National Republican Army wants to overthrow Putin regime
Monthly Archives: October 2022
8 strange ways employees can (accidently) expose data
Employees are often warned about the data exposure risks associated with the likes of phishing emails, credential theft, and using weak passwords. However, they can risk leaking or exposing sensitive information about themselves, the work they do, or their organization without even realizing. This risk frequently goes unexplored in cybersecurity awareness training, leaving employees oblivious to the risks they can pose to the security of data which, if exposed, could be exploited both directly and indirectly to target workers and businesses for malicious gain.
Here are eight unusual, unexpected, and relatively strange ways employees can accidently expose data, along with advice for addressing and mitigating the risks associated with them.
Kardashian Charged by SEC After Crypto Post
ZDI-22-1327: Apache Batik DefaultScriptSecurity Server-Side Request Forgery Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache Batik. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
ZDI-22-1328: Apache Batik DefaultExternalResourceSecurity Server-Side Request Forgery Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apache Batik. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
DSA-5248 php-twig – security update
Marlon Starkloff discovered that twig, a template engine for PHP, did
not correctly enforce sandboxing. This would allow a malicious user to
execute arbitrary code.
DSA-5246 mediawiki – security update
Multiple security issues were discovered in MediaWiki, a website engine
for collaborative work, which could result in restriction bypass,
information leaks, cross-site scripting or denial of service.
DSA-5247 barbican – security update
Douglas Mendizabal discovered that Barbican, the OpenStack Key Management
Service, incorrectly parsed requests which could allow an authenticated
user to bypass Barbican access policies.
USN-5651-2: strongSwan vulnerability
USN-5651-1 fixed a vulnerability in strongSwan. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and
and CRL distribution points (CDP) in certificates. A remote attacker could
possibly use this issue to initiate IKE_SAs and send crafted certificates
that contain URIs pointing to servers under their control, which can lead
to a denial-of-service attack.
Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed
Attackers are currently exploiting two unpatched vulnerabilities to remotely compromise on-premises Microsoft Exchange servers. Microsoft confirmed the flaws late last week and published mitigation advice until a complete patch can be developed, but according to reports, the proposed mitigation can be easily bypassed.
The new vulnerabilities were discovered in early August by a Vietnamese security company called GTSC while performing security monitoring and incident response for a customer whose servers were attacked. Initially, the GTSC researchers thought they might be dealing with a ProxyShell exploit based on the malicious requests seen in the server logs which looked similar. ProxyShell is an attack that chains three Exchange vulnerabilities and was patched last year.