Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

What your peers said: G2 comparison of top Endpoint Security vendors

Categories: Business #1 in Endpoint Protection, #1 ROI for EDR, #1 for EDR implementation. (Read more...) The post What your peers said: G2 comparison of top Endpoint Security vendors appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#mac#windows
Daggerfly Cyberattack Campaign Hits African Telecom Services Providers

Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly, and which is also tracked by the broader cybersecurity community as Bronze Highland and Evasive Panda. The campaign makes use of "previously unseen plugins from

CVE-2023-1767: CVE-2023-1767 - Stored XSS on Snyk Advisor service can allow full fabrication of npm packages health score

The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored XSS prior to 28th March 2023. A feature of Snyk Advisor is to display the contents of a scanned package's Readme on its package health page. An attacker could create a package in NPM with an associated markdown README file containing XSS-able HTML tags. Upon Snyk Advisor importing the package, the XSS would run each time an end user browsed to the package's page on Snyk Advisor.

CVE-2021-33970: CVE-2021-33970 - Pastebin.com

Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges.

CVE-2021-33972: CVE-2021-33972 - Pastebin.com

Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges.

CVE-2021-33975: CVE-2021-33975 - Pastebin.com

Buffer Overflow vulnerability in Qihoo 360 Total Security v10.8.0.1060 and v10.8.0.1213 allows attacker to escalate privileges.

CVE-2021-33973: CVE-2021-33973 - Pastebin.com

Buffer Overflow vulnerability in Qihoo 360 Safe guard v12.1.0.1004, v12.1.0.1005, v13.1.0.1001 allows attacker to escalate priveleges.

GHSA-4v38-964c-xjmw: Code injection via unescaped translations in xwiki-platform

### Impact In XWiki, every user can add translations that are only applied to the current user. This also allows overriding existing translations. Such translations are often included in privileged contexts without any escaping which allows remote code execution for any user who has edit access on at least one document which could be the user's own profile where edit access is enabled by default. The following describes a proof of concept exploit to demonstrate this vulnerability: 1. Edit the user profile with the wiki editor and set the content to ``` error={{/html}} {{async async="true" cached="false" context="doc.reference"}}{{groovy}}println("hello from groovy!"){{/groovy}}{{/async}} ``` 2. Use the object editor to add an object of type `XWiki.TranslationDocumentClass` with scope `USER`. 3. Open the document `WikiManager.AdminWikiDescriptorSheet`. The expected result would be that a message with title `{{/html}} {{async async="true" cached="false" context="doc.reference"}}{{groo...