Weather Effect – Christmas Santa Snow Falling Security Vulnerabilities

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure vulnerability due to the consumed GSKit library (CVE-2023-33850)

Summary IBM® Db2® is vulnerable to an information disclosure vulnerability due to the consumed GSKit library. Vulnerability Details ** CVEID: CVE-2023-33850 DESCRIPTION: **IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the...

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details Impact get_virtual_price() was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a...

Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft

AmzWord an automated attack chain based on CVE-2022-30190,...

christmas-ar.com Improper Access Control vulnerability OBB-3795652

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

What is Recovery Time Objective (RTO)?

Grasping the Technique: The Often Misconstrued 'RTO' Unravelled in the Sphere of Business Resiliency At the heart of organisational durability and a tactical roadmap directing towards reestablishing regular operations post-disruptions, lies the often misrepresented 'Recovery Time Objective' (RTO).....

What Is Network Availability?

Within the sphere of IT, 'network accessibility' is a term frequently used. Yet, does everyone understand its connotation? Simplistically put, network accessibility alludes to how readily a network or system can be accessed by its users. It quantifies to what extent a system is functioning and...

Explained: Privacy washing

Question: Who said the sentence below? “Privacy is at the heart of everything we do.” Answer: Sundar Pichai, the CEO of Alphabet and its largest subsidiary Google. And if you look at the recent actions Google has announced, you’d be tempted to take his word for it: An initiative to let Chrome...

What is Quality of Service?

Dominating an imperative role in boosting the so-called 'efficiency quotient' within a networking system is the Quality of Service or QoS. Let's dive in and explore the crucial components that make QoS pivotal. In essence, QoS is a blend of a multitude of methodologies and hi-tech devices,...

The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season

As the annual Black Friday approaches, the digital landscape experiences an unprecedented surge in e-commerce and online shopping activity. Major sales aside, e-commerce is still a huge market. In 2022, global e-commerce retail revenue was estimated to reach $5.7 trillion worldwide, marking nearly....

8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader

The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by the cybercriminals. "Most of the group's Phobos variants are....

Price can be easily inflated/deflated by large depositors in the Market contract

Lines of code https://github.com/code-423n4/2023-11-canto/blob/335930cd53cf9a137504a57f1215be52c6d67cb3/1155tech-contracts/src/bonding_curve/LinearBondingCurve.sol#L21-L22 Vulnerability details Impact An attacker can manipulate/inflate market prices by donating/buying large amounts of tokens which....

kernel security, bug fix, and enhancement update

[4.18.0-513.5.1_9.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...

Alarm system cyberattack leaves those in need struggling to call for help

An alarm system company that allows those in need to ask for help at the touch of a button has suffered a cyberattack, causing serious disruption. Tunstall Netherlands says the attack left the control room struggling to receive distress calls from clients on Sunday November 12, 2023. Tunstall,...

7 common mistakes companies make when creating an incident response plan and how to avoid them

Cisco Talos recently covered the basics of NIS2, a new set of requirements for cybersecurity and security incident disclosures set to take effect next year in the European Union. As part of these new guidelines, organizations with operations in the EU must have up-to-date "incident handling"...

What is a Network Management Station (NMS) ?

The Bedrock of the Network Coordination Hub (NCH) Delving into the substantial domain of digital networks, the Network Coordination Hub (NCH) is unveiled as a critical component ensuring fluid network operations. Let us unravel this concept - an NCH signifies a control console employed for...

What Is Microservices Architecture

Mastering the Essential Elements of Services-Focused Programming The methodology of programming using tiny, interdependent software units, often simplified to 'Microservices', has seen a marked uptick in usage in recent times. This distinct architectural paradigm shapes an application as a group...

FREE Cybersecurity Education Courses

Navigating the nuanced realm of digital defense doesn't need to feel like a herculean task. This section aims to shed light on the intricacies of digital defense and aid you in leveraging freely available Cybersecurity Learning Programs. Deciphering Digital Defense Digital defense, also referred...

Urgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability

VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version 10.5 from an...

ManageEngine SupportCenter Plus < 11.0 Build 11023

The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 11.0 Build 11023, 11.0 Build 11023, 11.0 Build 11023. It is, therefore, affected by a vulnerability as referenced in the support- center_cve-2022-36412 advisory. In Zoho ManageEngine SupportCenter Plus before...

Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability

Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 and .NET 8.0 RC2. This advisory also provides guidance on what developers can do.....

Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability

Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 and .NET 8.0 RC2. This advisory also provides guidance on what developers can do.....

Microsoft Security Advisory CVE-2023-36558: .NET Security Feature Bypass Vulnerability

Microsoft Security Advisory CVE-2023-36558: .NET Security Feature Bypass Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 6.0, ASP.NET Core 7.0 and, ASP.NET Core 8.0 RC2. This advisory also provides guidance.....

Microsoft Security Advisory CVE-2023-36558: .NET Security Feature Bypass Vulnerability

Microsoft Security Advisory CVE-2023-36558: .NET Security Feature Bypass Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 6.0, ASP.NET Core 7.0 and, ASP.NET Core 8.0 RC2. This advisory also provides guidance.....

CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a number of security flaws in Juniper Junos OS that came to light in August. The agency on Monday added five...

The reentrancy vulnerability in NextGenCore can allow an attacker to manipulate minting execution

Lines of code Vulnerability details Impact Function _mintProcessing() has been used in mint() and airDropTokens() and both doesn't follow check-effect-interaction pattern and code updates the values of tokensAirdropPerAddress, tokensMintedAllowlistAddress and tokensMintedPerAddress variables after....

