Red Hat Security Advisory 2023-7509-01 - An update for firefox is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7509.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2023:7509-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7509  
Issue date:         2023-11-27  
Revision:           01  
CVE Names:          CVE-2023-6204  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.5.0 ESR.

Security Fix(es):

* Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204)

* Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205)

* Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206)

* Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207)

* Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212)

* Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208)

* Mozilla: Incorrect parsing of relative URLs starting with \"///\" (CVE-2023-6209)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6204

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2250896  
https://bugzilla.redhat.com/show_bug.cgi?id=2250897  
https://bugzilla.redhat.com/show_bug.cgi?id=2250898  
https://bugzilla.redhat.com/show_bug.cgi?id=2250899  
https://bugzilla.redhat.com/show_bug.cgi?id=2250900  
https://bugzilla.redhat.com/show_bug.cgi?id=2250901  
https://bugzilla.redhat.com/show_bug.cgi?id=2250902

Red Hat Security Advisory 2023-7509-01

Red Hat Security Advisory 2023-7508-01 - An update for firefox is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7508.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2023:7508-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7508  
Issue date:         2023-11-27  
Revision:           01  
CVE Names:          CVE-2023-6204  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.5.0 ESR.

Security Fix(es):

* Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204)

* Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205)

* Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206)

* Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207)

* Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212)

* Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208)

* Mozilla: Incorrect parsing of relative URLs starting with \"///\" (CVE-2023-6209)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6204

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2250896  
https://bugzilla.redhat.com/show_bug.cgi?id=2250897  
https://bugzilla.redhat.com/show_bug.cgi?id=2250898  
https://bugzilla.redhat.com/show_bug.cgi?id=2250899  
https://bugzilla.redhat.com/show_bug.cgi?id=2250900  
https://bugzilla.redhat.com/show_bug.cgi?id=2250901  
https://bugzilla.redhat.com/show_bug.cgi?id=2250902

Red Hat Security Advisory 2023-7508-01

Red Hat Security Advisory 2023-7507-01 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7507.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2023:7507-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7507  
Issue date:         2023-11-27  
Revision:           01  
CVE Names:          CVE-2023-6204  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.5.0 ESR.

Security Fix(es):

* Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204)

* Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205)

* Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206)

* Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207)

* Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212)

* Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208)

* Mozilla: Incorrect parsing of relative URLs starting with \"///\" (CVE-2023-6209)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6204

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2250896  
https://bugzilla.redhat.com/show_bug.cgi?id=2250897  
https://bugzilla.redhat.com/show_bug.cgi?id=2250898  
https://bugzilla.redhat.com/show_bug.cgi?id=2250899  
https://bugzilla.redhat.com/show_bug.cgi?id=2250900  
https://bugzilla.redhat.com/show_bug.cgi?id=2250901  
https://bugzilla.redhat.com/show_bug.cgi?id=2250902

Red Hat Security Advisory 2023-7507-01

Red Hat Security Advisory 2023-7506-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7506.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2023:7506-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7506  
Issue date:         2023-11-27  
Revision:           01  
CVE Names:          CVE-2023-6204  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 115.5.0.

Security Fix(es):

* Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204)

* Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205)

* Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206)

* Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207)

* Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212)

* Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208)

* Mozilla: Incorrect parsing of relative URLs starting with \"///\" (CVE-2023-6209)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6204

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2250896  
https://bugzilla.redhat.com/show_bug.cgi?id=2250897  
https://bugzilla.redhat.com/show_bug.cgi?id=2250898  
https://bugzilla.redhat.com/show_bug.cgi?id=2250899  
https://bugzilla.redhat.com/show_bug.cgi?id=2250900  
https://bugzilla.redhat.com/show_bug.cgi?id=2250901  
https://bugzilla.redhat.com/show_bug.cgi?id=2250902

Red Hat Security Advisory 2023-7506-01

Red Hat Security Advisory 2023-7505-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7505.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2023:7505-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7505  
Issue date:         2023-11-27  
Revision:           01  
CVE Names:          CVE-2023-6204  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 115.5.0.

Security Fix(es):

* Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204)

* Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205)

* Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206)

* Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207)

* Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212)

* Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208)

* Mozilla: Incorrect parsing of relative URLs starting with \"///\" (CVE-2023-6209)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6204

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2250896  
https://bugzilla.redhat.com/show_bug.cgi?id=2250897  
https://bugzilla.redhat.com/show_bug.cgi?id=2250898  
https://bugzilla.redhat.com/show_bug.cgi?id=2250899  
https://bugzilla.redhat.com/show_bug.cgi?id=2250900  
https://bugzilla.redhat.com/show_bug.cgi?id=2250901  
https://bugzilla.redhat.com/show_bug.cgi?id=2250902

Red Hat Security Advisory 2023-7505-01

Red Hat Security Advisory 2023-7504-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a use-after-free vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7504.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2023:7504-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7504  
Issue date:         2023-11-27  
Revision:           01  
CVE Names:          CVE-2023-6204  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 115.5.0.

