Backup & Replication Director Security Vulnerabilities

Busted for book club? Why cops want to see what you’re reading, with Sarah Lamdan (Lock and Code S05E14)

This week on the Lock and Code podcast… More than 20 years ago, a law that the United States would eventually use to justify the warrantless collection of Americans' phone call records actually started out as a warning sign against an entirely different target: Libraries. Not two months after...

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability, codenamed regreSSHion, has been assigned the CVE identifier CVE-2024-6387. It...

How to Investigate 'Encrypted Data Event' from Malware Detection

This article documents how to investigate which files are encrypted within a machine when the Malware Detection system flags a machine as having Encrypted...

Debian: Security Advisory (DSA-5708-1)

The remote host is missing an update for the...

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details ** CVEID: CVE-2023-22081 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact, no integrity...

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details ** CVEID: CVE-2023-22045 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low confidentiality impacts. CVSS Base...

Security Bulletin: A vulnerability in github.com/containerd/containerd-v1.6.17 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the github.com/containerd/containerd-v1.6.17 package has been addressed. Vulnerability Details ** CVEID: CVE-2023-25173 DESCRIPTION: **containerd could allow a local authenticated attacker to bypass security restrictions, caused by improper setup for supplementary...

Security Bulletin: A vulnerability in urllib3 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the urllib3 package has been addressed. Vulnerability Details ** CVEID: CVE-2021-33503 DESCRIPTION: **urllib3 is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw due to catastrophic backtracking. By sending a...

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the Go package has been addressed. Vulnerability Details ** CVEID: CVE-2023-24532 DESCRIPTION: **An unspecified error with return an incorrect result in the ScalarMult and ScalarBaseMult methods of the P256 Curve in Golang Go has an unknown impact and attack vector....

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the Go package has been addressed. Vulnerability Details ** CVEID: CVE-2022-41724 DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote...

Security Bulletin: A vulnerability in setuptools affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the setuptools package has been addressed. Vulnerability Details ** CVEID: CVE-2022-40897 DESCRIPTION: **Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially crafted regular expression, an remote...

Security Bulletin: A vulnerability in urllib3 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the urllib3 package has been addressed. Vulnerability Details ** CVEID: CVE-2019-11236 DESCRIPTION: **Python urllib3 is vulnerable to CRLF injection, caused by improper validation of user-supplied input by the request parameter. By sending a specially-crafted HTTP...

Security Bulletin: A vulnerability in containerd affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the containerd package has been addressed. Vulnerability Details ** CVEID: CVE-2022-31030 DESCRIPTION: **containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request using the ExecSync API, a local...

Security Bulletin: A vulnerability in containerd affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the containerd package has been addressed. Vulnerability Details ** CVEID: CVE-2022-23471 DESCRIPTION: **containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request, a remote authenticated attacker...

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the package Go has been addressed. Vulnerability Details ** CVEID: CVE-2022-41725 DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw when perform multipart form parsing with mime/multipart.Reader.ReadForm. By sending a specially-crafted...

Security Bulletin: InfoSphere Data Replication is affected by a guava package vulnerbility (CVE-2023-2976)

Summary InfoSphere Data Replication uses the guava package. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-2976 DESCRIPTION: **Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a...

CVE-2024-22272

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...

CVE-2024-22272

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...

CVE-2024-22276

VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are...

CVE-2024-22276

VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are...

CVE-2024-22276

VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are...

CVE-2024-22276

VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are...

CVE-2024-22272

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...

Rust-Based P2PInfect Botnet Evolves with Miner and Ransomware Payloads

The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. The development marks the threat's transition from what appeared to be a dormant botnet with unclear motives to a financially motivated operation....

Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks

Cybersecurity researchers have disclosed a high-severity security flaw in the Vanna.AI library that could be exploited to achieve remote code execution vulnerability via prompt injection techniques. The vulnerability, tracked as CVE-2024-5565 (CVSS score: 8.1), relates to a case of prompt...

