RECONZ CYBER SECURITY NEWS & UPDATES: May 2022

Tuesday, May 31, 2022

Cyber Analyst Q&A: Security Lessons from Lincoln College - Government Technology

Cyber Analyst Q&A: Security Lessons from Lincoln College Government Technology
http://dlvr.it/SRPJ9S

Digital Crime Causes Firms to Look Abroad for Better Cybersecurity - Nearshore Americas

Digital Crime Causes Firms to Look Abroad for Better Cybersecurity Nearshore Americas
http://dlvr.it/SRPJ7Z

How to strengthen cyber security the right way - The Indian Express

How to strengthen cyber security the right way The Indian Express
http://dlvr.it/SRNwyS

Tech jargon and hyper CISOs weaken cyber security strategies - ITWeb

Tech jargon and hyper CISOs weaken cyber security strategies ITWeb
http://dlvr.it/SRNTyN

Interpol Nabs 3 Nigerian Scammers Behind Malware-based Attacks

Interpol on Monday announced the arrest of three suspected global scammers in Nigeria for using remote access trojans (RATs) such as Agent Tesla to facilitate malware-enabled cyber fraud. "The men are thought to have used the RAT to reroute financial transactions, stealing confidential online connection details from corporate organizations, including oil and gas companies in South East Asia, the
http://dlvr.it/SRMxyL

Monday, May 30, 2022

Compliance does not equal security: cybersecurity expert insights - tripwire.com

Compliance does not equal security: cybersecurity expert insights tripwire.com
http://dlvr.it/SRL136

CVE-2022-30838

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=update_application_status (CVSS:7.5) (Last Update:2022-05-30)
http://dlvr.it/SRL12N

Resecurity® Debuts Cyber Threat Intelligence Solutions at MILIPOL Qatar 2022 Before the Upcoming FIFA World Cup USA - English - USA - English - PR Newswire

Resecurity® Debuts Cyber Threat Intelligence Solutions at MILIPOL Qatar 2022 Before the Upcoming FIFA World Cup USA - English - USA - English PR Newswire
http://dlvr.it/SRKjJJ

EU toughens cyber-security rules across the continent - E&T Magazine

EU toughens cyber-security rules across the continent E&T Magazine
http://dlvr.it/SRKJyX

FBI Warns About Hackers Selling VPN Credentials for U.S. College Networks

Network credentials and virtual private network (VPN) access for colleges and universities based in the U.S. are being advertised for sale on underground and public criminal marketplaces. "This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations," the U.S.
http://dlvr.it/SRJqGd

Sunday, May 29, 2022

How to stop your staff ignoring cybersecurity advice - TechRadar

How to stop your staff ignoring cybersecurity advice TechRadar
http://dlvr.it/SRGzph

Civil nuclear cyber security strategy 2022 - GOV.UK

Civil nuclear cyber security strategy 2022 GOV.UK
http://dlvr.it/SRGzpH

Experts explain why cyber security is key for small businesses - WRDW

Experts explain why cyber security is key for small businesses WRDW
http://dlvr.it/SRGkTt

Funding women-led cybersecurity startups: Where are we at? - Help Net Security

Funding women-led cybersecurity startups: Where are we at? Help Net Security
http://dlvr.it/SRGQqb

CVE-2022-30461

Water-billing-management-system v1.0 is vulnerable to SQL Injection via /wbms/classes/Master.php?f=delete_client, id (CVSS:7.5) (Last Update:2022-05-28)
http://dlvr.it/SRG5s1

Saturday, May 28, 2022

Naveen opens cyber security op centre - Times of India

Naveen opens cyber security op centre Times of India
http://dlvr.it/SRDZbh

Why cyber security can't just say “no“ - Help Net Security

Why cyber security can't just say “no“ Help Net Security
http://dlvr.it/SRDZPb

Top five recent cyber-attacks you should know about | Cyber Security Hub - Cyber Security Hub

Top five recent cyber-attacks you should know about | Cyber Security Hub Cyber Security Hub
http://dlvr.it/SRDZNF

New York Man Sentenced to 4 Years in Transnational Cybercrime Scheme

A 37-year-old man from New York has been sentenced to four years in prison for buying stolen credit card information and working in cahoots with a cybercrime cartel known as the Infraud Organization. John Telusma, who went by the alias "Peterelliot," pleaded guilty to one count of racketeering conspiracy on October 13, 2021. He joined the gang in August 2011 and remained a member for
http://dlvr.it/SRDGfV

Microsoft Finds Critical Bugs in Pre-Installed Apps on Millions of Android Devices

