Businesses need to re-evaluate their cyber-insurance policies as firms like Lloyd's of London continue to add restrictions, including excluding losses related to state-backed cyberattackers.

Companies will need to re-evaluate their cyber-insurance premiums after major insurance companies have adopted exclusions for catastrophic cyberattacks conducted by "state-backed" actors.

This limits the risk that companies can offset with cyber insurance, security and risk experts tell Dark Reading — making taking out a policy potentially not worth it.

In the latest limits on cyber policies, insurance marketplace Lloyd's of London issued a notice on Aug. 16 to its member insurers, or syndicates, requiring that they exclude coverage for state-backed cyberattacks. The motive for the additional restrictions is to protect insurance companies and their underwriters from catastrophic loss, and help manage systemic risk that could overwhelm insurers, Lloyd's market bulletin stated.

**Is Cyber Insurance Still Worth It?**

While the insurers' position is understandable, businesses — which have already seen their premiums skyrocket over the past three years — should question whether insurance still mitigates risk effectively, says Pankaj Goyal, senior vice president of data science and cyber insurance at Safe Security, a cyber-risk analysis firm.

"Insurance works on trust, \[so answer the question,\] 'will an insurance policy keep me whole when a bad event happens?' " he says. "Today, the answer might be 'I don't know.' When customers lose trust, everyone loses, including the insurance companies."

The cyber-insurance industry has seen profits decline sharply in the past decade, as losses jumped from 35% of the revenue from premiums five years ago, to 72% in 2020. To adapt, insurance companies have dramatically raised the cost of policies — by 74% just in 2021, after rising 22% in 2020, according to FitchRatings.

    

Cyber insurance loss ratios peaked at 72% in 2020. Source: FitchRatings

Yet, insurance firms have also focused on limiting their liability. In 2021, global insurance firm AXA decided to stop paying ransoms to cybercriminals. And over the past two years, insurance companies have added act-of-war exclusions to their policies.

In its market bulletin (PDF), Lloyd's argued that the risk posed by cyberattacks continues to evolve and its members need to adapt to the threats posed by large or widely distributed attacks. While wartime risks are often excluded, Lloyd's requires that syndicates go further and ensure that certain policies have "a suitable clause excluding liability for losses arising from any state-backed cyberattack."

"If not managed properly it has the potential to expose the market to systemic risks that syndicates could struggle to manage," the insurance facilitator stated. "In particular, the ability of hostile actors to easily disseminate an attack, the ability for harmful code to spread, and the critical dependency that societies have on their IT infrastructure, including to operate physical assets, means that losses have the potential to greatly exceed what the insurance market is able to absorb."

The decisions come after pharmaceutical firm Merck won its lawsuit against its insurers after they refused to pay its $1.4 billion in business losses sustained in the NotPetya crypto-ransomware attack in 2017. The judge in the case ruled that the insurance policies' act-of-war exclusion did not apply, because the clause was meant to only exclude losses during armed conflicts.

Regardless, the policy changes are poorly thought out, some argue. 

 "Signs point to continued breaches and hacks, resulting in a longer claims process, and more litigations," says Goyal. "Unless the industry can collectively fix the way cyber insurance policies are understood, written and priced, ensuring that they are based on actual data and individual organizational risk — one size does not fit all — there is no end to the challenges and mistrust in cyber insurance."

**Too Broad an Exclusion**

The key problem is that the term "state-backed cyberattack" could be a very broad exclusion, and if abused by the insurance industry, one that will scuttle the usefulness of cyber insurance, experts say.

Attributing an attack to a nation-state is notoriously difficult, says James Turgal, vice president of cyber-risk and strategy for Optiv, a cybersecurity consultancy.

"Even if a computer involved in the attacks was traced back to an IP address located in an Iranian or North Korean military base, that doesn't necessarily mean that it was an attack done with the knowledge of or at the direction of the government's authorities," he says. "It could have been compromised by hackers in other countries \[as a false-flag attempt\]."

Currently, almost two-thirds of companies — 64% — suspect that they have been either directly targeted or impacted by a nation-state attack, says Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. Many of the major sources of cyberattacks against North American, European, and Asian companies come from cybercriminal groups linked in some way with China, Iran, North Korea, or Russia. Whether that link will equate to being "state-backed" is an open question.

"These companies are clearly going to be worried about whether insurers will deem most attacks to be nation-state sponsored," he says. "As a result, we expect most businesses that are serious about security to double down on their efforts to protect themselves from hackers in the first place."

