Security CERT Global

    • Reolink P2P Cameras
      This advisory contains mitigations for Use of Hard-coded Cryptographic Key, and Cleartext Transmission of Sensitive Information vulnerabilities in Reolink camera devices using P2P. ... read more
    • Dnsmasq by Simon Kelley
      This advisory contains mitigations for Heap-based Buffer Overflow, Insufficient Verification of Data Authenticity, and Use of a Broken or Risky Cryptographic Algorithm vulnerabilities in Dnsmasq open-source software. ... read more
    • Philips Interventional Workstations
      This advisory contains mitigations for an OS Command Injection vulnerability in Philips Interventional Workstation software products. ... read more
    • Genomgång av CERT-SE CTF2020
      Inför cybersäkerhetsmånaden 2020 släppte CERT-SE en utmaning, CTF (Capture The Flag). Här följer ett förslag på lösning. Utmaningen gick ut på att i en dump av nätverkstrafik hitta en "flagga". ... read more
    • CVE-2020-23342
      A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users. ... read more
    • CVE-2020-23522
      Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter. ... read more
    • CVE-2020-20950
      Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher's oracle attack to ... read more
    • CVE-2020-35128
      Mautic before 3.2.4 is affected by stored XSS. An attacker with permission to manage companies, an application feature, could attack other users, including administrators. For example, by loading an externally ... read more
    • CVE-2020-35129
      Mautic before 3.2.4 is affected by stored XSS. An attacker with access to Social Monitoring, an application feature, could attack other users, including administrators. For example, an attacker could load ... read more
    • CVE-2021-21605 (jenkins)
      Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override the global `config.xml` file. ... read more
    • CVE-2020-9143 (emui, magic_ui)
      There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure. ... read more
    • CVE-2020-9142 (emui, magic_ui)
      There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update ... read more
    • CVE-2020-9140 (emui, magic_ui)
      There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs. ... read more
    • CVE-2020-9141 (emui, magic_ui)
      There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity. ... read more
    • CVE-2020-28472
      This affects the package @aws-sdk/shared-ini-file-loader before 1.0.0-rc.9; the package aws-sdk before 2.814.0. If an attacker submits a malicious INI file to an application that parses it with loadSharedConfigFiles , they ... read more
    • CVE-2020-28477
      This affects all versions of package immer. ... read more
    • CVE-2020-28478
      This affects the package gsap before 3.6.0. ... read more
    • Apache udsender advisory til Tomcat
      Apache Software Foundation har frigivet en advisory til håndtering af en sårbarhed, der påvirker flere versioner af Apache Tomcat. En angriber kan udnytte sårbarheden til at få adgang til følsomme ... read more
    • CVE-2021-3178
      ** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts ... read more
    • CVE-2021-22852
      HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (online registration) to obtain database schema and data. ... read more
    • CVE-2021-22850
      HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions. ... read more
    • CVE-2021-22851
      HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data. ... read more
    • CVE-2021-3177
      Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, ... read more
    • Un actor de amenazas compromete un certificado de Mimecast
      Fecha de publicación: 12/01/2021 El proveedor de software de gestión de correo electrónico, Mimecast, ha informado de que uno de sus certificados emitidos, destinado a autenticar sus productos Mimecast ... read more
    • A threat actor commits a Mimecast certificate
      Publication date: 01/12/2021 The email management software provider, Mimecast, has reported that one of its issued certificates, intended to authenticate its Mimecast Sync and Recover, Continuity Monitor and IEP ... read more
    • Sårbarheder i Siemens produktudviklingsløsninger
      Siemens har i sidste uge orienteret kunderne om, at nogle af dets produktudviklingsløsninger er påvirket af en række sårbarheder, der kan udnyttes til afvikling af vilkårlig kode ved hjælp af ... read more
    • Vulnerability Scanning Tools and Services
      Advice on the choice, implementation and use of automated vulnerability scanning tools for organisations of all sizes. ... read more
    • Vulnerability Scanning: Keeping on top of the most common threats
      Vulnerability Scanning solutions offer a cost-effective way to discover and manage common security issues. ... read more
    • CVE-2021-20619
      Cross-site scripting vulnerability in GROWI (v4.2 Series) versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors. ... read more
    • CVE-2020-29450
      Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the avatar upload feature. The ... read more
    • ESB-2020.1110.2 – UPDATE [Win][UNIX/Linux] Ruby: Multiple vulnerabilities
      -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.1110.2 Ruby: Heap exposure vulnerability in the socket library 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- ... read more
    • お知らせ:JPCERT/CC Eyes「攻撃グループLazarusが侵入したネットワーク内で使用するツール」
      ... read more
    • GROWI vulnerable to cross-site scripting
      GROWI contains a cross-site scripting vulnerability. ... read more
    • JVN: GROWI におけるクロスサイトスクリプティングの脆弱性
      GROWI には、クロスサイトスクリプティングの脆弱性が存在します。続きを読む ... read more
    • Commonly Known Tools Used by Lazarus
      It is widely known that attackers use Windows commands and tools that are commonly known and used after intruding their target network. Lazarus attack group, a.k.a. Hidden Cobra, also uses ... read more
    • CVE-2021-25176
      Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed ... read more
    • CVE-2021-25175
      Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed ... read more
    • CVE-2021-25173
      Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists ... read more
    • CVE-2021-25177
      Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed ... read more
    • CVE-2020-36193
      Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related ... read more
    • CVE-2020-36192
      Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the ... read more
    • CVE-2020-7343
      Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates ... read more
    • CVE-2020-28473
      Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter ... read more
    • CVE-2020-28476
      Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the ... read more
    • CVE-2021-25174
      Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed ... read more
    • ESB-2021.0216 – [RedHat] postgresql:10: Multiple vulnerabilities
      -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0216 postgresql:10 security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: postgresql:10 Publisher: Red Hat ... read more
    • ESB-2021.0214 – [RedHat] postgresql:9.6: Multiple vulnerabilities
      -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0214 postgresql:9.6 security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: postgresql:9.6 Publisher: Red Hat ... read more
    • ESB-2021.0215 – [RedHat] postgresql:12: Multiple vulnerabilities
      -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0215 postgresql:12 security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: postgresql:12 Publisher: Red Hat ... read more
    • ESB-2021.0213 – [Debian] gst-plugins-bad1.0: Execute arbitrary code/commands – Unknown/unspecified
      -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0213 gst-plugins-bad1.0 security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: gst-plugins-bad1.0 Publisher: Debian Operating ... read more
    • ESB-2021.0212 – [RedHat] OpenShift Container Platform 4.6.12: Multiple vulnerabilities
      -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0212 OpenShift Container Platform 4.6.12 packages and security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- ... read more
    Older posts

