Vulnerability Spotlight: Vulnerability in ManageEngine OpManager could lead to XXE attack
XXE attacks allow an adversary to interact with other backend or external systems that OpManager accesses.
Threat Source newsletter (March 30, 2023) — It’s impossible to tell if your home security camera or doorbell is truly safe
Very few of us looking to buy these pieces of equipment are qualified to say if these products are even secure, and those among us who are are probably smart enough to know not to buy these products in the first place.
Vulnerability Spotlight: Specially crafted files could lead to denial of service, information disclosure in OpenImageIO parser
OpenImageIO is a library that converts, compares and processes various image files. Blender and AliceVision, two often used computer imaging services, utilize the library, among other software offerings.
Vulnerability Spotlight: SNIProxy contains remote code execution vulnerability
An attacker could exploit this vulnerability by sending a specially crafted HTTP, TLS or DTLS packet to the target machine, potentially causing a denial of service or gaining the ability to execute remote code.
Threat Source newsletter (March 23, 2023) — Meta is threatening to ban news sharing in Canada. Good.
Facebook users are notoriously the biggest offenders for sharing fake news and misinformation.
Vulnerability Spotlight: Netgear Orbi router vulnerable to arbitrary command execution
Cisco Talos recently discovered four vulnerabilities in the Netgear Orbi mesh wireless system, including the main hub router and satellite routers that extend the network’s range.
Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
If an adversary could capture an authentication packet, it contains all the necessary information to steal the target user’s username and password for the software.
Vulnerability Spotlight: Node-SQLite3 issue could lead to denial of service in Ghost CMS
Due to JSON format limitations, the vulnerability only manifests itself as a remote denial of service in Ghost CMS, which crashes the Node.js process. However, the vulnerability could potentially lead to remote code execution in other products that use it.
Threat Source newsletter (March 16, 2023) — A deep dive into Talos' work in Ukraine
The latest episode of ThreatWise TV from Hazel Burton is the closest look yet at the team Talos assembled in the days after Russia invaded Ukraine.