Insurers will have to develop clear guidelines regarding what evidence and data will be used to determine the attribution of an attack, and what behavior patterns or data points they will consider in determining whether an attack is state-backed, he says.

**Time to Beef Up Cyberdefenses**

Indeed, the exclusion will likely result in fewer companies relying on cyber insurance as a way to mitigate catastrophic risk. Instead, companies need to make sure that their cybersecurity controls and measures can mitigate the cost of any catastrophic attack, says David Lindner, chief information security officer at Contrast Security, an application security firm.

Creating data redundancies, such as backups, expanding visibility of network events, using a trusted forensics firm, and training all employees in cybersecurity can all help harden a business against cyberattacks and reduce damages.

"Organizations cannot just rely on their cyber insurance policy and must proactively protect themselves from these catastrophic cyberattacks," Lindner says.

Companies also should not expect insurance firms to reverse course. Their approach is just a continuation of the industry's reactive approach to cyber insurance, says Safe Security's Goyal. Insurance firms have increased premiums, put sub-limits on ransomware, and now, have adopted arguably broad exclusions, which may just result in delayed payouts and an increase in lawsuits when insurers refuse to pay out on a large policy.

Cyber-Insurance Firms Limit Payouts, Risk Obsolescence

Categories: Android
Categories: News
A PDF reader found on Google Play with over one million downloads is aggressively displaying full screen ads, even when the app is not in use.



(Read more...)




The post Adware found on Google Play — PDF Reader servicing up full screen ads appeared first on Malwarebytes Labs.

A PDF reader found on Google Play with over one million downloads is aggressively displaying full screen ads, even when the app is not in use. More specifically, the reader is known as _PDF reader - documents viewer_, package name _com.document.pdf.viewer._ As a result, this aggressive behavior lands it in the realm of adware. Or as we call it, Android/Adware.HiddenAds.PPMA.

**Catching the adware**

Catching this adware in real time is a game of install and wait. It takes a couple of hours before the PDF app will display ads. This long delay is in order to make it harder to track down which app is causing the ads. For example, full screen ads displaying immediately after install would likely result in quick a uninstall. With this in mind, I plugged my test phone into my laptop with _Android Device Monitor_ running. Among other tools, _Android Device Monitor_ includes _LogCat_ which logs all activity on an Android mobile device. I then installed _PDF reader - documents viewer_, package name _com.document.pdf.viewer_, directly from Google Play. Thus, my waiting game begins the morning of August 22nd.

To my surprise, at 15:04 I heard my test phone sound a charm. My expectation from previous testing is that it takes longer before an ad displays. Before unlocking the screen, I checked my _LogCat_ logs.

_08-22 15:04:55.348: I/ActivityManager(765): START u0 {flg=0x14c00004 cmp=com.document.pdf.viewer/.ads.PPMActivity} from uid 10277  
_

The keyword is ‘_START’_ in the log. What starts is an Ad SDK. This time, from the PDF reader’s special in-house Ad SDK, _com.document.pdf.viewer.ads.PPMActivity_.  Unlocking the lock screen, another important log comes in.

_08-22 15:04:56.318: I/ActivityManager(765): Displayed com.document.pdf.viewer/.ads.PPMActivity: +942ms_

Indeed, looking at the phone there is a full screen ad “displayed."

Soon after, another Ad SDK starts in the logs.

_08-22 15:05:34.227: I/ActivityManager(765): START u0 {flg=0x10000000 cmp=com.document.pdf.viewer/com.facebook.ads.AudienceNetworkActivity (has extras)} from uid 10277_

Once again, another ad displays. This time it is a video ad.

_08-22 15:05:34.927: I/ActivityManager(765): Displayed com.document.pdf.viewer/com.facebook.ads.AudienceNetworkActivity: +555ms_

After the initial ads, they come more frequently. Each time, the start of ads is signified by a charm sounding on the mobile device.  Henceforth, a full screen ad is waiting. Immediately after the first ad is a video ad.

**Don’t blame the Ad SDKs**

PDF reader uses an array of common Ad SDKs and its own Ad SDK. Facebook Ads is shown in the log above, but we also observed it using Applovin along with others. In addition, it uses an in-house Ad SDK contained in _com.document.pdf.viewer.ads.PPMActivity._ Although the use of these common Ad SDKs is shown displaying ads, it is not necessarily their fault. The issue is displaying ads where they ought not to be displayed. Any of these ads within the app, whiling using the app, is fair game. Moreover, Ad SDK’s like Applovin and Facebook Ads are necessary to keep apps free on the Play Store. It is only when the ads start displaying outside the app at random that this qualifies as adware. It is the PDF reader app that is wrongfully using these Ad SDKs.

