Weather Effect – Christmas Santa Snow Falling Security Vulnerabilities

Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their....

Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their....

Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their....

Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their....

Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their....

Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their....

Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their....

Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their...

Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their...

Ransomware review: September 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...

CVE-2023-4318 Herd Effects < 5.2.4 - Effect Deletion via CSRF

The Herd Effects WordPress plugin before 5.2.4 does not have CSRF when deleting its items, which could allow attackers to make logged in admins delete arbitrary effects via a CSRF...

Stealing extra mint fund by applying reentrancy attack on _execute with calling approve() again due to external call before crucial state update

Lines of code https://github.com/code-423n4/2023-09-ondo/blob/main/contracts/bridge/DestinationBridge.sol#L350 Vulnerability details Impact By applying reentrancy attack involving the function _mintIfThresholdMet(), an user can steal extra amount of mint fund. Proof of Concept The functions...

The rUSDY.transferFrom function can cause reentrancy if is a contract been approved

Lines of code Vulnerability details Impact The rUSDY.transferFrom function can cause reentrancy if is a contract been approved, the function looks like: https://github.com/code-423n4/2023-09-ondo/blob/main/contracts/usdy/rUSDY.sol#L301-L312 function transferFrom( address _sender, address...

Oracle Linux 7 : httpd (ELSA-2020-1121)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1121 advisory. In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the...

Critical Reentrancy Vulnerability in _mintIfThresholdMet Function

Lines of code https://github.com/code-423n4/2023-09-ondo/blob/main/contracts/bridge/DestinationBridge.sol#L112 Vulnerability details Impact The _mintIfThresholdMet function contains a severe reentrancy vulnerability that can be exploited by malicious contracts. When the TOKEN.mint function is...

Precision Error in getPrice due to Omission of Last Day's Interest

Lines of code Vulnerability details The code attempts to calculate the price based on the interest from the previous day by using range.end - 1. However, if the last day represented by range.end has fully passed, the interest for this day is never taken into account. Over time, these slight...

New from fees rework: fees can still be stolen with a flash-loan on GeVault

Lines of code Vulnerability details The TokenisableRange fees have been reworked to be sent to the corresponding GeVault instance This fixed the problems with fee accounting in TokenisableRange but created a new, similar one in GeVault, where the deposit function does not count the fees in the...

Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw

Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case of privilege escalation impacting the Android...

QakBot's Endgame: The Final Move Before the Takedown

QakBot's Endgame: The Final Move Before the Takedown By Daksh Kapur, Nico Paulo Yturriaga and Alfred Alvarado · September 06, 2023 Figure 1 (Attribution at the bottom) Qakbot, known under aliases like QBot, QuakBot, and Pinkslipbot, represents an intricately advanced malware strain that has...

Apache RocketMQ Command Execution Vulnerability

Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and lack permission verification. An attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running.....

Slashing transcoders on violation should not effect the delegators who staked into such transcoders, delegators should continue to earn rewards

Lines of code Vulnerability details Impact Due to violation of norms, when a transcoder is slashed and force to resign, the delegators who provided stake into such transcoder should not be effected. They delegators should be able to continue earning the rewards as they delegated their tokens to...

QakBot's Endgame: The Final Move Before the Takedown

QakBot's Endgame: The Final Move Before the Takedown By Daksh Kapur, Nico Paulo Yturriaga and Alfred Alvarado · September 06, 2023 Figure 1 (Attribution at the bottom) Qakbot, known under aliases like QBot, QuakBot, and Pinkslipbot, represents an intricately advanced malware strain that has...

CVE-2023-40015

Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or...

CVE-2023-40015

Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or...

CVE-2023-40015

Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or...

Design/Logic Flaw

Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or...

PYSEC-2023-167

Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or...

CVE-2023-40015 Vyper: reversed order of side effects for some operations

Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or...

Vyper: reversed order of side effects for some operations

Impact For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. - unsafe_add - unsafe_sub - unsafe_mul - unsafe_div - pow_mod256 - |, &, ^ (bitwise operators) - bitwise_or (deprecated) - bitwise_and...

Vyper: reversed order of side effects for some operations

Impact For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. - unsafe_add - unsafe_sub - unsafe_mul - unsafe_div - pow_mod256 - |, &, ^ (bitwise operators) - bitwise_or (deprecated) - bitwise_and...

X (Twitter) to Collect Biometric Data from Premium Users to Combat Impersonation

X, the social media site formerly known as Twitter, has updated its privacy policy to collect users' biometric data to tackle fraud and impersonation on the platform. "Based on your consent, we may collect and use your biometric information for safety, security, and identification purposes," the...

