Vulnerable SDK components lead to supply chain risks in IoT and OT environments

December 8, 2022 update - Reflected additional research on Boa-related CVEs and updated supply chain diagram. Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices. External...

Node operators cannot withdraw their ETH when they rage quit

Lines of code Vulnerability details Node operators can opt for Rage Quit, after the BLS public key is staked. In the current configuration, they will not be able to retrieve their staked ETH: withdrawETHForKnot will revert here if the lifecycle status is not INITIALSREGISTERED. The lifecycle stat...

Clerk < 4.0.0 - Authentication Bypass and API Keys Disclosure

The plugin is affected by time-based attacks in the validation function for all API requests due to the usage of comparison operators to verify API keys against the ones stored in the site options. PoC - Install the plugin and set the API creds to: - Key:...

Point-of-sale malware used to steal 167,000 credit cards

In the 19 months between February 2021 and September 2022, two point-of-sale POS malware operators have stolen more than 167,000 payment records, mainly from the US, according to researchers at Group-IB. The researchers were able to retrieve information about infected machines and compromised...

Primary operator can unbond to avoid slashing and DOS job execution

Lines of code Vulnerability details If a primary operator fails to call HolographOperator.executeJob on time, a secondary operator can make the call, which will result in slashing the primary operator, as described in the documentation. The primary operator that failed to do the job, is slashed t...

Adversary can cause malicious slashing of operators by creating malicous token and setting gas limit above chain block gas limit

Lines of code Vulnerability details Impact Operators maliciously slashed Proof of Concept A user can create a malicious token that when called by anyone other than themselves and the bridge use an extreme amount of gas. They create a bridge request with a gas limit higher than the block limit. If...

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center MSTIC has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. We observed this new ransomware, which...

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center MSTIC has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. We observed this new ransomware, which...

SUSE: Security Advisory (SUSE-SU-2022:3401-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

How to Prevent Ransomware as a Service (RaaS) Attacks

Explore key insights on how ransomware as a service RaaS operators work and how to prevent ransomware attacks...

GHSA-X996-7QH9-7FF7 Hyperledger indy-node vulnerable to denial of service

Impact An attacker can max out the number of client connections allowed by the ledger that was deployed using guidance provided in the indy-node repository, leaving the ledger unable to be used for its intended purpose. The ledger content will not be impacted by the attack, and the ledger will...

Test your team’s security readiness with the Gone Phishing Tournament

Why should you care about the behavioral risk of your employees? Eighty-two percent of breaches include and often start with user behavior.1 Not all are phishing, but a majority of them are just that. Phishing is, and has been for many years, the cheapest and most reliable way for an attacker of...

CVE-2022-39203 Parsing issue in matrix-org/node-irc leading to room takeovers

matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. Attackers can specify a specific string of characters, which would confuse the bridge into combining an attacker-owned channel and an existing channel, allowing them to grant themselves permissions in the channel. The...

Apache Calcite before 1.32.0 vulnerable to potential XML External Entity (XXE) attack

In Apache Calcite prior to version 1.32.0 the SQL operators EXISTSNODE, EXTRACTXML, XMLTRANSFORM and EXTRACTVALUE do not restrict XML External Entity references in their configuration, which makes them vulnerable to a potential XML External Entity XXE attack. Therefore any client exposing these...

GHSA-FJ2M-W3WV-X9PR Apache Calcite before 1.32.0 vulnerable to potential XML External Entity (XXE) attack

In Apache Calcite prior to version 1.32.0 the SQL operators EXISTSNODE, EXTRACTXML, XMLTRANSFORM and EXTRACTVALUE do not restrict XML External Entity references in their configuration, which makes them vulnerable to a potential XML External Entity XXE attack. Therefore any client exposing these...

CVE-2022-39135

Apache Calcite 1.22.0 introduced the SQL operators EXISTSNODE, EXTRACTXML, XMLTRANSFORM and EXTRACTVALUE do not restrict XML External Entity references in their configuration, making them vulnerable to a potential XML External Entity XXE attack. Therefore any client exposing these operators,...

Xxe

Apache Calcite 1.22.0 introduced the SQL operators EXISTSNODE, EXTRACTXML, XMLTRANSFORM and EXTRACTVALUE do not restrict XML External Entity references in their configuration, making them vulnerable to a potential XML External Entity XXE attack. Therefore any client exposing these operators,...

CVE-2022-39135 Apache Calcite: potential XEE attacks

Apache Calcite 1.22.0 introduced the SQL operators EXISTSNODE, EXTRACTXML, XMLTRANSFORM and EXTRACTVALUE do not restrict XML External Entity references in their configuration, making them vulnerable to a potential XML External Entity XXE attack. Therefore any client exposing these operators,...

PT-2022-5789 · Apache · Apache Calcite

Name of the Vulnerable Software and Affected Versions: Apache Calcite versions prior to 1.32.0 Description: The issue is related to the SQL operators EXISTS NODE, EXTRACT XML, XML TRANSFORM, and EXTRACT VALUE not restricting XML External Entity references in their configuration, making them...

CVE-2022-39135

CVE-2022-39135 (Apache Calcite XXE) is triggered by processing XML with SQL operators EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM, and EXTRACT_VALUE in Calcite 1.22.0, allowing potential XML External Entity (XXE) abuse (e.g., file read, DoS, SSRF). From the connected IBM QRadar bulletin, this vulnera...