**Not all PDF readers are the same**

There are many good PDF readers on Google Play. However, this one has some oddities signaling red flags right from the Google Play Store description.

Note the _Mature 17+_ content rating. For what reason does a PDF reader need a mature rating? Another clue something is not right is the developer’s name of _Fairy games._ I get diversifying the kinds of apps you provide, but odd developer name for anything other than gaming apps.

**Am I infected?**

If you are thinking to yourself, “_I have a PDF reader installed, am I infected!?”_ here are a few things to check. Are you receiving full screen ads? If yes, do you have an icon that looks like this?

If you do, you can uninstall from _Apps info._

More easily, you can install Malwarebytes for Android and use our **free** scanner to remove.

**Another one slips through**

From what we can tell from previous versions of _PDF reader - documents viewer,_ it has existed since November 2021. Each version thereafter serves ads just like the most recent Google Play version. Although we cannot verify if it existed on Google Play since 2021, it is likely the case. If you have a lot of apps installed on your mobile device, this one can very hard to track down. Another reason to not blindly trust you are safe while installing exclusively from Google Play. Even if the Play Store is by far the safest place to install apps on Android, it can fault from time to time as well. Having an anti-malware scanner, or anti-adware in this case, is a good idea. Stay safe out there! 

**App Information**

Package name: com.document.pdf.viewer

App Name: PDF reader - documents viewer

Developer: Fairy games

MD5: CDA77D85D5B733C89F53254F11F3F372

Google Play URL: https://play.google.com/store/apps/details?id=com.document.pdf.viewer

Adware found on Google Play — PDF Reader servicing up full screen ads

A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.

'704834?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2021-4216: Invalid Bug ID

Various Lexmark products through 2022-04-27 allow External Control of a System or Configuration Setting because of Improper Input Validation.

%PDF-1.7 %���� 1 0 obj <>/Metadata 529 0 R/ViewerPreferences 530 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/ProcSet\[/PDF/Text/ImageB/ImageC/ImageI\] >>/MediaBox\[ 0 0 612 792\] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x���\[o�H����;���X��/��@�I��"�3��^��� \[R,�$zuq�o���L�\]M�\*e��oM��Z���ꖸ�M��������,�����⿯\_�Q��R�X$��4Wb5y��\_�ׯ�}y����2\_��\_I�(R�D�\*�b�ۅK��m\*�����W�)�~������&߇z���p\_��dxe���l�?u6x;~^��l\]��wo��'��������ׯć��h�^��{����f 0�U~E^��W�����

CVE-2022-29850

Key reuse in GoSecure Titan Inbox Detection & Response (IDR) through 2022-04-05 leads to remote code execution. To exploit this vulnerability, an attacker must craft and sign a serialized payload.

%PDF-1.7 %���� 1 0 obj <>/Metadata 74 0 R/ViewerPreferences 75 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/XObject<>/ProcSet\[/PDF/Text/ImageB/ImageC/ImageI\] >>/MediaBox\[ 0 0 612 792\] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��X\[o�0~������>�M\]�\`HC0\*x�x(\]V\*u�h��c��J��M��c;��w�s�W��v2���I<����\[zC��qv�%��O����|9���2���k�ޤ��t5�ӳ���iC(bLB�"\\+j�p�8�J����Ȳ߫^'J�N��^|� �d|��q��É�����<���?2\[�{����nF���뀄\_��m�� ���Ex�j���l֣��\`\\Qa�X=���Db��S�e5���T�F���^�yu� �(s �Wck8�k��0�Rp��׸�i���\]��gY��b�l"�VR��r �����1����\*ť��85�z�}�pqvF��4��" E0��ڍ�2L�;9����Z7��W�2{۞q6 � �U|7���J�Z,#ǒ#���B�gH�7G��e%�0�\*\`\]�$4UO���$Ip��\_$�'u"�/������YȄ���p�V�� c0(|(D�cG�Ň������a�� 2�o�Q�������s>�Dƕ�'�Ւ��$ɨ~J�0�L�X���2wA2�h�a���(�O'.f~� 6��!m�p�� N�#��ݧm�w �rtqF��Y�(�b���y�XZd��e#o�Q{9$q����fc�D'�Q�hl+�jV5{u��>��-��~r.��f��g�q�0mݿ�4��5:���d�Պ�P ʤ=e�l\*���RT����r\] ,Mʧ��Mx,�D��ԥ��o�m��XBy��+!x)��T� #Y4�iڕPe}�TIu��C�E�(ݗ� ς5ZJW�(���F�\`�Z\['������͡U1���$^wD��������Zd+�c�~P�\_��\[�I1{�E��J�d��wxky�)! j���a���Z4�8�����~5\_tD��\_��@j}��@�Z�( x���孮�'�#@-�de@�jD7f\*9v����,����\`�4���z���b�q����vq7����YF���d� endstream endobj 5 0 obj <> endobj 6 0 obj <> endobj 7 0 obj <> endobj 8 0 obj <> endobj 9 0 obj <> endobj 10 0 obj \[ 11 0 R\] endobj 11 0 obj <> endobj 12 0 obj <> endobj 13 0 obj <> endobj 14 0 obj <> endobj 15 0 obj <> endobj 16 0 obj <> endobj 17 0 obj <> endobj 18 0 obj <> endobj 19 0 obj <> endobj 20 0 obj <> stream x��\]�{U��G�nDE��&@�- �H�Wi"H��\*�OD,�/6x� � E�\*H'\[gg���w���$y���dvw�$��s�

