Carbanak and FIN7 Attack Techniques

What happens in Carbanak and FIN7 attacks? Here are some techniques used by these financially motivated threat groups that target banks, retail stores, and other establishments...

SUSE: Security Advisory (SUSE-SU-2015:0281-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Virtuozzo Hybrid Infrastructure 4.5 Update 1 Hotfix 2 (4.5.1-34)

This update provides fixes for the admin and self-service panels. Vulnerability id: VSTOR-42074 Unable to add a network interface to an existing VM in the self-service panel. Vulnerability id: VSTOR-42954 Added a message about disabling security groups for a VM network interface. Vulnerability id...

Atlassian Jira Server and Data Center Information Disclosure Vulnerability (CNVD-2021-55945)

Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia.Atlassian JIRA Server is a server version of a defect tracking management system. Atlassian JIRA Data Center is the data center version of Atlassian JIRA. Atlassian Jira Server and Data Center have an...

openSUSE: Security Advisory for chromium (openSUSE-SU-2021:0436-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Attackers Target ProxyLogon Exploit to Install Cryptojacker

Cryptojacking can be added to the list of threats that face any unpatched Exchange servers that remain vulnerable to the now-infamous ProxyLogon exploit, new research has found. Researchers discovered the threat actors using Exchange servers compromised using the highly publicized exploit...

GHSA-JRH7-MHHX-6H88 Denial of service (via resource exhaustion) due to improper input validation on groups/communities endpoints

Impact Missing input validation of some parameters on the groups also known as communities endpoints could cause excessive use of disk space and memory leading to resource exhaustion. Additionally clients may have issues rendering large fields. Patches This issue is fixed by 9321 and 9393...

Denial of service (via resource exhaustion) due to improper input validation on groups/communities endpoints

Impact Missing input validation of some parameters on the groups also known as communities endpoints could cause excessive use of disk space and memory leading to resource exhaustion. Additionally clients may have issues rendering large fields. Patches This issue is fixed by 9321 and 9393...

PYSEC-2021-27

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party...

Man Arrested for AWS Bomb Plot

A Texas man has been charged with plotting a bombing of Amazon Web Services in a quest to allegedly “kill off the internet.” Seth Aaron Pendley was arrested in Ft. Worth after allegedly attempting to get an explosive device from an undercover FBI employee in a sting. The feds were alerted to...

CVE-2021-28924

Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page...

CVE-2021-20306

A flaw was found in the BPMN editor. Any authenticated user from any project can see the name of Ruleflow Groups from other projects, despite the user not having access to those projects. The highest threat from this vulnerability is to confidentiality...

Red Hat BPMN Editor 安全漏洞

Red Hat BPMN Editor is an application software from Red Hat, Inc. an editor software. A security vulnerability exists in Red Hat BPMN EditorThe vulnerability allows any authenticated user in any project to see the names of Ruleflow groups in other projects, even though the user does not have acce...

Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting

As seen in recent sophisticated cyberattacks, especially human-operated campaigns, it’s critical to not only detect an attack as early as possible but also to rapidly determine the scope of the compromise and predict how it will progress. How an attack proceeds depends on the attacker’s goals and...

Denial of service

The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a group exists & members of groups if they are assigned to publicly...

KLA12181 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in WebRTC can be exploited to cause denial of service or execute...

PYSA, the ransomware attacking schools

The education sector’s cybersecurity problem has compounded in the last few months. A recent warning from the FBI, in mid-March, put schools in the US and UK on notice of increased attacks from the threat actors behind the PYSA ransomware. If this is the first time you’ve heard of this family, re...

GHSA-7H8V-2V8X-H264 SQL Injection in moodle

In moodle, some database module web services allowed students to add entries within groups they did not belong to. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.8.6, 3.7.9, 3.5.15, and 3.10...

Authorization

OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The --gitlab-group flag for group-based authorization in the GitLab provider stopped working in the v7.0.0 release. Regardless of the flag settings, authorization wasn't restricted...

Information Disclosure

OMERO web is vulnerable to information disclosure. The vulnerability exists because the main webclient page loads various information about the current user such as their id, name and the groups they are in...