Four high severity vulnerabilities have been disclosed in a framework used by pre-installed Android System apps with millions of downloads. The issues, now fixed by its Israeli developer MCE Systems, could have potentially allowed threat actors to stage remote and local attacks or be abused as vectors to obtain sensitive information by taking advantage of their extensive system privileges. "As
http://dlvr.it/SRCwR7

Friday, May 27, 2022

CVE-2022-30518

ChatBot Application with a Suggestion Feature 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /simple_chat_bot/admin/responses/view_response.php. (CVSS:7.5) (Last Update:2022-05-26)
http://dlvr.it/SR9lvB

CVE-2022-30600

A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. (CVSS:7.5) (Last Update:2022-05-26)
http://dlvr.it/SR9lPN

CVE-2022-30599

A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. (CVSS:7.5) (Last Update:2022-05-26)
http://dlvr.it/SR9lLD

Nearly 100,000 NPM Users' Credentials Stolen in GitHub OAuth Breach

Cloud-based repository hosting service GitHub on Friday shared additional details into the theft of GitHub integration OAuth tokens last month, noting that the attacker was able to access internal NPM data and its customer information. "Using stolen OAuth user tokens originating from two third-party integrators, Heroku and Travis CI, the attacker was able to escalate access to NPM infrastructure
http://dlvr.it/SR9kLm

Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller, and Firewall Devices

Zyxel has released patches to address four security flaws affecting its firewall, AP Controller, and AP products to execute arbitrary operating system commands and steal select information. The list of security vulnerabilities is as follows - CVE-2022-0734 - A cross-site scripting (XSS) vulnerability in some firewall versions that could be exploited to access information stored in the user's
http://dlvr.it/SR9CkZ

Thursday, May 26, 2022

Cyber Security Month - The dangers behind the blockchain evolution - Business Leader

Cyber Security Month - The dangers behind the blockchain evolution Business Leader
http://dlvr.it/SR6S8G

10 tips to develop cybersecurity knowledge within organizations - Security Magazine

10 tips to develop cybersecurity knowledge within organizations Security Magazine
http://dlvr.it/SR6RvW

Improving Cybersecurity for Critical Access and Rural Hospitals Jul 14 | AHA - American Hospital Association

Improving Cybersecurity for Critical Access and Rural Hospitals Jul 14 | AHA American Hospital Association
http://dlvr.it/SR6RXN

Cyberattacks likely to rise in wake of Ukraine War. This is what Estonia learnt from Web War One - Euronews

Cyberattacks likely to rise in wake of Ukraine War. This is what Estonia learnt from Web War One Euronews
http://dlvr.it/SR6RTb

CVE-2022-30767

nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196. (CVSS:7.5) (Last Update:2022-05-25)
http://dlvr.it/SR5wvM

Wednesday, May 25, 2022

CVE-2022-30778

Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in Illuminate\Broadcasting\PendingBroadcast.php and dispatch($command) in Illuminate\Bus\QueueingDispatcher.php. (CVSS:7.5) (Last Update:2022-05-24)
http://dlvr.it/SR2c3n

CVE-2022-30011

In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability. (CVSS:7.5) (Last Update:2022-05-24)
http://dlvr.it/SR2bVH

CVE-2022-30763

Janet before 1.22.0 mishandles arrays. (CVSS:7.5) (Last Update:2022-05-24)
http://dlvr.it/SR2Zpp

CVE-2022-30765

Calibre-Web before 0.6.18 allows user table SQL Injection. (CVSS:7.5) (Last Update:2022-05-24)
http://dlvr.it/SR2ZlW

Popular PyPI Package 'ctx' and PHP Library 'phpass' Hijacked to Steal AWS Keys

Two trojanized Python and PHP packages have been uncovered in what's yet another instance of a software supply chain attack targeting the open source ecosystem. One of the packages in question is "ctx," a Python module available in the PyPi repository. The other involves "phpass," a PHP package that's been forked on GitHub to distribute a rogue update. "In both cases the attacker appears to have
http://dlvr.it/SR2Yxj

Tuesday, May 24, 2022

CVE-2022-30392

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category. (CVSS:7.5) (Last Update:2022-05-23)
http://dlvr.it/SQyxjB

CVE-2022-30391

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category. (CVSS:7.5) (Last Update:2022-05-23)
http://dlvr.it/SQyx4f

CVE-2022-30387

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order. (CVSS:7.5) (Last Update:2022-05-23)
http://dlvr.it/SQywcS

