#mac

Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.

Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 `DisplayName` does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes `DisplayName` prior to display to the user. All users of gogs are advised to upgrade. Users unable to upgrade should check their users' display names for malicious characters.

x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, the logic for acquiring a type reference has a race condition, whereby a safely TLB flush is issued too early and creates a window where the guest can re-establish the read/write mapping before writeability is prohibited.

A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. In this way, the filesystem layout can be adjusted to gain root privileges through execution of available setuid-root binaries such as su or sudo.

An Insecure Direct Object Reference (IDOR) issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allows remote authenticated attackers to obtain sensitive student information (final grades, study courses, degrees) by changing the student ID parameter in the HTTP POST request to the FrontControllerSS endpoint.

At a 2022 RSA Conference keynote, technologist Bruce Schneier asserted that artificial intelligence agents will start to hack human systems — and what that will mean for us.

A review of what's changed in malware in 2022, and what hasn't, based on Adam Kujawa's talk at RSAC 2022. The post ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat appeared first on Malwarebytes Labs.

BlackBasta, a newish ransomware group that is somehow linked to Conti, has a new Linux variant of its malware that targets VMware ESXi virtual machines. The post BlackBasta is the latest ransomware to target ESXi virtual machines on Linux appeared first on Malwarebytes Labs.

OAuthenticator is an OAuth token library for the JupyerHub login handler. CILogonOAuthenticator is provided by the OAuthenticator package, and lets users log in to a JupyterHub via CILogon. This is primarily used to restrict a JupyterHub only to users of a given institute. The allowed_idps configuration trait of CILogonOAuthenticator is documented to be a list of domains that indicate the institutions whose users are authorized to access this JupyterHub. This authorization is validated by ensuring that the *email* field provided to us by CILogon has a *domain* that matches one of the domains listed in `allowed_idps`.If `allowed_idps` contains `berkeley.edu`, you might expect only users with valid current credentials provided by University of California, Berkeley to be able to access the JupyterHub. However, CILogonOAuthenticator does *not* verify which provider is used by the user to login, only the email address provided. So a user can login with a GitHub account that has email set to...

Apple aims to fix the password problem forever with a single-tap sign in approach known as the passkey. Will it work? The post Apple’s passkeys attempt to solve the password problem appeared first on Malwarebytes Labs.