What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-10-11 20:15:12 | CVE-2022-20422 (lien direct) | In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel | Guideline | ||
|
2022-10-11 20:15:11 | CVE-2022-20410 (lien direct) | In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-205570663 | Guideline | ||
|
2022-10-11 20:15:11 | CVE-2022-20415 (lien direct) | In handleFullScreenIntent of StatusBarNotificationActivityStarter.java, there is a possible bypass of the restriction of starting activity from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-231322873 | Guideline | ||
|
2022-10-11 20:15:11 | CVE-2022-20409 (lien direct) | In io_identity_cow of io_uring.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238177383References: Upstream kernel | Guideline | ★★★★ | |
|
2022-10-11 20:15:11 | CVE-2022-20416 (lien direct) | In audioTransportsToHal of HidlUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-237717857 | Guideline | ||
|
2022-10-11 20:15:11 | CVE-2022-20412 (lien direct) | In fdt_next_tag of fdt.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230794395 | Guideline | ||
|
2022-10-11 20:15:11 | CVE-2022-20413 (lien direct) | In start of Threads.cpp, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-235850634 | Guideline | ||
|
2022-10-11 20:15:11 | CVE-2022-20417 (lien direct) | In audioTransportsToHal of HidlUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-237288416 | Guideline | ||
|
2022-10-11 20:15:10 | CVE-2021-0951 (lien direct) | In DevmemIntHeapAcquire of TBD, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-242345085 | Guideline | ||
|
2022-10-11 20:15:10 | CVE-2022-20394 (lien direct) | In getInputMethodWindowVisibleHeight of InputMethodManagerService.java, there is a possible way to determine when another app is showing an IME due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-204906124 | Guideline | ★★★★★ | |
|
2022-10-11 20:15:10 | CVE-2022-20351 (lien direct) | In queryInternal of CallLogProvider.java, there is a possible access to voicemail information due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224771921 | Guideline | ★★★ | |
|
2022-10-11 20:15:10 | CVE-2021-0696 (lien direct) | In dllist_remove_node of TBD, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-242344778 | Guideline | ★★★★ | |
 |
2022-10-11 19:22:42 | Google Pixel 7 and Pixel 7 Pro: The next evolution in mobile security (lien direct) | Dave Kleidermacher, Jesse Seed, Brandon Barbello, Sherif Hanna, Eugene Liderman, Android, Pixel, and Silicon Security Teams Every day, billions of people around the world trust Google products to enrich their lives and provide helpful features – across mobile devices, smart home devices, health and fitness devices, and more. We keep more people safe online than anyone else in the world, with products that are secure by default, private by design and that put you in control. As our advancements in knowledge and computing grow to deliver more help across contexts, locations and languages, our unwavering commitment to protecting your information remains. That's why Pixel phones are designed from the ground up to help protect you and your sensitive data while keeping you in control. We're taking our industry-leading approach to security and privacy to the next level with Google Pixel 7 and Pixel 7 Pro, our most secure and private phones yet, which were recently recognized as the highest rated for security when tested among other smartphones by a third-party global research firm.1 Pixel phones also get better every few months with Feature Drops that provide the latest product updates, tips and tricks from Google. And Pixel 7 and Pixel 7 Pro users will receive at least five years of security updates2, so your Pixel gets even more secure over time. Your protection, built into PixelYour digital life and most sensitive information lives on your phone: financial information, passwords, personal data, photos – you name it. With Google Tensor G2 and our custom Titan M2 security chip, Pixel 7 and Pixel 7 Pro have multiple layers of hardware security to help keep you and your personal information safe. We take a comprehensive, end-to-end approach to security with verifiable protections at each layer - the network, application, operating system and multiple layers on the silicon itself. If you use Pixel for your business, this approach helps protect your company data, too.  Google Tensor G2 is Pixel's newest powerful processor custom built with Google AI, and makes Pixel 7 faster, more efficient and secure3. Every aspect of Tensor G2 was designed to improve Pixel's performance and efficiency for great battery life, amazing photos and videos. Tensor's built-in security core works with our Titan M2 security chip to keep your personal information, PINs and passwords safe. Titan family chips are also used to protect Google Cloud data centers and Chromebooks, so the same hardware that protects Google servers also secures your sensitive information stored on Pixel. And, in a first for Google, Titan M2 hardware has now been certified under Common Criteria PP0084: the international gold standard for hardware security components also used for identity, SIM cards, and bankcard security chips. |