CVE-2022-28747

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.

@@ -2530,28 +2530,28 @@ static void ExportIndexQuantum(const Image \*image,QuantumInfo \*quantum\_info,  
for (x=((ssize\_t) number\_pixels-7); x > 0; x-=8) { pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q=((pixel & 0x01) << 7); p+=GetPixelChannels(image); pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q|=((pixel & 0x01) << 6); p+=GetPixelChannels(image); pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q|=((pixel & 0x01) << 5); p+=GetPixelChannels(image); pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q|=((pixel & 0x01) << 4); p+=GetPixelChannels(image); pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q|=((pixel & 0x01) << 3); p+=GetPixelChannels(image); pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q|=((pixel & 0x01) << 2); p+=GetPixelChannels(image); pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q|=((pixel & 0x01) << 1); p+=GetPixelChannels(image); pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q|=((pixel & 0x01) << 0); p+=GetPixelChannels(image); q++; @@ -2561,7 +2561,7 @@ static void ExportIndexQuantum(const Image \*image,QuantumInfo \*quantum\_info, \*q='\\0'; for (bit=7; bit >= (ssize\_t) (8\-(number\_pixels % 8)); bit--) { pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q|=((pixel & 0x01) << (unsigned char) bit); p+=GetPixelChannels(image); } @@ -2576,17 +2576,17 @@ static void ExportIndexQuantum(const Image \*image,QuantumInfo \*quantum\_info,  
for (x=0; x < (ssize\_t) (number\_pixels-1) ; x+=2) { pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q=((pixel & 0xf) << 4); p+=GetPixelChannels(image); pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q|=((pixel & 0xf) << 0); p+=GetPixelChannels(image); q++; } if ((number\_pixels % 2) != 0) { pixel=(unsigned char) GetPixelIndex(image,p); pixel=(unsigned char) ((ssize\_t) GetPixelIndex(image,p)); \*q=((pixel & 0xf) << 4); p+=GetPixelChannels(image); q++; @@ -2597,7 +2597,7 @@ static void ExportIndexQuantum(const Image \*image,QuantumInfo \*quantum\_info, { for (x=0; x < (ssize\_t) number\_pixels; x++) { q=PopCharPixel((unsigned char) GetPixelIndex(image,p),q); q=PopCharPixel((unsigned char) ((ssize\_t) GetPixelIndex(image,p)),q); p+=GetPixelChannels(image); q+=quantum\_info->pad; }

CVE-2021-20224: outside the range of representable values of type 'unsigned char' (#3… · ImageMagick/ImageMagick@5af1dff

An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could allow an attacker to compromise a victim's browser/session. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater.

