Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2022-40246

A potential attacker can write one byte by arbitrary address at the time of the PEI phase (only during S3 resume boot mode) and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: SbPei SHA256: d827182e5f9b7a9ff0b9d3e232f7cfac43b5237e2681e11f005be627a49283a9 Module GUID: c1fbd624-27ea-40d1-aa48-94c3dc5c7e0d

CVE
#mac
CVE-2016-20015: root privilege escalation via race condition in init script

In the smokeping-2.7.3-r1.ebuild package for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the smokeping user to gain root privileges. There is a race condition involving /var/lib/smokeping and chown.

RHSA-2022:6536: Red Hat Security Advisory: OpenShift Container Platform 4.11.5 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3121: gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation

Water Sector Will Benefit From Call for Cyber Hardening of Critical Infrastructure

A call for federal agency "review and assessment" of cyber-safety plans at water treatment plants should better protect customers and move the industry forward.

American Airlines suffers data breach after phishing incident

Categories: News Tags: American Airlines Tags: data breach Tags: phishing Tags: identity theft Major airline American Airlines fell victim to a data breach after a cybercriminal got access to the email accounts of several employees via a phishing attack. (Read more...) The post American Airlines suffers data breach after phishing incident appeared first on Malwarebytes Labs.

Trojan.Ransom.Ryuk.A MVID-2022-0640 Code Execution

Trojan.Ransom.Ryuk.A ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. Once loaded the exploit dll will check if the current directory is "C:\Windows\System32" and if not, we grab our process ID and terminate. All basic tests were conducted successfully in a virtual machine environment.

Bookwyrm 0.4.3 Authentication Bypass

Bookwyrm versions 0.4.3 and below suffer from an authentication bypass vulnerability due to a lack of rate limiting on OTP checks.

Trojan-Dropper.Win32.Corty.10 MVID-2022-0639 Insecure Credential Storage

Trojan-Dropper.Win32.Corty.10 malware suffers from an insecure credential storage vulnerability.