Takeaways From The Take Command Summit: Unprecedented Threat Landscape

The Rapid7 Take Command summit unveiled crucial findings from the 2024 Attack Intelligence Report, offering invaluable insights for cybersecurity professionals navigating today's complex threat landscape. Key takeaways from the 30 minute panel: Rise of Zero-Day Exploits: 53% of mass compromise...

Malicious code in ar_octopus-replication-tracking (RubyGems)

-= Per source details. Do not edit below this...

Paul Nakasone Joins OpenAI’s Board of Directors

Former NSA Director Paul Nakasone has joined the board of...

U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive and senior leadership roles at Kaspersky Lab, a day after the Russian company was banned by the Commerce Department. The move "underscores our commitment to....

SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately

A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild. The vulnerability, tracked as CVE-2024-28995 (CVSS score: 8.6), concerns a directory transversal bug that could allow attackers to read sensitive...

Linux Hardened Repository Unable to Update Immutability or Remove Restore Points due to SGID

Due to the SGID bit, all files created within this directory inherit the directory's group ownership. This conflicts with the verification routine in VBR that ensures the .veeam.lock file belongs to the root user and root...

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The...

PCI DSS v4.0: What You Need to Know and What the End of v3.2.1 Means for the Future of Digital Payments

On March 31st, 2024, The Payments Card Industry Standards Security Council (PCI SSC) officially retired version 3.2.1 of the PCI Data Security Standard (PCI DSS) with the publication of its new sets of protocols and security standards for v4.0. With the continued rise in cyber threats against...

CVE-2021-47619

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking for 256 queues for VSI....

CVE-2021-47619

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking for 256 queues for VSI....

CVE-2021-47619

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking for 256 queues for VSI....

CVE-2021-47619

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking for 256 queues for...

CVE-2021-47619 i40e: Fix queues reservation for XDP

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking for 256 queues for VSI....

Secure Your Containerized Environments with Qualys Containerized Scanner Appliance (QCSA)

IT has undergone a series of significant shifts over the years, from physical infrastructure to virtual, and how infrastructure was managed and maintained. This shift led IT through the digital transformation era, introducing various types of clouds and “As-a-Service” models. Although...

TikTok facing fresh lawsuit in US over children’s privacy

The Federal Trade Commission (FTC) has announced it's referred a complaint against TikTok and parent company ByteDance to the Department of Justice. The investigation originally focused on Musical.ly which was acquired by ByteDance on November 10, 2017, and merged it into TikTok. The FTC started a....

CVE-2021-47619

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking for 256 queues for VSI....

[SECURITY] Fedora 39 Update: galera-26.4.18-1.fc39

Galera is a fast synchronous multimaster wsrep provider (replication engine) for transactional databases and similar applications. For more information about wsrep API see https://github.com/codership/wsrep-API repository. For a description of Galera replication engine see...

Fedora: Security Advisory for galera (FEDORA-2024-d61bffd77f)

The remote host is missing an update for...

BIT-elasticsearch-2024-23445

It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the field_security parameter,...

Veeam Kasten for Kubernetes Instant Recovery with Veeam Backup & Replication vPower NFS datastore

Veeam Kasten for Kubernetes Instant Recovery with Veeam Backup & Replication vPower NFS...

There was a problem validating the profile: Repository not found.

The 'Repository Not found' issue can happen in multiple scenarios. Most of the cases are due to repository...

Meta Pauses AI Training on EU User Data Amid Privacy Concerns

Meta on Friday said it's delaying its efforts to train the company's large language models (LLMs) using public content shared by adult users on Facebook and Instagram in the European Union following a request from the Irish Data Protection Commission (DPC). The company expressed disappointment at.....

North Korean Hackers Target Brazilian Fintech with Sophisticated Phishing Tactics

Threat actors linked to North Korea have accounted for one-third of all the phishing activity targeting Brazil since 2020, as the country's emergence as an influential power has drawn the attention of cyber espionage groups. "North Korean government-backed actors have targeted the Brazilian...

Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups

The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups. The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious...

Information Disclosure

org.elasticsearch.plugin: x-pack-security is vulnerable to Information Disclosure. The vulnerability arises from the failure to enforce search restrictions during cross-cluster searches when an API key grants both search and replication rights to an index, which allows an attacker to access...