%PDF-1.7 %���� 81 0 obj <> endobj xref 81 44 0000000016 00000 n 0000001652 00000 n 0000001799 00000 n 0000001841 00000 n 0000002254 00000 n 0000002513 00000 n 0000002678 00000 n 0000002994 00000 n 0000003167 00000 n 0000003403 00000 n 0000003727 00000 n 0000003980 00000 n 0000004031 00000 n 0000004082 00000 n 0000004249 00000 n 0000004814 00000 n 0000005380 00000 n 0000006189 00000 n 0000006326 00000 n 0000006348 00000 n 0000006571 00000 n 0000006867 00000 n 0000006894 00000 n 0000007020 00000 n 0000007181 00000 n 0000007926 00000 n 0000008589 00000 n 0000009391 00000 n 0000010118 00000 n 0000010883 00000 n 0000011112 00000 n 0000011146 00000 n 0000011301 00000 n 0000017419 00000 n 0000017489 00000 n 0000046439 00000 n 0000103056 00000 n 0000103126 00000 n 0000103380 00000 n 0000103722 00000 n 0000103889 00000 n 0000103916 00000 n 0000001483 00000 n 0000001176 00000 n trailer <\]/Prev 121221/XRefStm 1483>> startxref 0 %%EOF 124 0 obj <>stream h�b\`\`\`�+lJ|� �ac\`a��aخ���p��u�\*,<&�5��d�2���������@������ 6�w�i ���10�0�3�e�gTc��p�Q��9�,Nd�gR\`f(�:�(tOC7�e�Ff��L��3�0��\_\`0(d�+�\`���сa"+c�o�����d\`��r�b ����������x�D�� ��-1 endstream endobj 123 0 obj <>/Filter/FlateDecode/Index\[13 68\]/Length 21/Size 81/Type/XRef/W\[1 1 1\]>>stream h�bb�d\`b\`\`�\`x�� endstream endobj 82 0 obj <>/Metadata 11 0 R/Pages 10 0 R/StructTreeRoot 13 0 R/Type/Catalog/ViewerPreferences 83 0 R>> endobj 83 0 obj <> endobj 84 0 obj <>/MediaBox\[0 0 612 792\]/Parent 10 0 R/Resources<>/Font<>/ProcSet\[/PDF/Text/ImageB/ImageC/ImageI\]>>/Rotate 0/StructParents 0/Tabs/S/Type/Page>> endobj 85 0 obj <>/BS<>/F 4/Rect\[69.75 508.42 88.154 530.07\]/StructParent 1/Subtype/Link>> endobj 86 0 obj <>/BS<>/F 4/Rect\[300.75 161.06 463.91 182.72\]/StructParent 2/Subtype/Link>> endobj 87 0 obj \[226 0 0 0 0 0 0 221 303 303 0 0 0 306 252 386 507 507 507 507 0 507 0 507 0 507 0 0 0 0 0 0 0 579 0 533 0 488 459 631 623 252 0 0 420 855 646 0 517 0 543 459 487 0 567 890 0 0 0 0 0 0 0 0 0 479 525 423 525 498 305 471 525 230 239 455 230 799 525 527 525 525 349 391 335 525 452 715 0 453 395 0 460\] endobj 88 0 obj <> endobj 89 0 obj <> endobj 90 0 obj \[215 0 0 0 0 0 0 188 316 316 0 0 200 340 200 350 532 532 532 532 0 532 532 532 532 532 212 0 532 532 532 0 0 609 0 597 645 527 502 660 668 244 0 0 0 777 0 694 545 0 567 522 500 636 587 936 0 0 0 0 0 0 0 0 0 505 535 452 535 508 295 483 539 232 0 479 232 826 539 530 535 0 354 445 355 533 459 738 458 459 438\] endobj 91 0 obj <> endobj 92 0 obj <> endobj 93 0 obj <> endobj 94 0 obj <> endobj 95 0 obj <>stream H�ĕ\[k�0�� ��QD�͒ ���i�A � }(}��5k��VW��'��a�<�k6?d��;W����7����I<�����-\\Ņ�\]��~��uY�Mik����W�>�r���S����{L��Q��\*c��0��M̊0��)�g��0�� �a�(A��w������dR�Bx�dmuP�=�e\\���k(>����a����g�^���2�%���&/u;"��.>�F� '���s&0�9�#M�<����4��h���L���x�/�� � ���8�C�X�!�3c��� ���7O����e�\`�����C'�z�(a���C�S��qhu��W�j����ˠ�G"3��xn@N}�%^\*�<7�ݧ�4�\[?$�Eu��b�d�j�4M^O��SQ��ᴓ1Q$��IF J���$>Y�ۙ��~ �����?�"�M�5PG j\`���1������6�HT���y�n\*�<���C endstream endobj 96 0 obj <>stream H���mk�0����T��gYP ��u��l/�^l���&k�t\[\`~w�V��Y����N?�'���e1k��MY<�����4H�؆�a������� �/4('���,�IP\`�ڃ�Z͒Bi���:j�v��雽�(�l�?B3�@ޠ�������^%nX{�e��I��P��\`�Xa�~���İو@>��g�(�5�O�1e���#"EO00�����yFL�����T�LE�8����Eyط�LW��qQxݕ��Ȩꜯ�����l^L/��x:�\_��:9����W<�JH�\[M�z3\\�����'�ؚO,��e�K)O�/����%�Q8U �w�@H�����˦��y��B ;x\]p%Yg�&�����l��Z��p����w��� �d���e�r�B��h��������\\a�^�\]D��9�YpAhn�4���h5����>�%���ʼ���Z�əY��7�B�g�O��� endstream endobj 97 0 obj <>stream H���QO�0��#�;���iu�$v �@a�&!1Z����@��&\]���wg7��!&-�Dq�;��~wgǃ��x��u��K.�o�$\`��K�\*Zns1� ��+V��z��X|q����|u��x���H<��%>4��\\���uN�p�Q���a�t�vH�|��!h/ ,�$hPuU7|�������d�i�ylu�p͸��ѣ 4��&iK\]sH�x�n���}!-���� H�@e�-9���}�4���j@o{�zC�� Z�2g.�����N�Tl��m�O|v��x�Ckm/�b������i�J����^�@y�-"��,�N�w�S������MN� A:X��(����.�|��r�� ����m��o��G(бP�k���L�4�\*��$��Ȗ�X�P6��c|�\\CwRm�5�\_E���"����f#�UW�"i���Ƹ�L�����3r��h�^,�o��g��1��X�p��0d\]+d�����30u��mM�l�r�ⱑd����.�a0C� ,���+�)̀���H:I��H�q��㦀����,����x��n���9�������G�xR� ��"c~�!�gt� �

