Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

How CISOs Can Communicate With Their Boards Effectively

With the increased frequency of board reporting, CISOs need to ensure their interactions are brief, productive, and valuable.

DARKReading
Open in Source
#auth
Name That Toon: Sneaking Around

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

Why Ethereum Will Be a Key Platform for Businesses in the Future

Explore how Ethereum revolutionizes industries with smart contracts, DeFi, NFTs, gaming, DAOs, and sustainability, shaping the future of…

Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations

Italy's data protection authority has fined ChatGPT maker OpenAI a fine of €15 million ($15.66 million) over how the generative artificial intelligence application handles personal data. The fine comes nearly a year after the Garante found that ChatGPT processed users' information to train its service in violation of the European Union's General Data Protection Regulation (GDPR). The authority

Mystery Drone Sightings Lead to FAA Ban Despite No Detected Threats

Plus: Google’s U-turn on creepy “fingerprint” tracking, the LockBit ransomware gang’s teased comeback, and a potential US ban on the most popular routers in America.

GHSA-cmwp-442x-3rcv: Piranha CMS Cross-site Scripting vulnerability

A file upload functionality in Piranha CMS 11.1 allows authenticated remote attackers to upload a crafted PDF file to /manager/media. This PDF can contain malicious JavaScript code, which is executed when a victim user opens or interacts with the PDF in their web browser, leading to a XSS vulnerability.

GHSA-mmx8-vrfg-hfmq: Piranha CMS Cross-site Scripting vulnerability

A stored cross-site scripting (XSS) vulnerability in Piranha CMS 11.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by creating a page via the /manager/pages and then adding a markdown content with the XSS payload.

How to Protect Your Environment From the NTLM Vulnerability

This Tech Tip outlines what enterprise defenders need to do to protect their enterprise environment from the new NTLM vulnerability.

GHSA-cvv5-9h9w-qp2m: Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID)

### Summary The SSID is not sanitized when before it is passed as a parameter to cmd.exe in the `getWindowsIEEE8021x` function. This means that malicious content in the SSID can be executed as OS commands. ### Details I have exploited this vulnerability in a Windows service using version 5.22.11 of the module, to escalate privileges (in an environment where I am authorized to do so). However, as far as I can see from the code, it is still present in master branch at time of writing, on line [403/404 of network.js](https://github.com/sebhildebrandt/systeminformation/blob/3a92931c7d46605ffddc1aacb97a9727273b2888/lib/network.js#L403). The SSID is obtained from `netsh wlan show interface ...` in `getWindowsWirelessIfaceSSID`, and then passed to `cmd.exe /d /s /c "netsh wlan show profiles ...` in `getWindowsIEEE8021x`, without sanitization. ### PoC First, the command injection payload should be included in the connected Wi-Fi SSID. For example create hotspot on mobile phone or other lap...

LockBit Ransomware Developer Arrested in Israel

Dual Russian-Israeli national Rostislav Panev was arrested last August and is facing extradition to the US for playing a critical role in LockBit's RaaS activities, dating back to the ransomware gang's origins.