⚠️ Kritisk sårbarhet i Cisco IOS XE Wireless Controller – godtycklig filuppladdning möjlig. CVSS-score på 10 av 10 möjliga!
#Cisco #IOSXE #CiscoWLC #CVSS10 #CVE202520188 #Sårbarhet #Informationssäkerhet #ITsäkerhet #RootAccess #RCE #JWT #HardCodedCredentials #PathTraversal #WirelessLAN #Catalyst9800 #Nätverkssäkerhet #Sårbarhetsanalys #Exploit #Cybersecurity #SecurityAdvisory
Local Privilege Escalations in needrestarthttps://www.openwall.com/lists/oss-security/2024/11/19/1
We discovered three fundamental vulnerabilities in needrestart (three
LPEs, Local Privilege Escalations, from any unprivileged user to full
root), which are exploitable without user interaction on #Ubuntu Server
(through unattended-upgrades)
Mit gefundenen Sicherheitslücken gehen Hersteller ja unterschiedlich um - umso angenehmer ist es, mal zu sehen, dass Firmen wie #Synology durchaus proaktiv informieren. Update (selbstverständlich bereits) erledigt!
We assess with high confidence that an attacker possessing the same retinal and fingerprint patterns as a victim can bypass traditional biometric security controls. To date, every biometric control we've tested is vulnerable to this attack. There is currently no known fix.
#Qualys #SecurityAdvisoryhttps://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
#regreSSHion: #RCE in #OpenSSH's server, on glibc-based #Linux systems (CVE-2024-6387)
The Canadian Centre for Cyber Security has issued a detailed security advisory regarding the "LINE DANCER" & "LINE RUNNER" attacks against Cisco ASA devices by what it believes are nation-state sponsored malicious actors.
As usual, if you or your organization runs Cisco ASAs, time to patch to mitigate these vulnerabilities.
www.cyber.gc.ca/en/news-events/cyber-activity-impacting-cisco-asa-vpns
#infosec #cybersecurity #LINEDANCER #LINERUNNER #ARCANEDOOR #Cisco #CiscoASA #SecurityAdvisory #CVE_2024_20359 #CVE_2024_20353
Qualcomm security advisory: 12 Proprietary Software Issues, 4 Open Source Software issues. No mention of exploitation in the wild. 🔗 https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html
Android Security Bulletin released: 28 vulnerabilities, 27 of which are high severity. 1 marked critical was CVE-2023-28582 (9.8 critical, disclosed 04 March 2024 by Qualcomm). No mention of exploitation in the wild. 🔗 https://source.android.com/docs/security/bulletin/2024-04-01
Elastic security advisories (no mention of exploitation):
#Elastic #PatchTuesday #vulnerability #CVE_2024_23450 #CVE_2024_23451 #securityadvisory
Cisco decided to make it a Patch Wednesday. Here are 17 security advisories:
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
Apple security advisories have been released:
All of the security advisories reference CVE-2024-1580 (5.9 medium) which is an integer overflow in dav1d AV1 decoder that could lead to out-of-bounds write (arbitrary code execution). It was fixed with improved input validation. No mention of exploitation in the wild. Discovered by Nick Galloway of Google Project Zero.
#Apple #PatchTuesday #vulnerability #securityadvisory #CVE_2024_1580
Mozilla Foundation security advisories. No mention of exploitation. Mozilla does a funny and says "Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code."
#Mozilla #PatchTuesday #securityadvisory #vulnerability #firefox #Thunderbird
BIG-IP iRule or LTM policy may generate multiple HTTP redirect responses:
A security advisory highlights a vulnerability in BIG-IP systems that can result in the generation of multiple HTTP redirect responses when certain conditions are met. This occurs if a virtual server has specific configurations, including an iRule or LTM policy for redirecting HTTP requests based on request content, and if it processes a malformed HTTP request. The impact of this vulnerability can lead to multiple unexpected HTTP redirect responses being cached by intermediate systems and received by clients. F5 has assigned IDs to this issue and classified it as CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling'). Users are recommended to update to fixed versions or apply a mitigation iRule to affected virtual servers.
🚨 Major #DDoS attacks hit Cloudflare, Google, AWS via a zero-day in HTTP/2 (CVE-2023-44487). The HTTP/2 Rapid Reset exploit caused chaos, with attacks reaching 201M RPS and a staggering 398M RPS! Quick mitigations were applied, but the urgency to patch systems remains critical.
See how it works below!
#CyberSecurity #HTTP
#DDoS #CyberAttack #InfoSec #Vulnerability #PatchAlert #cyber #cybersecurity #zeroday #0day #cybernews #technology #technews #HTTPS #CyberThreat #InfoSecCommunity #SecurityBreach #CyberDefense #ThreatIntel #NetworkSecurity #DataProtection #RiskManagement #CyberAwareness #ITSecurity #SecurityPatch #CyberSafety #DigitalSecurity #CloudSecurity #EnterpriseSecurity #SecureInternet #CyberResilience #CyberRisk #SecurityCompliance #IncidentResponse #CyberCrime #WebSecurity #ServerSecurity #OnlineSecurity #SecurityAdvisory #TechUpdate #CriticalVulnerability #infosecurity
Finnish Digital and Population Data Services Agency (DVV) provides a Card Reader Software which can be used for strong authentication and digital signing with the DVV issued identity cards. The Fujitsu mPollux DigiSign application communicates with the identity card and allows log in to official e-services and/or digitally sign documents. The Fujitsu mPollux DigiSign Client for macOS version 4.2.4c-8322 and previous contains two security vulnerabilities that in the worst-case scenario can lead to full system compromise.
https://labs.withsecure.com/advisories/fujitsu-mpollux-for-macos-multiple-vulnerabilities #infosec #vulnerability #securityadvisory
CVE-2023-23397 – Microsoft Outlook Privilege Elevation Critical Vulnerability
https://research.kudelskisecurity.com/2023/03/15/cve-2023-23397-microsoft-outlook-privilege-elevation-critical-vulnerability/
#SecurityAdvisory #vulnerability #patchtuesday #microsoft #outlook
CVE-2023-27532 – Veeam Backup & Replication Vulnerability Exposes Stored Credentials, No Auth Necessary
https://research.kudelskisecurity.com/2023/03/10/cve-2023-27532-veeam-backup-amp-replication-vulnerability-exposes-stored-credentials-no-auth-necessary/
#SecurityAdvisory #vulnerability #credentials #backup #veeam
Ransomware as a Service – Nevada Ransomware campaign targeting VMWare ESXi servers
https://research.kudelskisecurity.com/2023/02/09/ransomware-as-a-service-nevada-ransomware-campaign-targeting-vmware-esxi-servers/
#SecurityAdvisory #Uncategorized #vulnerability #ransomware
[BULLETIN] Linux Kernel ksmbd Remote Code Execution Vulnerability
https://research.kudelskisecurity.com/2022/12/22/bulletin-linux-kernel-ksmbd-remote-code-execution-vulnerability/
#SecurityAdvisory
✨ CVE-2022-37958:
Critical Windows code-execution vulnerability went undetected until now
▶️ Potential to rival EternalBlue
▶️ Wormable
▶️ Unlike EternalBlue, Vulnerability present in a much broader range of network protocols
▶️ Good news: patch was released in September. hopefully all of us applied it
#infosec #eternalblue #patching #securityadvisory #sysadmin #blueteam #windowsvulnerability