Spam Malware Vulnerability Guideline Industrial | APT 40 | |
|
2022-10-11 18:15:10 | CVE-2022-39296 (lien direct) | MelisAssetManager provides deliveries of Melis Platform's assets located in every module's public folder. Attackers can read arbitrary files on affected versions of `melisplatform/melis-asset-manager`, leading to the disclosure of sensitive information. Conducting this attack does not require authentication. Users should immediately upgrade to `melisplatform/melis-asset-manager` >= 5.0.1. This issue was addressed by restricting access to files to intended directories only. | Guideline | ★★ | |
|
2022-10-11 18:15:10 | CVE-2022-3452 (lien direct) | A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument category_name leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-210436. | Vulnerability Guideline | ||
|
2022-10-11 18:15:10 | CVE-2022-3453 (lien direct) | A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /transcation.php. The manipulation of the argument buyer_name leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-210437 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-10-11 17:15:11 | CVE-2022-34430 (lien direct) | Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification. | Vulnerability Guideline | ||
|
2022-10-11 17:15:11 | CVE-2022-34431 (lien direct) | Dell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. A WMS privilege attacker could potentially exploit this vulnerability, leading to DHC system not being accessible. | Guideline | ||
|
2022-10-11 17:15:11 | CVE-2022-34427 (lien direct) | Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution. | Vulnerability Guideline | ||
|
2022-10-11 17:15:11 | CVE-2022-34434 (lien direct) | Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. A threat actor with root level access to either the vApp or containerized versions of Cloud Mobility may potentially exploit this vulnerability, leading to the modification or deletion of tables that are required for many of the core functionalities of Cloud Mobility. Exploitation may lead to the compromise of integrity and availability of the normal functionality of the Cloud Mobility application. | Vulnerability Threat Guideline | ||
|
2022-10-11 17:15:10 | CVE-2022-34426 (lien direct) | Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. A remote unauthenticated attacker could exploit this vulnerability leading to unintentional access to path outside of restricted directory. | Vulnerability Guideline | ||
 |
2022-10-11 15:37:13 | F5 désigné "Best in Class" de la matrice Aite-Novarica qui recense les principales solutions de détection et gestion de bots (lien direct) | Cette reconnaissance confirme la position de leader de F5 sur le marché de la gestion des bots F5 Networks (NASDAQ : FFIV) annonce que le groupe Aite-Novarica, société de recherche et de conseil dans le domaine des services financiers, a classé F5 parmi les meilleurs fournisseurs de solutions de gestion de bots dans sa récente matrice Aite et dans la catégorie : Principaux fournisseurs de services de détection et de gestion de bots. Fournisseur leader dans sa catégorie, F5 intègre à son approche (...) - Business | Guideline | ||
|
2022-10-11 15:15:09 | CVE-2022-32174 (lien direct) | In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cross-Site Scripting (XSS) that leads to an account takeover. | Guideline | ★★★ | |
 |
2022-10-11 14:49:00 | Ukrainian Military-Themed Excel File Delivers Multi-Stage Cobalt Strike Loader (lien direct) | FortiGuard Labs discovered a malicious document masquerading as a salary calculator tool. Read to learn more about the document which if triggered executes evasive multi-stage loaders, eventually leading to Cobalt Strike Beacon malware being loaded onto a device. | Malware Guideline | ||
|
2022-10-11 12:17:46 | Okta dévoile son "State of Secure Identity Report" (lien direct) | A l'occasion des Assises de la Sécurité 2022, Auth0d'Okta, leader indépendant des services d'identification, présente, les résultats de son rapport " State of Secure Identity Report " qui dévoile les dernières tendances sur la gestion des identités, d'après les milliards d'authentifications observées sur sa plateforme sur le premier semestre 2022. La mise en lumière de ces observations a pour but d'aider les organisations à évaluer les menaces qui pèsent sur la gestion des identités au sein de leurs clients (...) - Investigations | Guideline | ||
|
2022-10-11 11:15:10 | CVE-2022-40176 (lien direct) | A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). There exists an Improper Neutralization of Special Elements used in an OS Command with root privileges during a restore operation due to the missing validation of the names of files included in the input package. By restoring a specifically crafted package, a remote low-privileged attacker can execute arbitrary system commands with root privileges on the device, leading to a full compromise. | Vulnerability Guideline | ||
 |