Security Fix(es):

* Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204)

* Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205)

* Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206)

* Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207)

* Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212)

* Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208)

* Mozilla: Incorrect parsing of relative URLs starting with \"///\" (CVE-2023-6209)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6204

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2250896  
https://bugzilla.redhat.com/show_bug.cgi?id=2250897  
https://bugzilla.redhat.com/show_bug.cgi?id=2250898  
https://bugzilla.redhat.com/show_bug.cgi?id=2250899  
https://bugzilla.redhat.com/show_bug.cgi?id=2250900  
https://bugzilla.redhat.com/show_bug.cgi?id=2250901  
https://bugzilla.redhat.com/show_bug.cgi?id=2250902

Red Hat Security Advisory 2023-7504-01

Red Hat Security Advisory 2023-7503-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7503.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2023:7503-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7503  
Issue date:         2023-11-27  
Revision:           01  
CVE Names:          CVE-2023-6204  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 115.5.0.

Security Fix(es):

* Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204)

* Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205)

* Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206)

* Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207)

* Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212)

* Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208)

* Mozilla: Incorrect parsing of relative URLs starting with \"///\" (CVE-2023-6209)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6204

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2250896  
https://bugzilla.redhat.com/show_bug.cgi?id=2250897  
https://bugzilla.redhat.com/show_bug.cgi?id=2250898  
https://bugzilla.redhat.com/show_bug.cgi?id=2250899  
https://bugzilla.redhat.com/show_bug.cgi?id=2250900  
https://bugzilla.redhat.com/show_bug.cgi?id=2250901  
https://bugzilla.redhat.com/show_bug.cgi?id=2250902

Red Hat Security Advisory 2023-7503-01

By Deeba Ahmed
The victim company, Gellyberry Studios, an independent game studio, developed Ethyrial: Echoes of Yore.
This is a post from HackRead.com Read the original post: Ethyrial: Echoes of Yore Hit by Ransomware, Player Accounts Deleted

As of now, no known ransomware gang has claimed responsibility for the cyberattack on Ethyrial: Echoes of Yore developers.

A devastating ransomware attack has wiped out a whopping 17,000 player accounts in the famous indie online MMORPG game Ethyrial: Echoes of Yore. The attack occurred on Friday in which all in-game items and progress got erased. 

Ethyrial: Echoes of Yore is developed by Gellyberry Studios, an independent game studio. It is a free-to-play old-school MMORPG in its early access phase on Steam. The game currently relies on monthly subscriptions and community support.

As per the official announcement from Gellyberry Studios, the attackers targeted the game’s Discord server and encrypted all data stored in the system and the local backup drive. 

“Last Friday morning, our server succumbed to a cryptographic ransomware attack. The attack systematically encrypted all data on the system/local backup drive and demanded a bitcoin ransom in exchange for decryption,” the statement read.

Attackers left a ransom demand, asking for payment in Bitcoin in exchange for data decryption. The developers have refused to pay the ransom, claiming that hackers usually deceive victims after receiving the payment.

Since the attackers compromised the backups as well, the developers had to rebuild the server and create new account and character databases. This will be a painstaking process as they had to reconstruct all the 17,000 impacted accounts manually.

The company stated they are “committed to restoring every item, level, pet, and other lost progress” as soon as the servers are restored. Furthermore, they want to compensate affected players for the issue by gifting them a complimentary premium pet.

The developers have also outlined a thorough security plan to prevent similar attacks in the future. This includes implementing decentralized backups, establishing VPN connections to their server, and introducing a whitelist for authorized IP addresses to access their server.

It is unclear who is responsible for the attack, as no specific group has come forward to claim responsibility. However, given the kind of items stolen, including character progression and virtual items, it seems unlikely that the attacker would sell the data on the Dark Web.

This isn’t the first time a game developer has suffered a ransomware attack. For example, in February 2021, game developer CD PROJEKT RED, the creator of Witcher 3, became a target of HelloKitty ransomware.

Then, in January 2023, League of Legends and Valorant creator Riot Games was threatened to pay a ransom of $10,000,000 to prevent hackers from leaking stolen source code. But unlike other instances, this time it’s the players who have been impacted instead of the company.

