The Danger of License Plate Readers in Post-Roe America

Known as ALPRs, this surveillance tech is pervasive across the US—and could soon be used by police and anti-abortion groups alike...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5505-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5505-1 advisory. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A...

Vulnerabilities & Threats that Matter 27 June – 03 July 2022

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 436 2 2 55 15 30 For a detailed threat digest, download the pdf file here Summary The last week of June 2022 witnessed the discovery of 436 vulnerabilities out of which 2...

UBUNTU-CVE-2022-2228

Information exposure in GitLab EE affecting all versions from 12.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows an attacker with the appropriate access tokens to obtain CI variables in a group with using IP-based access restrictions even if the GitLab Runner is calling...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5500-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5500-1 advisory. Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some...

Google Blocks Dozens of Malicious Domains Operated by Hack-for-Hire Groups

Google's Threat Analysis Group TAG on Thursday disclosed it had acted to block as many as 36 malicious domains operated by hack-for-hire groups from India, Russia, and the U.A.E. In a manner analogous to the surveillanceware ecosystem, hack-for-hire firms equip their clients with capabilities to...

Ex-Canadian Government Employee Pleads Guilty Over NetWalker Ransomware Attacks

A former Canadian government employee this week agreed to plead guilty in the U.S. to charges related to his involvement with the NetWalker ransomware syndicate. Sebastien Vachon-Desjardins, who was extradited to the U.S. on March 10, 2022, is accused of conspiracy to commit computer fraud and wi...

Vulnerabilities & Threats that Matter 20 June – 26 June 2022

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 413 14 4 121 19 33 For a detailed threat digest, download the pdf file here Summary The last week of June 2022 witnessed the discovery of 413 vulnerabilities out of which ...

CVE-2022-31096

Discourse (open source discussion platform) has a vulnerability where a logged-in user can redeem an invite with an email that doesn’t match the invite or violates the invite’s email domain restriction, potentially leading to viewing content restricted to certain groups. The issue is worsened whe...

CVE-2022-31096 Invites restricted to an email or invite links restricted to an email domain may be bypassed by a under certain conditions in Discourse

Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite h...

Mageia: Security Advisory (MGASA-2022-0241)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-20524 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse affected versions not specified Description: The issue allows a logged-in user to redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. This...

Use-After-Free

chromium is vulnerable to use-after-free. The vulnerability exists in in Interest groups which allows an attacker to cause a memory corruption and there by an application crash...

Intermittent Session Launch Failure with Active/Active StoreFront Server Groups

Users intermittently fail to receive ICA files from StoreFront when trying to launch a new session in the following circumstances all of the below conditions must apply: Multiple active StoreFront server groups are in use, connected by GSLB, configured either for direct access or authentication...

The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs

These days ransomware analysis gets a lot of coverage in commercial and public reports, with vendors issuing dozens of ransomware-related publications each year. These reports provide analysis on specific malware families or new samples, describe the activities of a particular ransomware group,...

Chromium: CVE-2022-2157 Use after free in Interest groups

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer

The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily...

GHSA-WGRG-5H56-JG27 Out-of-bounds write in nix::unistd::getgrouplist

On certain platforms, if a user has more than 16 groups, the nix::unistd::getgrouplist function will call the libc getgrouplist function with a length parameter greater than the size of the buffer it provides, resulting in an out-of-bounds write and memory corruption. The libc getgrouplist functi...

Out-of-bounds write in nix::unistd::getgrouplist

On certain platforms, if a user has more than 16 groups, the nix::unistd::getgrouplist function will call the libc getgrouplist function with a length parameter greater than the size of the buffer it provides, resulting in an out-of-bounds write and memory corruption. The libc getgrouplist functi...

Command injection

The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the...