βΌ CVE-2023-2917 βΌ
π Read
via "National Vulnerability Database".
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.Γ Γ Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. Γ A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4029 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4028 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4030 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt.π Read
via "National Vulnerability Database".
π΄ White House Orders Federal Agencies to Bolster Cyber Safeguards π΄
π Read
via "Dark Reading".
A Biden administration adviser puts federal departments and agencies on notice to come into full compliance with presidential guidelines by the end of the year.π Read
via "Dark Reading".
Dark Reading
White House Orders Federal Agencies to Bolster Cyber Safeguards
A Biden administration adviser puts federal departments and agencies on notice to come into full compliance with presidential guidelines by the end of the year.
βοΈ Karma Catches Up to Global Phishing Service 16Shop βοΈ
π Read
via "Krebs on Security".
You've probably never heard of "16Shop," but there's a good chance someone using it has tried to phish you.Last week, the international police organization INTERPOL said it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams. INTERPOL said authorities in Indonesia arrested the 21-year-old proprietor and one of his alleged facilitators, and that a third suspect was apprehended in Japan.π Read
via "Krebs on Security".
Krebs on Security
Karma Catches Up to Global Phishing Service 16Shop
You've probably never heard of "16Shop," but there's a good chance someone using it has tried to phish you. Last week, the international police organization INTERPOL said it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launchedβ¦
βΌ CVE-2023-40165 βΌ
π Read
via "National Vulnerability Database".
rubygems.org is the Ruby community's primary gem (library) hosting service. Insufficient input validation allowed malicious actors to replace any uploaded gem version that had a platform, version number, or gem name matching `/-\d/`, permanently replacing the legitimate upload in the canonical gem storage bucket, and triggering an immediate CDN purge so that the malicious gem would be served immediately. The maintainers have checked all gems matching the `/-\d/` pattern and can confirm that no unexpected `.gem`s were found. As a result, we believe this vulnerability was _not_ exploited. The easiest way to ensure that a user's applications were not exploited by this vulnerability is to check that all of your downloaded .gems have a checksum that matches the checksum recorded in the RubyGems.org database. RubyGems contributor Maciej Mensfeld wrote a tool to automatically check that all downloaded .gem files match the checksums recorded in the RubyGems.org database. You can use it by running: `bundle add bundler-integrity` followed by `bundle exec bundler-integrity`. Neither this tool nor anything else can prove you were not exploited, but the can assist your investigation by quickly comparing RubyGems API-provided checksums with the checksums of files on your disk. The issue has been patched with improved input validation and the changes are live. No action is required on the part of the user. Users are advised to validate their local gems.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39743 βΌ
π Read
via "National Vulnerability Database".
lrzip-next LZMA v23.01 was discovered to contain an access violation via the component /bz3_decode_block src/libbz3.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37914 βΌ
π Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can view `Invitation.WebHome` can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. This vulnerability has been patched on XWiki 14.4.8, 15.2-rc-1, and 14.10.6. Users are advised to upgrade. Users unable to upgrade may manually apply the patch on `Invitation.InvitationCommon` and `Invitation.InvitationConfig`, but there are otherwise no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38843 βΌ
π Read
via "National Vulnerability Database".
An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted payload into the description field in the incident function.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38905 βΌ
π Read
via "National Vulnerability Database".
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39741 βΌ
π Read
via "National Vulnerability Database".
lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40313 βΌ
π Read
via "National Vulnerability Database".
A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian versions which could allow arbitrary remote Java code execution. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26469 βΌ
π Read
via "National Vulnerability Database".
In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server.π Read
via "National Vulnerability Database".
π΄ ISC2 Announces Milestone As Community Grows to Half a Million π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
ISC2 Announces Milestone as Community Grows to Half a Million
ALEXANDRIA, Va., Aug. 17, 2023 /PRNewswire/ -- The world's leading nonprofit member organization for cybersecurity professionals, formerly known as (ISC)Β², has today announced that it is now ISC2 to reflect its growing global membership and expanded roleβ¦
π΄ Normalyze: How Focusing On Data Can Improve Cloud Security π΄
π Read
via "Dark Reading".
In this Dark Reading News Desk segment, Normalyzeβs Ravi Ithal discusses cloud security and data security posture management (DPSM).π Read
via "Dark Reading".
Darkreading
Normalyze: How Focusing on Data Can Improve Cloud Security
In this Dark Reading News Desk segment, Normalyzeβs Ravi Ithal discusses cloud security and data security posture management (DSPM).
π΄ TXOne: How to Improve Your Operational Technology Security Posture π΄
π Read
via "Dark Reading".
In this Dark Reading News Desk segment, Terence Liu of TXOne Networks discusses operational technology and industrial cybersecurity.π Read
via "Dark Reading".
Darkreading
TXOne: How to Improve Your Operational Technology Security Posture
In this Dark Reading News Desk segment, Terence Liu of TXOne Networks discusses operational technology and industrial cybersecurity.
π΄ Foretrace Announces Launch of "Tim," Generative AI Analyst for Assessing and Responding to Data Leaks π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Foretrace Announces Launch of "Tim," Generative AI Analyst for Assessing and Responding to Data Leaks
COLUMBIA, Md,, Aug. 17, 2023 /PRNewswire-PRWeb/ -- Foretrace, the leader in data leak and exposure management, today announced the release of "Tim," a generative AI analyst that will provide real-time recommendations and guidance to assist in the investigationβ¦
π΄ Sophos: βRoyalβ Is Trying to Make Itself the King of Ransomware π΄
π Read
via "Dark Reading".
In this Dark Reading News Desk segment, John Shier, Field CTO Commercial, Sophos, discusses the "Royal" ransomware.π Read
via "Dark Reading".
Darkreading
Sophos: βRoyalβ Is Trying to Make Itself the King of Ransomware
In this Dark Reading News Desk segment, John Shier, Field CTO Commercial, Sophos, discusses the "Royal" ransomware.
βΌ CVE-2023-31939 βΌ
π Read
via "National Vulnerability Database".
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomer_id parameter at customer_edit.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31938 βΌ
π Read
via "National Vulnerability Database".
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_detail.php.π Read
via "National Vulnerability Database".