DoS (Denial of Service) org.jsoup:jsoup in Jira Software Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 8.20.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, and 9.11.0 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

Apigee API Security policies howto

The Genesis of Apigee API Security Guidelines In today's digital epoch, APIs (Application Programming Interfaces) have ascended to be the fundamental infrastructure underpinning software development - furnishing the medium for diverse software systems to interact and exchange data. Yet, with this.....

Incorrectly set totalVotingPower can allow users to pass arbitrary Proposals and steal all the parties NFTs

Lines of code Vulnerability details Bug Description The recent implementation update empowers the authority to decrease the totalVotingPower arbitrarily using the decreaseTotalVotingPower() function. This authority-exclusive function allows the reduction of totalVotingPower by a specified amount......

QSC23 – Qualys Announces a Directional Shift to Measure, Communicate, and Eliminate Cyber Risk with New Platform and Solutions

The 2023 Qualys Security Conference (QSC) started wrapping up on Thursday, November 9th, with two days of new technology announcements, impactful customer use cases, and thought-provoking talks from a host of engaging speakers, including Rachel Wilson, Managing Director at Morgan Stanley and Frank....

What is NIS2, and how can you best prepare for the new cybersecurity requirements in the EU?

NIS2 is a European directive that includes new measures to ensure that organizations operating in the European Union (EU) have a high common level of network and infrastructure security. The "directive" outlines the goals all EU member states must achieve. However, each country will implement it...

CBL Mariner 2.0 Security Update: kubernetes (CVE-2020-8554)

The version of kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-8554 advisory. Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and...

12 Cloud Security Issues Risks, Threats and Challenges

Unpacking the Cloud: Appreciating its Importance & Uncovering its Weak Points The cloud has utterly transformed our methods of data storage and retrieval. It has flawlessly woven itself into the fabric of our everyday lives, from a repository for precious memories to a platform that supports...

Rocky Linux 8 : firefox (RLSA-2022:8554)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8554 advisory. Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined...

Rocky Linux 8 : firefox (RLSA-2022:0130)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0130 advisory. It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR &lt; 91.5,...

Rocky Linux 8 : thunderbird (RLSA-2022:0129)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0129 advisory. It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR &lt; 91.5,...

Fedora 39 : firefox (2023-a0ac4fe21c)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a0ac4fe21c advisory. A compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an out- of-bounds write, leading to a...

Automatic Conditional Access policies in Microsoft Entra streamline identity protection

Extending our commitment to help customers be secure by default, today we're announcing the auto-rollout of Microsoft Entra Conditional Access policies that will automatically protect tenants based on risk signals, licensing, and usage. We've designed these policies based on our deep knowledge of.....

Automatic Conditional Access policies in Microsoft Entra streamline identity protection

Extending our commitment to help customers be secure by default, today we're announcing the auto-rollout of Microsoft Entra Conditional Access policies that will automatically protect tenants based on risk signals, licensing, and usage. We've designed these policies based on our deep knowledge of.....

Incident Response Plan: Frameworks and Steps

Gaining Insight: The Imperative for an Electronic Threat Handling Framework As we traverse further into the digital era, the threat of cyber encroachments elevates consistently. This looming risk is a reality for all, from emergent startups to well-established corporations, placing operations in...

Gaming-related cyberthreats in 2023: Minecrafters targeted the most

Introduction and trends The gaming industry continues growing. The Newzoo report for 2023 reveals that two in five — more than three billion — across the globe are gamers, which is 6.3 percent more than last year. Globally, gaming revenue amounts to an estimated US$242.39 billion, with almost half....

Rocky Linux 8 : GNOME (RLSA-2020:4451)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4451 advisory. A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7,...

Amazon Linux 2023 : openssl, openssl-devel, openssl-libs (ALAS2023-2023-406)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-406 advisory. Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some...

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure vulnerability due to the consumed GSKit library (CVE-2023-32342)

Summary IBM® Db2® is vulnerable to an information disclosure vulnerability due to the consumed GSKit library. The fix for this issue was already published in an earlier bulletin. If you have already applied the appropriate Db2 special build or installed GSKit version 8.0.55.31, which contains the.....

Ibexa ezplatform-kernel download route allows filename change

Impact The route used for file downloads allows specifying the name of the downloaded file. This is an unintended side effect of the implementation, and means one could construct download URLs with filenames that have no relation to the actual file, which could lead to misunderstandings and...

Ibexa ezplatform-kernel download route allows filename change

Impact The route used for file downloads allows specifying the name of the downloaded file. This is an unintended side effect of the implementation, and means one could construct download URLs with filenames that have no relation to the actual file, which could lead to misunderstandings and...

Ibexa DXP Download route allows filename change

Impact The route used for file downloads allows specifying the name of the downloaded file. This is an unintended side effect of the implementation, and means one could construct download URLs with filenames that have no relation to the actual file, which could lead to misunderstandings and...

Ibexa DXP Download route allows filename change

Impact The route used for file downloads allows specifying the name of the downloaded file. This is an unintended side effect of the implementation, and means one could construct download URLs with filenames that have no relation to the actual file, which could lead to misunderstandings and...

Download route allows filename change in eZpublish kernel

Impact The route used for file downloads allows specifying the name of the downloaded file. This is an unintended side effect of the implementation, and means one could construct download URLs with filenames that have no relation to the actual file, which could lead to misunderstandings and...

Download route allows filename change in eZpublish kernel

Impact The route used for file downloads allows specifying the name of the downloaded file. This is an unintended side effect of the implementation, and means one could construct download URLs with filenames that have no relation to the actual file, which could lead to misunderstandings and...

SaaS Security is Now Accessible and Affordable to All

This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique "freemium" model Securing employees' SaaS usage is becoming increasingly crucial for most cloud-based organizations. While numerous tools are available to address this need, they often...