CVE-2022-37953

A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (<v07.09.15) could allow an attacker to compromise a victim's browser. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater.

%PDF-1.7 %���� 79 0 obj <> endobj xref 79 44 0000000016 00000 n 0000001648 00000 n 0000001794 00000 n 0000001836 00000 n 0000002248 00000 n 0000002507 00000 n 0000002672 00000 n 0000002984 00000 n 0000003157 00000 n 0000003393 00000 n 0000003717 00000 n 0000003970 00000 n 0000004021 00000 n 0000004072 00000 n 0000004239 00000 n 0000004816 00000 n 0000005466 00000 n 0000006277 00000 n 0000006414 00000 n 0000006436 00000 n 0000006658 00000 n 0000006953 00000 n 0000006980 00000 n 0000007105 00000 n 0000007265 00000 n 0000007935 00000 n 0000008564 00000 n 0000009361 00000 n 0000010171 00000 n 0000010931 00000 n 0000011160 00000 n 0000011194 00000 n 0000011349 00000 n 0000017467 00000 n 0000017537 00000 n 0000047173 00000 n 0000102203 00000 n 0000102273 00000 n 0000102527 00000 n 0000102866 00000 n 0000103033 00000 n 0000103060 00000 n 0000001478 00000 n 0000001176 00000 n trailer <<38D43D8DEAB4B2110A00F021DC6DFD7F>\]/Prev 120019/XRefStm 1478>> startxref 0 %%EOF 122 0 obj <>stream h�b\`\`\`�+l�@(������ð��?z��5��,l� TyYz�^�D���آ��d����2��6��\\�@�c\`alcx��Ϩ�0����sY �Ȥ�T�,�PTu��t�.��xfvf�G�xZ�/0��������-�DV�(�)3�n�\`\`ܦ�X�if� @7�%U�c@��+� endstream endobj 121 0 obj <>/Filter/FlateDecode/Index\[12 67\]/Length 22/Size 79/Type/XRef/W\[1 1 1\]>>stream h�bb�\`\`b\`\`��th� endstream endobj 80 0 obj <>/Metadata 10 0 R/Pages 9 0 R/StructTreeRoot 12 0 R/Type/Catalog/ViewerPreferences 81 0 R>> endobj 81 0 obj <> endobj 82 0 obj <>/MediaBox\[0 0 612 792\]/Parent 9 0 R/Resources<>/Font<>/ProcSet\[/PDF/Text/ImageB/ImageC/ImageI\]>>/Rotate 0/StructParents 0/Tabs/S/Type/Page>> endobj 83 0 obj <>/BS<>/F 4/Rect\[69.75 508.42 88.154 530.07\]/StructParent 1/Subtype/Link>> endobj 84 0 obj <>/BS<>/F 4/Rect\[300.75 161.06 463.91 182.72\]/StructParent 2/Subtype/Link>> endobj 85 0 obj \[226 0 0 0 0 0 0 221 303 303 0 0 0 306 252 0 507 0 507 507 0 507 0 507 0 507 268 0 0 0 0 0 0 579 0 533 615 488 0 631 623 252 0 0 0 855 646 0 517 0 543 459 487 0 567 890 519 0 0 0 0 0 0 0 0 479 525 423 525 498 305 471 525 230 239 455 230 799 525 527 525 0 349 391 335 525 452 715 0 453 395 0 460\] endobj 86 0 obj <> endobj 87 0 obj <> endobj 88 0 obj \[215 0 0 0 0 0 0 188 316 316 0 0 200 340 200 350 532 532 532 532 0 532 532 532 532 532 212 0 532 532 532 0 0 609 0 597 645 527 502 660 668 244 0 0 0 0 0 694 545 0 567 522 500 636 587 936 567 0 0 0 0 0 0 0 0 505 535 452 535 508 295 483 539 232 0 479 232 826 539 530 535 0 354 445 355 533 459 738 458 459 438\] endobj 89 0 obj <> endobj 90 0 obj <> endobj 91 0 obj <> endobj 92 0 obj <> endobj 93 0 obj <>stream H�ĕmk�@��~�y��}r����\\Z\\��B��;�\*MܫnZ��gWIC�Z�����p~;�3��ڔ{�5pvO�Q�/�n�\\7q~:�Z�J�RWq��ٸ��B���f�9|�=���RB��V����n�A�{����$A��|�{��a )���{��$�A\*$\`Ĺ�R�PZy�#\_�|�6X-!�@����6�G�{\[��lF�%Q͈(�2$�@�u�@;�Gd��g ӈ�aX ��N9�l G��#l�Ҝ\`F�\`��lt}�hy�/� ǈ<��ay�N���C�3>f�}�?A.�6�� y���� ��������@ݎ�!�84l�R<M{n ^�s5���c��#)E�?5 #��g%M���j׀7�v\`��א�q���M��=�\*ˇ����) b��ј(��$�&%E�p�kW�bF<(���m �0��ePVP:�t%n�Ht���c\[aU9ʽt凅��js�s� ���:t\_�< 0xy�\` endstream endobj 94 0 obj <>stream H�̕�o�0��#��G��vlK�� �Ti-�:i���C �%���������a9��|���l'{G�,����.�����J��m�5,�8�8�y��c��e�w�M�H��ƥ"5༦G6�P:�Qa,������e=G�ُ�G�J؀��EVJa�j��rS-�F�΋��^�& �n�wB�ijL��F$��\\�?) jKI�P)��mP�Q���2^��J�P%w�VH� � ��\`��-9u���Q�������m����A�I��JsVB��':Iq�Na���Fܲo��W�\]��rt�j���6������0n�H��8�O ������qʯ�wؘh-�ce�\[�U r�M��U�~ٹ�M0�}UӐo�r�L+��6gl�ܰ\[��PoN/׸���}/9

