βΌ CVE-2023-34537 βΌ
π Read
via "National Vulnerability Database".
A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2637 βΌ
π Read
via "National Vulnerability Database".
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies.Γ Hard-coded cryptographic key may lead to privilege escalation.Γ This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie giving them administrative privileges to the FactoryTalk Policy Manger database. This may allow the threat actor to make malicious changes to the database that will be deployed when a legitimate FactoryTalk Policy Manager user deploys a security policy model. User interaction is required for this vulnerability to be successfully exploited.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2639 βΌ
π Read
via "National Vulnerability Database".
The underlying feedback mechanism of Rockwell Automation'sΓ FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device.Γ This may allow a threat actor to craft a malicious website that, when visited, will send a malicious script that can connect to the local WebSocket endpoint and wait for events as if it was a valid client device. If successfully exploited, this would allow a threat actor to receive information including whether FactoryTalk Policy Manager is installed and potentially the entire security policy.Γ π Read
via "National Vulnerability Database".
π΄ Cycode Launches CI/CD Pipeline Monitoring Solution (Cimon) to Prevent Supply Chain Attacks π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Cycode Launches CI/CD Pipeline Monitoring Solution (Cimon) to Prevent Supply Chain Attacks
SAN FRANCISCO, June 12, 2023 β Cycode, the leading application security platform, today announced the launch of Cimon, a seamless solution that enhances the security of CI/CD pipelines to prevent software supply chain attacks such as those that targeted SolarWindsβ¦
π΄ Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs π΄
π Read
via "Dark Reading".
Mandiant's ongoing investigation of UNC3886 has uncovered new details of threat actors' TTPs.π Read
via "Dark Reading".
Dark Reading
Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs
Mandiant's ongoing investigation of UNC3886 has uncovered new details of threat actors' TTPs.
β Gozi banking malware βIT chiefβ finally jailed after more than 10 years β
π Read
via "Naked Security".
Gozi threesome from way back in the late 2000s and early 2010s now all charged, convicted and sentenced. The DOJ got there in the end...π Read
via "Naked Security".
Naked Security
Gozi banking malware βIT chiefβ finally jailed after more than 10 years
Gozi threesome from way back in the late 2000s and early 2010s now all charged, convicted and sentenced. The DOJ got there in the endβ¦
β Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes β
π Read
via "Naked Security".
No zero-days this month, if you ignore the Edge RCE hole patched last weekπ Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2023-31142 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, if a site has modified their general category permissions, they could be set back to the default. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. A workaround, only if you are modifying the general category permissions, is to use a new category for the same purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32301 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, multiple duplicate topics could be created if topic embedding is enabled. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. As a workaround, disable topic embedding if it has been enabled.π Read
via "National Vulnerability Database".
π AIDE 0.18.4 π
π Read
via "Packet Storm Security".
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.π Read
via "Packet Storm Security".
Packetstormsecurity
AIDE 0.18.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π1
βΌ CVE-2023-29357 βΌ
π Read
via "National Vulnerability Database".
Microsoft SharePoint Server Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-29364 βΌ
π Read
via "National Vulnerability Database".
Windows Authentication Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-29366 βΌ
π Read
via "National Vulnerability Database".
Windows Geolocation Service Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-24938 βΌ
π Read
via "National Vulnerability Database".
Windows CryptoAPI Denial of Service Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-29353 βΌ
π Read
via "National Vulnerability Database".
Sysinternals Process Monitor for Windows Denial of Service Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-32010 βΌ
π Read
via "National Vulnerability Database".
Windows Bus Filter Driver Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-32011 βΌ
π Read
via "National Vulnerability Database".
Windows iSCSI Discovery Service Denial of Service Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-29372 βΌ
π Read
via "National Vulnerability Database".
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-32032 βΌ
π Read
via "National Vulnerability Database".
.NET and Visual Studio Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-32017 βΌ
π Read
via "National Vulnerability Database".
Microsoft PostScript Printer Driver Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-32015 βΌ
π Read
via "National Vulnerability Database".
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".