Read Time:3 Second
Yum! Brands warns of fallout from January incident
Monthly Archives: April 2023
Why reporting an incident only makes the cybersecurity community stronger
Read Time:36 Second
Reporting an incident to the correct authorities or vulnerability clearinghouses can be an experience fraught with frustration. You pour time, energy, and resources into fighting an intrusion, all while keeping company officials and stakeholders up to date and preventing sensitive information from getting into the wild. Explaining what happened might seem just like another layer of hard work and exposure to potential embarrassment when the details are out there for all to see.
But legislators have been pushing enterprise executives to share more information about security incidents and they’re creating new requirements in the United States and around the world to mandate the disclosure of such information. Why?
Latitude Financial Refuses to Pay Ransom
ZDI-23-381: Microsoft Windows Remote Desktop Connection Uninitialized Variable Information Disclosure Vulnerability
Read Time:14 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must open a remote desktop session to a host that has been compromised or otherwise under control of an attacker.
ZDI-23-382: Microsoft SharePoint WSSXmlUrlResolver Server-Side Request Forgery Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability.
ZDI-23-383: Microsoft Windows Bluetooth BNEP Protocol Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device.
ZDI-23-384: Microsoft Office Word DOCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-385: Microsoft Office Word SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-380: Microsoft Azure Machine Learning Service DSIMountAgent Missing Authentication Information Disclosure Vulnerability
Read Time:6 Second
This vulnerability allows network-adjacent attackers to disclose sensitive information on Microsoft Azure. Authentication is not required to exploit this vulnerability.
APPLE-SA-2023-04-10-3 macOS Big Sur 11.7.6
Read Time:26 Second
Posted by Apple Product Security via Fulldisclosure on Apr 10
APPLE-SA-2023-04-10-3 macOS Big Sur 11.7.6
macOS Big Sur 11.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213725.
IOSurfaceAccelerator
Available for: macOS Big Sur
Impact: An app may be able to execute arbitrary code with kernel
privileges. Apple is aware of a report that this issue may have been
actively exploited.
Description: An out-of-bounds write issue was…