CVE-2022-30386

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured. (CVSS:7.5) (Last Update:2022-05-23)
http://dlvr.it/SQyw6C

CVE-2022-30385

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_order. (CVSS:7.5) (Last Update:2022-05-23)
http://dlvr.it/SQyw5h

Wednesday, May 4, 2022

CVE-2022-29077

A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers to cause a crash or execute commands remotely on a rippled node, which may lead to XRPL mainnet DoS or compromise. This exposes all digital assets on the XRPL to a security threat. (CVSS:7.5) (Last Update:2022-05-04)
http://dlvr.it/SPn1Fc

CVE-2022-29264

An issue was discovered in coreboot 4.13 through 4.16. On APs, arbitrary code execution in SMM may occur. (CVSS:7.5) (Last Update:2022-05-04)
http://dlvr.it/SPn0xp

CVE-2022-28743

Time-of-check Time-of-use (TOCTOU) Race Condition vulerability in Foscam R2C IP camera running System FW
http://dlvr.it/SPn0xL

Critical National Infrastructure Cyber Security Market Brief Analysis Of Top Leading Companies From 2022-2028 – Queen Anne and Mangolia News - Queen Anne and Mangolia News

Critical National Infrastructure Cyber Security Market Brief Analysis Of Top Leading Companies From 2022-2028 – Queen Anne and Mangolia News Queen Anne and Mangolia News
http://dlvr.it/SPmBqx

Ukraine War Themed Files Become the Lure of Choice for a Wide Range of Hackers

A growing number of threat actors are using the ongoing Russo-Ukrainian war as a lure in various phishing and malware campaigns, even as critical infrastructure entities continue to be heavily targeted. "Government-backed actors from China, Iran, North Korea and Russia, as well as various unattributed groups, have used various Ukraine war-related themes in an effort to get targets to open
http://dlvr.it/SPldwj

Tuesday, May 3, 2022

Applications for artificial intelligence in Department of Defense cyber missions - Microsoft On the Issues - Microsoft

Applications for artificial intelligence in Department of Defense cyber missions - Microsoft On the Issues Microsoft
http://dlvr.it/SPjlBp

5 Cybersecurity Threats That Aren't Going Away | eWEEK - eWeek

5 Cybersecurity Threats That Aren't Going Away | eWEEK eWeek
http://dlvr.it/SPjl1s

W-S startup Salem Cyber, promising 'a paradigm shift' in cybersecurity, raises $250K seed round - WRAL TechWire

W-S startup Salem Cyber, promising 'a paradigm shift' in cybersecurity, raises $250K seed round WRAL TechWire
http://dlvr.it/SPjkzp

Opinion: The Great Resignation’s title cybersecurity risk - HousingWire

Opinion: The Great Resignation’s title cybersecurity risk HousingWire
http://dlvr.it/SPhvGR

GitHub Says Recent Attack Involving Stolen OAuth Tokens Was "Highly Targeted"

Cloud-based code hosting platform GitHub described the recent attack campaign involving the abuse of OAuth access tokens issued to Heroku and Travis-CI as "highly targeted" in nature. "This pattern of behavior suggests the attacker was only listing organizations in order to identify accounts to selectively target for listing and downloading private repositories," GitHub's Mike Hanley said in an
http://dlvr.it/SPhKq7

Monday, May 2, 2022

Automotive Cybersecurity: More Than In–Vehicle and Cloud - EETimes

Automotive Cybersecurity: More Than In–Vehicle and Cloud EETimes
http://dlvr.it/SPfRLn

Cybersecurity skills gap contributes to breaches, security pros say - SC Media

Cybersecurity skills gap contributes to breaches, security pros say SC Media
http://dlvr.it/SPfRLC

3 Spring Cleaning Tips for Improving Cybersecurity Hygiene - Security Boulevard

3 Spring Cleaning Tips for Improving Cybersecurity Hygiene Security Boulevard
http://dlvr.it/SPf44g

Cybersecurity quarterly benchmarks: Q1, 2022 - Cybersecurity Dive

Cybersecurity quarterly benchmarks: Q1, 2022 Cybersecurity Dive
http://dlvr.it/SPdcjS

Here's a New Tool That Scans Open-Source Repositories for Malicious Packages

The Open Source Security Foundation (OpenSSF) has announced the initial prototype release of a new tool that's capable of carrying out dynamic analysis of all packages uploaded to popular open source repositories. Called the Package Analysis project, the initiative aims to secure open-source packages by detecting and alerting users to any malicious behavior with the goal of bolstering the
http://dlvr.it/SPd5Jw