CVE-2022-37952

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter.

CVE-2022-37238: SecurityGateway for Email Servers Release Notes

Increase driven by increasingly sophisticated cyberattacks as well as increase in mobile-based business-critical applications, according to report.

**CHICAGO****, Aug. 24, 2022 /PRNewswire/** -- Penetration Testing Market size is expected to grow from an estimated value of USD 1.4 billion in 2022 to 2.7 billion USD by 2027, at a Compound Annual Growth Rate (CAGR) of 13.7% from 2022 to 2027, according to a new report by MarketsandMarkets™.

Some of the factors that are driving the market growth include regular penetration testing practices required due to strict regulations and compliances; increasing sophistication of cyberattacks, causing organisations to suffer financial and reputational losses; and more people are using smartphones and the internet, leading to an increase in mobile-based business-critical applications.

_Browse in-depth TOC on_ **"Penetration Testing Market"  
401 – Tables  
49 – Figures  
320 – Pages**

**Download PDF Brochure:** https://www.marketsandmarkets.com/pdfdownloadNew.asp?id=13422019

**By deployment mode, the cloud segment is projected to grow with a higher CAGR during the forecast period.**

An authorized, simulated cyberattack on a system that is hosted on a cloud provider, such as Microsoft Azure or Amazons AWS, is known as cloud-based penetration testing. Finding a system's vulnerabilities and strengths allows for an accurate assessment of its security situation, which is the fundamental goal of a cloud penetration test. Increased technical assurance and a greater comprehension of the attack surface that the systems are exposed to are two main advantages of a cloud penetration test. Whether they are Infrastructure as a Service, Platform as a Service, or Software as a Service, cloud systems are susceptible to security vulnerabilities, attacks, and threats similar to traditional systems. Despite cloud service providers providing more effective security measures, it is ultimately the organization's responsibility to secure its cloud-based operations. As a result, businesses must use penetration testing services for the cloud both now and in the future.