****_RELATED ARTICLES_****

1.  **Fake Cyberpunk 2077 Android App Delivering Ransomware**
2.  **How gamers should secure their accounts from cyber attacks**
3.  **Game giant Electronic Arts is the latest victim of massive data breach**
4.  **Android game developer EskyFun exposed 1 million gamers to hackers**
5.  **New BloodyStealer malware steals data from gamers on EA, Epic, Steam**

Ethyrial: Echoes of Yore Hit by Ransomware, Player Accounts Deleted

As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches.
Sentra's DSPM (Data Security Posture Management) emerges as a comprehensive solution, offering continuous discovery and accurate classification of sensitive data in the cloud.

Data Security / Posture Management

As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches.

Sentra's DSPM (Data Security Posture Management) emerges as a comprehensive solution, offering continuous discovery and accurate classification of sensitive data in the cloud.

This informative webinar, "Securing Sensitive Data Starts with Discovery and Classification: SoFi's DSPM Story" unveils the success story of SoFi, a pioneering cloud-native financial services provider, and its journey with Sentra's DSPM. It explores the challenges and triumphs in securing cloud data and a roadmap to implementing effective DSPM strategies in your organization.

****Expert Panel:****

*   **Aviv Zisso:** As Director of Customer Success at Sentra, Aviv brings deep insights into data security needs and solutions.
*   **Pritam H Mungse:** SoFi's Director of Product Security, Pritam, has a wealth of experience navigating complex security landscapes.
*   **Zachary Schulze:** Zachary, a Senior Staff Application Security Engineer at SoFi, offers a practical perspective on applying DSPM in real-world scenarios.

These industry experts will share their firsthand experiences, challenges, and successes in implementing DSPM at SoFi.

****Key Takeaways:****

*   Discover and classify your sensitive cloud data to enrich data catalogs and build internal dashboards.
*   Determine your data security posture and risk level by considering various factors, such as environments, internal policies, and data sensitivity.
*   Monitor for suspicious activity and threats.

This webinar is tailored for IT professionals, including CISOs, security analysts, IT managers, and anyone involved in data security and cloud management. Whether you're looking to refine your organization's data security strategy or seeking insights into the latest trends and practices, this session is for you.

Expect a dynamic session with real-life case studies, interactive Q&A, and practical takeaways that you can implement in your organization.

Secure your place in this must-attend webinar. Join us on December 13 to gain pivotal insights into securing cloud data. This is an unmissable opportunity for professionals seeking to elevate their data security methodologies with Sentra's DSPM.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Transform Your Data Security Posture – Learn from SoFi's DSPM Success

Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges.
"Such exploitation could result in theft of emails from Gmail, data exfiltration from Google Drive, or other

Data Security / Data Breach

Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges.

"Such exploitation could result in theft of emails from Gmail, data exfiltration from Google Drive, or other unauthorized actions within Google Workspace APIs on all of the identities in the target domain," cybersecurity firm Hunters said in a technical report shared with The Hacker News.

The design weakness – which remains active to this date – has been codenamed **DeleFriend** for its ability to manipulate existing delegations in the Google Cloud Platform (GCP) and Google Workspace without possessing super admin privileges.

Domain-wide delegation, per Google, is a "powerful feature" that allows third-party and internal apps to access users' data across an organization's Google Workspace environment.

The vulnerability is rooted in the fact that a domain delegation configuration is determined by the service account resource identifier (OAuth ID), and not the specific private keys associated with the service account identity object.

As a result, potential threat actors with less privileged access to a target GCP project could "create numerous JSON web tokens (JWTs) composed of different OAuth scopes, aiming to pinpoint successful combinations of private key pairs and authorized OAuth scopes which indicate that the service account has domain-wide delegation enabled."

To put it differently, an IAM identity that has access to create new private keys to a relevant GCP service account resource that has existing domain-wide delegation permission can be leveraged to create a fresh private key, which can be used to perform API calls to Google Workspace on behalf of other identities in the domain.

Successful exploitation of the flaw could allow exfiltration of sensitive data from Google services like Gmail, Drive, Calendar, and others. Hunters has also made available a proof-of-concept (PoC) that can be utilized to detect DWD misconfigurations.

"The potential consequences of malicious actors misusing domain-wide delegation are severe," Hunters security researcher Yonatan Khanashvili said. "Instead of affecting just a single identity, as with individual OAuth consent, exploiting DWD with existing delegation can impact every identity within the Workspace domain.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#web