2022-10-11 11:01:45 | Check Point Software Welcomes LearnQuest to the ATC Partner Program (lien direct) | >The Check Point Mind team is excited to announce our new partnership with LearnQuest, a leading provider of IT and Business skills training for more than 25 years. Consistently recognized by TrainingIndustry.com as a top IT training company, LearnQuest maintains an extensive training catalog consisting of hundreds of IT topics, including Cloud, Application Development, Cyber… | Guideline | ||
 |
2022-10-11 10:00:00 | PCI DSS v4.0 (lien direct) | 2022 is the year that much of the world managed, to varying degrees of success, to get back to normal. People ramped up traveling, returned to in-person activities and many returned to the office. The pandemic changed most aspects of day-to-day life, but hackers and other bad actors generally continued making life difficult for businesses, governments, and non-profit entities. As a result, there have been some innovative new ways to target networks and IT infrastructures that keep CISOs and their teams up at night. A sample of those types of concerning threat vectors include Ransomware as a Service, targeting IOT/OT infrastructure, general supply chain attacks. Tried and true methods, like phishing, and targeting unpatched or outdated systems to find vulnerabilities also continued. Data shows that threats are increasing in volume and impact across every industry and government agency. The Cybersecurity and Infrastructure Security Agency (CISA) recently reported that 14 critical US sectors have been the subject to intense ransomware attacks and the FBI identified over 2,000 ransomware attacks between January and July of 2022. (source) CheckPoint estimates that 1 out of 40 organizations will be hit by a ransomware attack and 84% of those sees some amount of data exfiltration. IBM appraises the average cost of a data breach at $4.3M and the recovery time from such attacks is approximately 22 days. And with all of that said, the World Economic Forum still attributes 95% of all data breaches to human error. The cybersecurity industry is fighting back. The PCI Security Standards Council (PCI SSC) sorted through over 6,000 pieces of feedback from over 200 organizations, to help it create the new standard aimed at significantly reducing the success of these types of attacks in the future. On May 31, 2022, the PCI SSC released version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS). This provides an accepted baseline of technical and operational requirements designed to protect various types of user account data. The updated standard and Summary of Changes document are available now on the PCI SSC website. Version 4.0 is a significant update to the standard, so to enable organizations to understand the new requirements and plan, execute and test updates, the current version of 3.2.1 remains active through March 31, 2024. Assessors are undergoing training and certification for the new standard now, and once available, they will be able to assess to either the current or new standard, based upon the plans of the organization. The new standard had many expected updates based upon evolving payment card industry security needs. There are also changes to the frequency of expected effort, shifting from specific durations between work to the idea that security is a continuous process. The stated goals for PCI DSS v4.0 are as follows: Continue to Meet the Security Needs of the Payment Industry; Promote Security as Continuous Process; Add Flexibility for Different Meth | Ransomware Data Breach Tool Vulnerability Threat Guideline | ||
|
2022-10-11 09:30:00 | Fortinet Cybersecurity Trainers Help Upskill Professionals to Help Close the Skill Gap (lien direct) | Training future cybersecurity leaders is an important part of closing the cyber skills gap. Learn more about the impact and career journey of being a Fortinet cyber training trainer. | Guideline | ||
|
2022-10-11 09:09:27 | Le groupe Hamelin upgrade et étend ses services de réseaux infogérés européens avec GTT (lien direct) | GTT fournit des services de connectivité à 15 sites internationaux du prestigieux fabricant d'articles scolaires et de bureau, célèbre pour ses marques Oxford et ELBA. GTT Communications Inc., l'un des principaux fournisseurs mondiaux de réseaux managés et de services de sécurité pour les entreprises multinationales, a annoncé aujourd'hui qu'il allait upgrader le réseau international de Hamelin, un des leaders européens de la fabrication d'articles scolaires et de bureau. Le contrat de quatre ans couvre (...) - Business | Guideline | ||
|
2022-10-11 09:07:59 | DiliTrust présente 3 raisons d\'accélérer la transition digitale des directions juridiques (lien direct) | DiliTrust, leader des solutions SaaS pour les directions juridiques, s'est forgé un savoir-faire reconnu au contact des directions juridiques des grands groupes et des entreprises de taille intermédiaire. La société innove continuellement et propose une suite intégrée de solutions sécurisées, pour répondre aux défis de transformation digitale, de collaboration et de conformité des départements juridiques. La transformation digitale d'une entreprise correspond à l'introduction du numérique au sein de (...) - Business | Guideline | ||
