read
via "Krebs on Security".
Krebs on Security
Microsoft Patch Tuesday, June 2023 Edition
Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month's relatively light patch load has another added bonus for system administrators everywhere: It appearsβ¦
π΄ Harness the Power of PKI to Battle Data Breaches π΄
π Read
via "Dark Reading".
The average cost of a data breach is $4.35 million. Understand the power of public key infrastructure (PKI) and its role in encrypting data and battling breaches.π Read
via "Dark Reading".
Dark Reading
Harness the Power of PKI to Battle Data Breaches
The average cost of a data breach is $4.35 million. Understand the power of public key infrastructure (PKI) and its role in encrypting data and battling breaches.
π Hydra Network Logon Cracker 9.5 π
π Read
via "Packet Storm Security".
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.π Read
via "Packet Storm Security".
Packetstormsecurity
Hydra Network Logon Cracker 9.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Popular Apparel, Clothing Brands Being Used in Massive Phishing Scam π΄
π Read
via "Dark Reading".
Threat actors have created over 3,000 domains, some as old as two years, to lure in customers to false, name brand websites for personal financial gain. π Read
via "Dark Reading".
Dark Reading
Popular Apparel, Clothing Brands Being Used in Massive Phishing Scam
Threat actors have created over 3,000 domains, some as old as two years, to lure in customers to false, name brand websites for personal financial gain.
π1
βΌ CVE-2023-34537 βΌ
π Read
via "National Vulnerability Database".
A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2637 βΌ
π Read
via "National Vulnerability Database".
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies.Γ Hard-coded cryptographic key may lead to privilege escalation.Γ This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie giving them administrative privileges to the FactoryTalk Policy Manger database. This may allow the threat actor to make malicious changes to the database that will be deployed when a legitimate FactoryTalk Policy Manager user deploys a security policy model. User interaction is required for this vulnerability to be successfully exploited.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2639 βΌ
π Read
via "National Vulnerability Database".
The underlying feedback mechanism of Rockwell Automation'sΓ FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device.Γ This may allow a threat actor to craft a malicious website that, when visited, will send a malicious script that can connect to the local WebSocket endpoint and wait for events as if it was a valid client device. If successfully exploited, this would allow a threat actor to receive information including whether FactoryTalk Policy Manager is installed and potentially the entire security policy.Γ π Read
via "National Vulnerability Database".
π΄ Cycode Launches CI/CD Pipeline Monitoring Solution (Cimon) to Prevent Supply Chain Attacks π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Cycode Launches CI/CD Pipeline Monitoring Solution (Cimon) to Prevent Supply Chain Attacks
SAN FRANCISCO, June 12, 2023 β Cycode, the leading application security platform, today announced the launch of Cimon, a seamless solution that enhances the security of CI/CD pipelines to prevent software supply chain attacks such as those that targeted SolarWindsβ¦
π΄ Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs π΄
π Read
via "Dark Reading".
Mandiant's ongoing investigation of UNC3886 has uncovered new details of threat actors' TTPs.π Read
via "Dark Reading".
Dark Reading
Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs
Mandiant's ongoing investigation of UNC3886 has uncovered new details of threat actors' TTPs.
β Gozi banking malware βIT chiefβ finally jailed after more than 10 years β
π Read
via "Naked Security".
Gozi threesome from way back in the late 2000s and early 2010s now all charged, convicted and sentenced. The DOJ got there in the end...π Read
via "Naked Security".
Naked Security
Gozi banking malware βIT chiefβ finally jailed after more than 10 years
Gozi threesome from way back in the late 2000s and early 2010s now all charged, convicted and sentenced. The DOJ got there in the endβ¦
β Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes β
π Read
via "Naked Security".
No zero-days this month, if you ignore the Edge RCE hole patched last weekπ Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2023-31142 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, if a site has modified their general category permissions, they could be set back to the default. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. A workaround, only if you are modifying the general category permissions, is to use a new category for the same purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32301 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, multiple duplicate topics could be created if topic embedding is enabled. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. As a workaround, disable topic embedding if it has been enabled.π Read
via "National Vulnerability Database".
π AIDE 0.18.4 π
π Read
via "Packet Storm Security".
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.π Read
via "Packet Storm Security".
Packetstormsecurity
AIDE 0.18.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π1
βΌ CVE-2023-29357 βΌ
π Read
via "National Vulnerability Database".
Microsoft SharePoint Server Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-29364 βΌ
π Read
via "National Vulnerability Database".
Windows Authentication Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-29366 βΌ
π Read
via "National Vulnerability Database".
Windows Geolocation Service Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-24938 βΌ
π Read
via "National Vulnerability Database".
Windows CryptoAPI Denial of Service Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-29353 βΌ
π Read
via "National Vulnerability Database".
Sysinternals Process Monitor for Windows Denial of Service Vulnerabilityπ Read
via "National Vulnerability Database".