Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2023-5545: Official Moodle git projects - moodle.git/search

H5P metadata automatically populated the author with the user's username, which could be sensitive information.

CVE
#git#auth
Opinion: The Pros and Cons of the UK’s New Digital Regulation Principles 

By Daily Contributors By Liz Smith, Digital Marketing Consultant for Elsewhen – Digital technologies have transformed how we live, work, and… This is a post from HackRead.com Read the original post: Opinion: The Pros and Cons of the UK’s New Digital Regulation Principles

CVE-2023-34182: WordPress LH Password Changer plugin <= 1.55 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Peter Shaw LH Password Changer plugin <= 1.55 versions.

CVE-2023-34371: WordPress SpamReferrerBlock plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <= 2.22 versions.

CVE-2023-34178: WordPress Groundhogg plugin <= 2.7.11 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11 versions.

A new video series, Google Forms spam and the various gray areas of cyber attacks

It can be easy to get caught up in the “big” questions in cybersecurity, like how to stop ransomware globally or keep hospitals up and running when they’re targeted by data theft extortion.

Hive Ransomware Resurfaces as Hunters International, Bitdefender Claim

By Waqas Hive Ransomware had its infrastructure seized by the FBI and Europol back in January 2023. This is a post from HackRead.com Read the original post: Hive Ransomware Resurfaces as Hunters International, Bitdefender Claim

GHSA-c35q-ffpf-5qpm: AsyncSSH Rogue Session Attack

### Summary An issue in AsyncSSH v2.14.0 and earlier allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation. ### Details The rogue session attack targets any SSH client connecting to an AsyncSSH server, on which the attacker must have a shell account. The goal of the attack is to log the client into the attacker's account without the client being able to detect this. At that point, due to how SSH sessions interact with shell environments, the attacker has complete control over the remote end of the SSH session. The attacker receives all keyboard input by the user, completely controls the terminal output of the user's session, can send and receive data to/from forwarded network ports, and is able to create signatures with a forwarded SSH Agent, if any. The result is a complete break of the confidentiality and integrity of the secure channel, providing a strong vector for a targeted phishing campaign against the user. For e...

GHSA-cfc2-wr2v-gxm5: AsyncSSH Rogue Extension Negotiation

### Summary An issue in AsyncSSH v2.14.0 and earlier allows attackers to control the extension info message (RFC 8308) via a man-in-the-middle attack. ### Details The rogue extension negotiation attack targets an AsyncSSH client connecting to any SSH server sending an extension info message. The attack exploits an implementation flaw in the AsyncSSH implementation to inject an extension info message chosen by the attacker and delete the original extension info message, effectively replacing it. A correct SSH implementation should not process an unauthenticated extension info message. However, the injected message is accepted due to flaws in AsyncSSH. AsyncSSH supports the server-sig-algs and global-requests-ok extensions. Hence, the attacker can downgrade the algorithm used for client authentication by meddling with the value of server-sig-algs (e.g. use of SHA-1 instead of SHA-2). ### PoC <details> <summary>AsyncSSH Client 2.14.0 (simple_client.py example) connecting to Asyn...