 |
2022-10-11 00:00:00 | Enhance Cyber Defense with 2022 Cybersecurity Trends (lien direct) | Jon Clay, VP of Threat Intelligence, reviews cybersecurity trends from the first half of 2022 to help CISOs and security leaders enhance their cyber defense strategy and lower cyber risk. | Threat Guideline | ||
|
2022-10-10 21:15:11 | CVE-2022-41745 (lien direct) | An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Vulnerability Guideline | ||
|
2022-10-10 21:15:11 | CVE-2022-34402 (lien direct) | Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An admin privilege attacker could potentially exploit this vulnerability, leading to denial-of-service. | Vulnerability Guideline | ||
|
2022-10-10 21:15:11 | CVE-2022-34425 (lien direct) | Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication. | Vulnerability Guideline | ||
|
2022-10-10 21:15:11 | CVE-2022-3209 (lien direct) | The soledad WordPress theme before 8.2.5 does not sanitise the {id,datafilter[type],...} parameters in its penci_more_slist_post_ajax AJAX action, leading to a Reflected Cross-Site Scripting (XSS) vulnerability. | Guideline | ||
|
2022-10-10 21:15:09 | CVE-2021-25044 (lien direct) | The Cryptocurrency Pricing list and Ticker WordPress plugin through 1.5 does not sanitise and escape the ccpw_setpage parameter before outputting it back in pages where its shortcode is embed, leading to a Reflected Cross-Site Scripting issue | Guideline | ||
|
2022-10-10 14:15:09 | CVE-2022-3442 (lien direct) | A vulnerability was found in Crealogix EBICS 7.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ebics-server/ebics.aspx. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.1 is able to address this issue. It is recommended to upgrade the affected component. VDB-210374 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-10-10 13:21:55 | BlueVoyant et excelia s\'associent pour proposer des services de cybersécurité de bout en bout. (lien direct) | BlueVoyant, une entreprise de cyberdéfense leader, annonce son partenariat avec excelia, entreprise mondiale de conseil, de technologie et de services professionnels à forte présence sur les marchés espagnol et latino-américain. Ce partenariat associe les 20 ans d'expérience d'excelia dans le conseil en Europe, en Amérique latine et aux États-Unis, aux services de BlueVoyant assurant une protection de cybersécurité de bout en bout pour défendre les entreprises, leurs clients et leurs écosystèmes tiers (...) - Business | Guideline | ||
|
2022-10-10 12:22:33 | Arrow ajoute Juniper Networks à ArrowSphere dans dix pays européens (lien direct) | Arrow a ajouté Juniper Networks, un leader dans le domaine des réseaux sécurisés et basés sur l'intelligence artificielle, à sa Plateforme ArrowSphere. Lancé initialement en Suède, le déploiement se poursuivra en Autriche, en République tchèque, au Danemark, en Estonie, en Finlande, en France, en Allemagne, en Norvège et en Suisse durant le quatrième trimestre 2022 et le premier trimestre 2023. Les solutions Juniper basées sur le cloud, telles que le WiFi/LAN, permettent de simplifier les opérations (...) - Business | Guideline | ★★★★★ | |
|
2022-10-10 12:11:22 | OVHcloud étend ses ambitions pour ses offres SecNumCloud et mobilise son expertise industrielle pour adresser les cas d\'usage les plus sensibles (lien direct) | Alors que les Assises de la cybersécurité 2022 ouvriront leurs portes le 12 octobre à Monaco, le leader européen du cloud et fer de lance d'un cloud de confiance réaffirme ses engagements autour de la qualification SecNumCloud de l'ANSSI. OVHcloud poursuit ses investissements afin d'appliquer ce niveau de sécurité sur l'ensemble de son portefeuille Infrastructure-as-a-Service (IaaS), mais également sur ses solutions de Platform-as-a-Service (PaaS). Fort de son modèle industriel intégré unique et (...) - Business | Guideline | ||
|
2022-10-10 10:00:00 | Endpoint Detection and Response – you need it on mobile devices too (lien direct) | This blog was written by an independent guest blogger. Welcome to the final episode in our blog series focused on Mobile Endpoint Security. The first two episodes detailed the protections necessary to secure data accessed by remote workers (Endpoint security and remote work) and best practices for combating the threat of ransomware 5 ways to prevent Ransomware attacks). In this installment, we will highlight the need to extend your company’s Endpoint Detection and Response capabilities beyond traditional endpoints (servers, laptops, desktops) to include mobile devices to proactively prevent advanced threats and improve your company’s incidence response. The two previous blogs provided detail on the types of threats that target businesses across all verticals and presented evidence to establish the mobile device as the entry point for the significant percentage of these attacks. As an example, Twilio recently published a blog detailing an attack that compromised their internal systems and customer data via a series of SMS messages