A firsthand perspective on the recent LinkedIn account takeover campaign

Not long ago I wrote about a recent campaign to hold LinkedIn users' accounts to ransom. Shortly after I published the article, a co-worker, Pearce, reached out to me told me he'd been a target of the campaign. His story begins with an SMS text from LinkedIn telling him to reset his password. He...

ICYMI: Emotet Reappeared Early This Year, Unfortunately

ICYMI: Emotet Reappeared Early This Year, Unfortunately By Adithya Chandra and Joao Marques · September 1, 2023 This blog was also written by Raghav Kapoor Executive Summary Emotet first appeared in 2014 and continues to be a dangerous and resilient malware, despite attempts by law enforcement...

ICYMI: Emotet Reappeared Early This Year, Unfortunately

ICYMI: Emotet Reappeared Early This Year, Unfortunately By Adithya Chandra, Joao Marques, and Raghav Kapoor · September 1, 2023 Executive Summary Emotet first appeared in 2014 and continues to be a dangerous and resilient malware, despite attempts by law enforcement agencies to take it down in...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 21, 2023 to August 27, 2023)

Last week, there were 43 vulnerabilities disclosed in 38 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 23 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

This is the Beginning of the End of the N+1 Problem: Introducing Single Query Loading.

TL;DR: Starting with Spring Data JDBC 3.2.0-M2, Spring Data JDBC supports Single Query Loading. Single Query Loading loads arbitrary aggregates with a single select statement. To enable Single Query Loading you need to call setSingleQueryLoadingEnabled(true) on your RelationalMappingContext. In...

IT threat evolution in Q2 2023

IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. Mobile statistics Targeted attacks Gopuram backdoor deployed through 3CX supply-chain attack Earlier this year, a Trojanized version of the 3CXDesktopApp, a popular VoIP program,...

Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom

A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. Mandiant, which.....

Malicious code in frontend-effect (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (f99fca2bf58d400b4cf4e469118f0ff61967c8a4e29d0ec247501cf57a978428) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Decoding the DNA of Ransomware Attacks: Unveiling the Anatomy Behind the Threat

Decoding the DNA of Ransomware Attacks: Unveiling the Anatomy Behind the Threat By Trellix Advanced Research Center · August 28, 2023 Introduction Ransomware, a malicious software that encrypts valuable data and demands a ransom for its release, has a notorious history marked by its evolution from....

Decoding the DNA of Ransomware Attacks: Unveiling the Anatomy Behind the Threat

Decoding the DNA of Ransomware Attacks: Unveiling the Anatomy Behind the Threat By Trellix Advanced Research Center · August 28, 2023 Introduction Ransomware, a malicious software that encrypts valuable data and demands a ransom for its release, has a notorious history marked by its evolution from....

Lack of slippage parameter in swap can cause losses for users

Lines of code https://github.com/code-423n4/2023-08-shell/blob/c61cf0e01bada04c3d6055acb81f61955ed600aa/src/proteus/EvolvingProteus.sol#L312 Vulnerability details Impact Users can incure losses do to lack of slippage control. Detailed description of the impact of this finding. Slippage control...

Exploit for CVE-2023-38831

RaRCE, Exploit generator for CVE-2023-38831...

Number of prize tiers may never scale due to aggressive new algorithm

Lines of code https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/main/src/PrizePool.sol#L807-L811 https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/main/src/abstract/TieredLiquidityDistributor.sol#L602-L619...

Urgent FBI Warning: Barracuda Email Gateways Vulnerable Despite Recent Patches

The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups. It also deemed the fixes as...

Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware

The North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho ManageEngine ServiceDesk Plus to distribute a remote access trojan called such as QuiteRAT. Targets include internet backbone infrastructure and healthcare...

Act Now to Prepare for New NCUA Cyber Incident Reporting Requirements

We recently discussed the new SEC rule requiring all registered companies to report material cyber incidents within four (4) days. Now the National Credit Union Administration (NCUA)1 has updated their Cyber Incident Notification Rule, requiring all federally insured Credit Unions to notify the...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 14, 2023 to August 20, 2023)

Last week, there were 64 vulnerabilities disclosed in 67 WordPress Plugins and 10 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 37 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

Minimal `basti` IAM Policy Allows Shell Access

Summary The provided Minimal IAM Policy for bastic connect does not include ssm:SessionDocumentAccessCheck. This results in the ability to get a shell session on the bastion, not just the intended access for Port Forwarding. Details basti connect is designed to "securely connect to your...

Minimal `basti` IAM Policy Allows Shell Access

Summary The provided Minimal IAM Policy for bastic connect does not include ssm:SessionDocumentAccessCheck. This results in the ability to get a shell session on the bastion, not just the intended access for Port Forwarding. Details basti connect is designed to "securely connect to your...