Read Time:9 Second
It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.
Monthly Archives: April 2023
CVE-2014-125094
Read Time:19 Second
A vulnerability classified as problematic was found in phpMiniAdmin up to 1.8.120510. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.9.140405 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-225001 was assigned to this vulnerability.
Seized Genesis malware market’s infostealers infected 1.5 million computers
Read Time:42 Second
Infamous hacker marketplace Genesis, which was taken down this week by an international law enforcement operation involving 17 countries, was selling access to millions of victim computers gained via the DanaBot infostealer and likely other malware.
Trellix, the cybersecurity firm that assisted in the takedown of the Genesis site, said that malware used by Genesis provided access to browser fingerprints, cookies, autofill form data, and other credentials.
“The disruption of Genesis Market is yet another successful takedown that proves that public-private partnerships are vital in fighting cybercrime,” said John Fokker, head of threat intelligence at the Trellix Advanced Research Center in Amsterdam. “We had been monitoring the marketplace for many years now and are proud to have been able to play a part in the takedown of this notorious market.”
ffmpeg-5.0.3-1.fc36
Read Time:10 Second
FEDORA-2023-1e24db98a6
Packages in this update:
ffmpeg-5.0.3-1.fc36
Update description:
New release with bug fixes across the tree
Contains security fixes for CVE-2022-48434 and CVE-2022-3109.
Default static key in ThingsBoard IoT platform can give attackers admin access
Read Time:49 Second
Developers of ThingsBoard, an open-source platform for managing IoT devices that’s used in various industry sectors, have fixed a vulnerability that could allow attackers to escalate their privileges on a server and send requests with administrative privileges. The vulnerability, tracked as CVE-2023-26462, was discovered and privately reported by researchers from IBM Security X-Force. It stems from the platform using a static key to sign JSON Web Tokens (JWTs) issued to clients. With knowledge of that key, which can be easily obtained, attackers could forge valid requests that would allow them to identify to the system as higher privileged users.
“Because ThingsBoard allowed the default key to be used without requiring administrators to change it, and because that default key was also exposed publicly in the configuration files, the door was opened for attackers to gain unauthorized access in excess of what is intended,” the X-Force researchers said in their report.
CIS Benchmarks April 2023 Update
Read Time:6 Second
Here is an overview of the CIS Benchmarks that the Center for Internet Security updated or released for April 2023.
CVE-2020-19678
Read Time:12 Second
Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a remote attacker to obtain sensitive information via the file parameter to suricata/suricata_logs_browser.php.
Ukrainian hackers spend $25,000 of pro-Russian blogger’s money on sex toys
Read Time:11 Second
A pro-Russian blogger who raised $25,000 for drones to assist Russian troops fighting in Ukraine, has received a huge delivery of sex toys instead.
Read more in my article on the Hot for Security blog.
A fireside chat with four CISOs about how they secure their cybersecurity firms from attack
Read Time:13 Second
On Tuesday 11 April, I’ll be joined by the CISOs of security firms Wiz, Rubrik, Noname, and Abnormal, for a friendly chat about how they protect their organisations from the huge number of threats targeting them.
I hope to see some of you there!