**By Type, the web application segment to hold a larger market size during the forecast period.**

With an increase in the use of web applications, the business process has changed along with sharing and accessing data. Because of this, malicious attackers get an opportunity to intrude into the system. Therefore, web application pen testing has become important to defend the application and network. Web application penetration testing simulates unauthorized attacks internally or externally to access sensitive data. This process helps end users discover the possibility for a hacker to access the data from the internet, check out the security of their email servers, and secure the web hosting site and server. Furthermore, the outcomes of web application penetration testing help identify and mitigate the security weaknesses in web applications and other components, such as source code, back-end network, and database associated with application penetration testing.

**Request Sample Pages:** https://www.marketsandmarkets.com/requestsampleNew.asp?id=13422019

**By region, Europe to grow at a significant CAGR during the forecast period.**

Europe comprises the major growing economies, including the UK, Germany, and France. The region has been exhibiting continued growth in adopting penetration-testing solutions. The growing number of mobile users accessing huge amounts of business data and the lack of skills have led to concerns over data security and privacy breaches across the region.

In Europe, penetration testing is mostly adopted to comply with regulations, such as the Payment Card Industry Data Security Standard (PCI DSS) or the EU GDPR. Various regulations and standards have multiple offerings specifically related to system auditing and security and either indicate or specify that penetration testing is necessary to determine whether identified vulnerabilities pose a genuine risk to an organization. Red teaming has become an increasingly present practice in the finance sector. The EU has developed the Threat Intelligence-Based Ethical Red (TIBER) teaming initiative to test the resilience of European financial institutions with regard to cyberattacks.

**Get 10% Free Customization on this Report:** https://www.marketsandmarkets.com/requestCustomizationNew.asp?id=13422019

**Market Players**

Major vendors in the global **Penetration Testing Market** include Rapid7 (US), Secureworks (US), Synopsys (US), CrowdStrike (US), IBM (US), Coalfire Labs (US), Indium Software (US), Cigniti Technologies Ltd. (US), Trustwave (US), Cisco Systems (US), Fortinet (US), Bugcrowd (US), Invicti (US), Hackerone (US), Raxis (US), RSI Security (US), Rhino Security Labs (US), Sciencesoft Limited (US), Portswigger (UK), Netragard (US), Software Secured (Canada), Vumetric Cybersecurity (Canada), Nettitude (UK), Zimperium (US), NowSecure (US), SecurityMetrics (US), NetSPI (US), CovertSwarm (UK), Holm Security (Sweden), Intruder Systems (UK), BreachLock (US), ISECURION (India), and Redbot Security (US).

**Browse Adjacent Markets**: Information Security Market Research Reports & Consulting

**Related Reports:**

**Application Security Market** by Component (Software Tools (SAST and DAST) and Services), Type (Web Application Security and Mobile Application Security), Organization Size, Deployment Mode, Vertical (Healthcare and BFSI), and Region — Global Forecast to 2025

**Automated Breach and Attack Simulation Market** by Offering (Platform and Tools, and Services), Service, Deployment Mode, Application (Configuration Management, Patch Management, and Threat Intelligence), End User, and Region — Global Forecast to 2025

**About MarketsandMarkets™**

MarketsandMarkets™ provides quantified B2B research on 30,000 high growth niche opportunities/threats which will impact 70% to 80% of worldwide companies' revenues. Currently servicing 7,500 customers worldwide, including 80% of global Fortune 1000 companies as clients. Almost 75,000 top officers across eight industries worldwide approach MarketsandMarkets™ for their pain points around revenues decisions.

Our 850 fulltime analyst and SMEs at MarketsandMarkets™ are tracking global high growth markets following the "Growth Engagement Model — GEM". The GEM aims at proactive collaboration with the clients to identify new opportunities, identify most important customers, write "Attack, avoid and defend" strategies, identify sources of incremental revenues for both the company and its competitors. MarketsandMarkets™ now coming up with 1,500 MicroQuadrants (Positioning top players across leaders, emerging companies, innovators, strategic players) annually in high growth emerging segments. MarketsandMarkets™ is determined to benefit more than 10,000 companies this year for their revenue planning and help them take their innovations/disruptions early to the market by providing them research ahead of the curve.

MarketsandMarkets's flagship competitive intelligence and market research platform, "Knowledge Store," connects over 200,000 markets and entire value chains for deeper understanding of the unmet insights along with market sizing and forecasts of niche markets.

Tag

#pdf