MGS+ ICS Security Report April 2017

MGS+ ICS Security Report April 2017: Editor Picks: News Intelligence Alerts Report

 

2017 Security 100: 20 Coolest Endpoint Security Vendors
Source: http://www.crn.com/slide-shows/security/300084027/2017-security-100-20-coolest-endpoint-security-vendors.htm

 

Why Canada is well-positioned to be a global leader in cybersecurity
Cybersecurity: most IT personnel know of it. Even fewer follow up on the latest developments in the industry beyond notifications from their antivirus software that “143 latest threats” were just neutralized. Only a small handful of them actually go above and beyond, pushing the boundaries, proactively defending their organization from hundreds of new cyber threats unleashed daily.
Source: http://betakit.com/why-canada-is-well-positioned-to-be-a-global-leader-in-cybersecurity/

 

What the Best Transformational Leaders Do
Companies that claim to be “transforming” seem to be everywhere. But when you look more deeply into whether those organizations are truly redefining what they are and what they do, stories of successful change efforts are exceptionally rare. In a study of S&P 500 and Global 500 firms, our team found that those leading the most successful transformations, creating new offerings and business models to push into new growth markets, share common characteristics and strategies. Before describing those, let’s look at how we identified the exceptional firms that rose to the top of our ranking, a group we call the Transformation 10.
Source: https://hbr.org/2017/05/what-the-best-transformational-leaders-do

 

Europe Pumps Out 50% More Cybercrime Attacks Than US
Cyberattacks originating from Europe were substantially higher than nefarious activity launched from the US during the first quarter.
Source: http://www.darkreading.com/threat-intelligence/europe-pumps-out-50–more-cybercrime-attacks-than-us—/d/d-id/1328798

 

The Consequences of an Incomplete Threat Model
Source: https://www.carbonblack.com/2017/05/08/consequences-incomplete-threat-model/

 

Microsoft Calls on Governments to Stop Stockpiling Dangerous Software
In the wake of a major cyber attack that affected hospitals and other services in more than 150 countries, Microsoft has urged governments to stop their stockpiling of dangerous software that can be weaponized if leaked.
Source: http://time.com/4778646/microsoft-ransomware-cybersecurity-wannacrypt/

Tags: CloudSec,CyberSecurity,Infrastructure,Machine Learning,SCADA,Technology,