CISA and ACSC Release Top 2021 Malware Strains

CISA and the Australian Cyber Security Centre ACSC have published a joint Cybersecurity Advisory on the top malware strains observed in 2021. Malicious cyber actors often use malware to covertly compromise and then gain access to a computer or mobile device. As malicious cyber actors have been...

WordPress plugin Project Source Code Download 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

PT-2022-4010 · Jenkins · Jenkins Google Cloud Backup Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Google Cloud Backup Plugin versions 0.6 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to request a manual backup. This issue is related to the lack of a permission check in an HTTP endpoint,...

CVE-2022-22999 Cross-site Scripting Vulnerability in USB Backups App

Western Digital My Cloud devices are vulnerable to a cross side scripting vulnerability that can allow a malicious user with elevated privileges access to drives being backed up to construct and inject JavaScript payloads into an authenticated user's browser. As a result, it may be possible to ga...

The vulnerability of the Red Database database management system lies in the return of an incorrect status code, allowing an attacker to trigger a service failure.

The vulnerability of the Red Database database management system is related to the return of incorrect code states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by exhausting free space on the disk during backup operations...

CVE-2022-1577

The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails t...

Xen Orchestra Mishandles Authorization

Xen Orchestra with xo-web through 5.80.0 and xo-server through 5.84.0 mishandles authorization, as demonstrated by modified WebSocket resourceSet.getAll data is which the attacker changes the permission field from none to admin. The attacker gains access to data sets such as VMs, Backups, Audit,...

GHSA-83H6-22CP-F22W TeamPass files are available without authentication

TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files...

TeamPass files are available without authentication

TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files...

GHSA-92MR-4W2Q-4578 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins

The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINSHOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins now deletes the...

attic has improper verification of unencrypted backups

attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...

GHSA-5X6Q-FFWJ-8VCF attic has improper verification of unencrypted backups

attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...

GHSA-5293-3FGP-CR3X Missing permission checks in Jenkins Periodic Backup Plugin allow every user to change settings

The Periodic Backup Plugin did not perform any permission checks, allowing any user with Overall/Read access to change its settings, trigger backups, restore backups, download backups, and also delete all previous backups via log rotation. Additionally, the plugin was not requiring requests to it...

Missing permission checks in Jenkins Periodic Backup Plugin allow every user to change settings

The Periodic Backup Plugin did not perform any permission checks, allowing any user with Overall/Read access to change its settings, trigger backups, restore backups, download backups, and also delete all previous backups via log rotation. Additionally, the plugin was not requiring requests to it...

Government Agencies Warn of Increase in Cyberattacks Targeting MSPs

Multiple cybersecurity authorities from Australia, Canada, New Zealand, the U.K., and the U.S. on Wednesday released a joint advisory warning of threats targeting managed service providers MSPs and their customers. Key among the recommendations include identifying and disabling accounts that are ...

Moodle included private user files in course backups

Moodle before 2.2.2 is vulnerable to information disclosure because course backups were including users' private files...

GHSA-P9HR-F4XJ-8W8R Moodle included private user files in course backups

Moodle before 2.2.2 is vulnerable to information disclosure because course backups were including users' private files...

Moodle backs up private files

Moodle before 2.2.2, 2.1.5, and 2.0.8 had users' private files included in course backups unnecessarily...

White House urges US businesses: Protect against potential Russian cyberattacks

On Monday, the White House told US business leaders to toughen up their cybersecurity defenses against a potential cyberattack from Russia. "The Biden-Harris Administration has warned repeatedly about the potential for Russia to engage in malicious cyber activity against the United States in...

PT-2022-18380 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idcCMS version 1.10 Description: The issue allows attackers to arbitrarily delete the install.lock file, resulting in a reset of the CMS settings and data. Recommendations: For idcCMS version 1.10, consider restricting access to the...