Tag
FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode.
In cyberattacks against the US, South Korea, and Japan, the group (aka APT43 or Thallium) is using advanced social engineering and cryptomining tactics that set it apart from other threat actors.
A technique, dubbed the "Near-Ultrasound Inaudible Trojan" (NUIT), allows an attacker to exploit smartphones and smart speakers over the Internet, using sounds undetectable by humans.
rukovoditel version 3.2.1 suffers from a cross site scripting vulnerability.
Apple Security Advisory 2023-03-27-5 - macOS Big Sur 11.7.5 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
Label Studio versions 1.5.0 and below suffer from a server-side request forgery vulnerability.
Apple Security Advisory 2023-03-27-4 - macOS Monterey 12.6.4 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
IoT risk and security must get more attention from vendors and support from the marketplace.
A new phishing campaign has set its sights on European entities to distribute Remcos RAT and Formbook via a malware loader dubbed DBatLoader. "The malware payload is distributed through WordPress websites that have authorized SSL certificates, which is a common tactic used by threat actors to evade detection engines," Zscaler researchers Meghraj Nandanwar and Satyam Singh said in a report
### Summary `authority-regex` allows an attacker to send malicious URLs to be parsed by the `lambdaisland/uri` and return the wrong authority. This issue is similar to CVE-2020-8910. ### Details https://github.com/lambdaisland/uri/blob/d3355fcd3e235238f4dcd37be97787a84e580072/src/lambdaisland/uri.cljc#L9 This regex doesn't handle the backslash (`\`) character in the username correctly, leading to a wrong output. **Payload:** `https://example.com\\@google.com` The returned host is `google.com`, but the correct host should be `example.com`. `urllib3` (Python) and `google-closure-library` (Javascript) return `example.com` as the host. Here the correct (or current) regex used by `google-closure-library`: https://github.com/google/closure-library/blob/0e567abedb058e9b194a40cfa3ad4c507653bccf/closure/goog/uri/utils.js#L189 ### PoC ``` (ns poc.core) (require '[lambdaisland.uri :refer (uri)]) (def myurl "https://example.com\\@google.com") (defn -main [] (println myurl) (printl...