‼ CVE-2023-42468 ‼
📖 Read
via "National Vulnerability Database".
The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker to initiate phone calls without user consent, because of improper export of the com.cutestudio.dialer.activities.DialerActivity component. A third-party application (without any permissions) can craft an intent targeting com.cutestudio.dialer.activities.DialerActivity via the android.intent.action.CALL action in conjunction with a tel: URI, thereby placing a phone call.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4568 ‼
📖 Read
via "National Vulnerability Database".
PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41892 ‼
📖 Read
via "National Vulnerability Database".
Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15.📖 Read
via "National Vulnerability Database".
♟️ FBI Hacker Dropped Stolen Airbus Data on 9/11 ♟️
📖 Read
via "Krebs on Security".
In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle "USDoD" had infiltrated the FBI's vetted information sharing network InfraGard, and was selling the contact information for all 80,000 members. The FBI responded by reverifying all InfraGard members and by seizing the cybercrime forum where the data was being sold. But on Sept. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus, while promising to visit the same treatment on top U.S. defense contractors.📖 Read
via "Krebs on Security".
Krebs on Security
FBI Hacker Dropped Stolen Airbus Data on 9/11
In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle "USDoD" had infiltrated the FBI's vetted information sharing network InfraGard, and was selling the contact information for all 80,000 members. The FBI responded by reverifying…
👍1
‼ CVE-2023-4945 ‼
📖 Read
via "National Vulnerability Database".
The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4944 ‼
📖 Read
via "National Vulnerability Database".
The Awesome Weather Widget for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'awesome-weather' shortcode in versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4948 ‼
📖 Read
via "National Vulnerability Database".
The WooCommerce CVR Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the refresh_order_cvr_data AJAX action in versions up to 6.1.0. This makes it possible for authenticated attackers with contributor-level access and above, to update CVR numbers for orders.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4841 ‼
📖 Read
via "National Vulnerability Database".
The Feeds for YouTube for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'youtube-feed' shortcode in versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41267 ‼
📖 Read
via "National Vulnerability Database".
In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The Airflow team has since taken ownership of the package (neutralizing the risk), and fixed the doc strings in version 4.1.1📖 Read
via "National Vulnerability Database".
‼ CVE-2023-26141 ‼
📖 Read
via "National Vulnerability Database".
Versions of the package sidekiq before 7.1.3 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. An attacker can exploit this vulnerability by manipulating the localStorage value which will cause excessive polling requests.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-38205 ‼
📖 Read
via "National Vulnerability Database".
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4516 ‼
📖 Read
via "National Vulnerability Database".
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS UpdateService that could allow a local attacker to change update source, potentially leading to remotecode execution when the attacker force an update containing malicious content.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-42503 ‼
📖 Read
via "National Vulnerability Database".
Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0.Users are recommended to upgrade to version 1.24.0, which fixes the issue.A third party can create a malformed TAR file by manipulating file modification times headers, which when parsed with Apache Commons Compress, will cause a denial of service issue via CPU consumption.In version 1.22 of Apache Commons Compress, support was added for file modification times with higher precision (issue # COMPRESS-612 [1]). The format for the PAX extended headers carrying this data consists of two numbers separated by a period [2], indicating seconds and subsecond precision (for example “1647221103.5998539â€�). The impacted fields are “atimeâ€�, “ctimeâ€�, “mtimeâ€� and “LIBARCHIVE.creationtimeâ€�. No input validation is performed prior to the parsing of header values.Parsing of these numbers uses the BigDecimal [3] class from the JDK which has a publicly known algorithmic complexity issue when doing operations on large numbers, causing denial of service (see issue # JDK-6560193 [4]). A third party can manipulate file time headers in a TAR file by placing a number with a very long fraction (300,000 digits) or a number with exponent notation (such as “9e9999999â€�) within a file modification time header, and the parsing of files with these headers will take hours instead of seconds, leading to a denial of service via exhaustion of CPU resources. This issue is similar to CVE-2012-2098 [5].[1]: https://issues.apache.org/jira/browse/COMPRESS-612 [2]: https://pubs.opengroup.org/onlinepubs/9699919799/utilities/pax.html#tag_20_92_13_05 [3]: https://docs.oracle.com/javase/8/docs/api/java/math/BigDecimal.html [4]: https://bugs.openjdk.org/browse/JDK-6560193 [5]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098 Only applications using CompressorStreamFactory class (with auto-detection of file types), TarArchiveInputStream and TarFile classes to parse TAR files are impacted. Since this code was introduced in v1.22, only that version and later versions are impacted.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4814 ‼
📖 Read
via "National Vulnerability Database".
A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which can be abused to delete any file/folder for which the user does not have permission to.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-38204 ‼
📖 Read
via "National Vulnerability Database".
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-38206 ‼
📖 Read
via "National Vulnerability Database".
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints resulting in a low-confidentiality impact. Exploitation of this issue does not require user interaction.📖 Read
via "National Vulnerability Database".
📢 Dutch football association admits paying LockBit in ‘April Fools’ ransomware attack 📢
📖 Read
via "ITPro".
The national governing body offered a rare candid account of the ransomware attack, the full scale of which is still unknown 📖 Read
via "ITPro".
ITPro
Dutch football association admits paying LockBit in ‘April Fools’ ransomware attack
The national governing body offered a rare candid account of the ransomware attack, the full scale of which is still unknown
‼ CVE-2023-38557 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q3). The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-38558 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration Console) V4.0 Update 1 (All versions). The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems.📖 Read
via "National Vulnerability Database".
🕴 'Scattered Spider' Behind MGM Cyberattack, Targets Casinos 🕴
📖 Read
via "Dark Reading".
The ransomware group is a collection of young adults, and also recently breached Caesars Entertainment and made a ransom score in the tens of millions range.📖 Read
via "Dark Reading".
Dark Reading
'Scattered Spider' Behind MGM Cyberattack, Targets Casinos
The ransomware group is a collection of young adults who also recently breached Caesars Entertainment and made a ransom score in the tens of millions.
🦿 Conversational AI Company Uniphore Leverages Red Box Acquisition for New Data Collection Tool 🦿
📖 Read
via "Tech Republic".
Red Box provides the open architecture for data capture. Uniphore then feeds that data into U-Capture, its conversational AI automation tool.📖 Read
via "Tech Republic".
TechRepublic
Conversational AI Company Uniphore Leverages Red Box Acquisition for New Data Collection Tool
Red Box provides the open architecture for data capture. Uniphore then feeds that data into U-Capture, its conversational AI automation tool.