to employees. The bad actors mimicked login requests for SSO and Okta to socially engineer those employees that resulted in the need to engage a forensics firm to lead the ongoing investigation. Logically, any efforts by that forensics firm specific to EDR, threat hunting and incident response should therefore also include the ability to research and respond to attacks that originate via mobile devices with similar capabilities to that of traditional EDR solutions. Therefore, we must examine the gap that exists in current EDR solutions as it relates to mobile devices along with the reasons why the traditional solutions in this space are so ill-equipped to operate in the mobile device ecosystem. It stands to reason that the dominant players in this space such as Crowdstrike, SentinelOne, and CarbonBlack have addressed mobile with their solutions given the dependence on mobile devices by workers across all verticals. However, there are challenges that exist for their solutions due to the inherent architectures of the operating systems of traditional endpoints (Windows, MacOS) versus mobile (Android, iOS). Primarily, the core difference is the lack of kernel access available to mobile devices which limits the efficacy of incident response, kill chain reconstruction, and proactive threat hunting for traditional EDR solutions. Without access to the kernel, a different strategy must be employed to effectively detect threats that exist across the mobile ecosystem of both your managed and unmanaged devices. Specifically, the need exists for an agent tailored specifically for the challenges presented by mobile platforms, a streaming detection engine capable of analyzing mobile-specific telemetry, and ways of identifying anomalous mobile-unique behavior across thousands of data points collected from millions of mobile devices. These capabilities enable you to leverage your mobile fleet telemetry to build proactive protection policies, improve your threat hunting workflow, and quickly identify how attackers leverage sophisticated campaigns to target your organization. The variable in this equation, that most directly influences your company’s ability to detect and respond to these threats, becomes the ability to provide domain-specific context via a comprehensive mobile ecosystem dataset. To further explain the gap that exists in almost all companies’ incident response capabilities and make the need for mobile EDR m | Ransomware Threat Guideline | ||
|
2022-10-10 07:10:40 | The Blockchain Group lance son offre Metadev3 pour accélérer l\'adoption de la blockchain en entreprise (lien direct) | La nouvelle offre Metadev3 permet aux entreprises d'accéder à toutes les expertises de The Blockchain Group en matière de projet blockchain et web3 d'envergure pour accélérer la transformation de leurs activités. The Blockchain Group, le leader français des technologies blockchain annonce le lancement de son offre Metadev3 pour le développement des projets blockchain d'entreprise. Cette offre condense les multiples expertises de The Blockchain Group en termes de développement applicatif et (...) - Marchés | Guideline | ||
 |
2022-10-09 15:26:40 | (Déjà vu) Fake Solana Phantom security updates push crypto-stealing malware (lien direct) | Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] | Malware Guideline | ||
|
2022-10-09 15:26:40 | Solana Phantom security update NFTs push password-stealing malware (lien direct) | Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] | Malware Guideline | ||
|
2022-10-09 09:15:10 | CVE-2022-3436 (lien direct) | A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-210367. | Vulnerability Guideline | ||
|
2022-10-08 11:15:10 | CVE-2022-3435 (lien direct) | A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-10-08 11:15:09 | CVE-2022-3434 (lien direct) | A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been rated as problematic. Affected by this issue is the function prepare of the file /Admin/add-student.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210356. | Vulnerability Guideline | ||
|
2022-10-07 22:15:12 | CVE-2022-39959 (lien direct) | Panini Everest Engine 2.0.4 allows unprivileged users to create a file named Everest.exe in the %PROGRAMDATA%\Panini folder. This leads to privilege escalation because a service, running as SYSTEM, uses the unquoted path of %PROGRAMDATA%\Panini\Everest Engine\EverestEngine.exe and therefore a Trojan horse %PROGRAMDATA%\Panini\Everest.exe may be executed instead of the intended vendor-supplied EverestEngine.exe file. | Guideline | ||
 |
2022-10-07 22:03:12 | VMware fixed a high-severity bug in vCenter Server (lien direct) | >VMware this week addressed a severe vulnerability in vCenter Server that could lead to arbitrary code execution. VMware on Thursday released security patches to address a code execution vulnerability, tracked as CVE-2022-31680 (CVSS score of 7.2), in vCenter Server. The security issue is an unsafe deserialization vulnerability that resides in the platform services controller (PSC). […] | Vulnerability Guideline |
To see everything:
Our RSS (filtrered)
