Sentrifugo Code Issue Vulnerability (CNVD-2020-66085)

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A code issue vulnerability exists in Sentrifugo version 3.2, which stems from a user being able to upload attachments...

CVE-2020-26804

In Sentrifugo 3.2, users can share an announcement under "Organization - Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload...

Debian DLA-2446-1 : moin security update

Two vulnerabilities were discovered in moin, a Python clone of WikiWiki. CVE-2020-15275 Catarina Leite discovered that moin is prone to a stored XSS vulnerability via SVG attachments. CVE-2020-25074 Michael Chapman discovered that moin is prone to a remote code execution vulnerability via the cac...

Directory traversal

The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution...

PYSEC-2020-67

The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution...

CVE-2020-25074

The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution...

Attacks on industrial enterprises using RMS and TeamViewer: new data

Download full report PDF Executive Summary In summer 2019, Kaspersky ICS CERT identified a new wave of phishing emails containing various malicious attachments. The emails target companies and organizations from different sectors of the economy that are associated with industrial production in on...

Operation North Star: Summary Of Our Latest Analysis | McAfee Blogs

Operation North Star: Summary Of Our Latest Analysis By Trellix · NOV 05, 2020 McAfee’s Advanced Threat Research ATR today released research that uncovers previously undiscovered information on how Operation North Star evaluated its prospective victims and launched attacks on organizations in...

QBot Trojan delivered via malspam campaign exploiting US election uncertainties

This blog post was authored by Jérôme Segura and Hossein Jazi. The 2020 US elections have been the subject of intense scrutiny and emotions, while happening in the middle of a global pandemic. As election night ended and uncertainty regarding the results began to creep in, threat actors decided t...

RHEL 8 : mailman:2.1 (RHSA-2020:4667)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4667 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: XSS via file attachments in list archives CVE-2020-12137 F...

openstack-cinder: Improper handling of ScaleIO backend credentials

An insecure-credentials flaw was found in openstack-cinder. When using openstack-cinder with the Dell EMC ScaleIO or VxFlex OS backend storage driver, credentials for the entire backend are exposed in the connectioninfo element in all Block Storage v3 Attachments API calls containing that element...

openstack-cinder: Improper handling of ScaleIO backend credentials

An insecure-credentials flaw was found in openstack-cinder. When using openstack-cinder with the Dell EMC ScaleIO or VxFlex OS backend storage driver, credentials for the entire backend are exposed in the connectioninfo element in all Block Storage v3 Attachments API calls containing that element...

North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn

The North Korean advanced persistent threat APT group known as Kimsuky is actively attacking commercial-sector businesses, often by posing as South Korean reporters, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency CISA. Kimsuky a.k.a. Hidden Cobra has been...

Nextcloud Deck Information Disclosure Vulnerability

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Deck 1.0.4, which stems from a lack of access control and can be exploited by an attacker to view all attachments...

Facebook WhatsApp Path Traversal Vulnerability

Facebook WhatsApp is a suite of mobile applications from Facebook Inc. in the United States that use the Internet to send text messages. The application uses the contact information in a smartphone to find contacts using the program to send texts, pictures, etc. WhatsApp Business is the commercia...

CVE-2020-1904

A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafted docx, xlsx, and pptx files as attachments to messages...

CVE-2020-1905

Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for previously opened attachments until the opener app is...

Open redirect

Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for previously opened attachments until the opener app is...

CVE-2020-1905

Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for previously opened attachments until the opener app is...

Malware Families Turn to Legit Pastebin-Like Service

Cybercriminals are increasingly turning to a legitimate, Pastebin-like web service for downloading malware — such as AgentTesla and LimeRAT — in spear-phishing attacks. Pastebin, a code-hosting service that enables users to share plain text through public posts called “pastes,” currently has 17...