Cyber Security

Oracle’s October 2021 CPU Contains 419 Safety Patches

Oracle on Tuesday introduced the discharge of its newest quarterly Essential Patch Replace (CPU), which features a whole of 419 safety patches for vulnerabilities throughout the corporate’s portfolio.

Simply over half of the patches tackle vulnerabilities that might be exploited remotely with out authentication, Oracle introduced.

Of the 419 new safety patches within the October 2021 CPU, 36 cope with vital vulnerabilities, with one in all them that includes a CVSS rating of 10. The CPU additionally addresses 60 vulnerabilities that characteristic a CVSS rating between 8 and 9.

Oracle Communications obtained the most important variety of patches on this CPU, at 71. Of those, 56 vulnerabilities might be exploited remotely with out authentication.

MySQL additionally obtained numerous fixes, particularly 66. Exploitation of 10 of the addressed points may be executed remotely, with out authentication.

Monetary Companies Functions obtained 44 safety patches (26 of the vulnerabilities might be exploited by distant, unauthenticated attackers), whereas Fusion Middleware obtained 38 (30 safety holes remotely exploitable with out authentication).

Different Oracle software program to have obtained greater than ten safety fixes contains Retail Functions (26 patches – together with 9 flaws remotely exploitable with out authentication), Communications Functions (19 – 14), E-Enterprise Suite (18 – 4), PeopleSoft (17 – 8), Insurance coverage Functions (16 – 11), Java SE (15 – 13), Development and Engineering (12 – 7), and JD Edwards (11 – 8).

Oracle additionally launched safety patches for Commerce, Database Server, Essbase, Enterprise Supervisor, GoldenGate, Graph Server and Shopper, Well being Sciences Functions, Hospitality Functions, Hyperion, REST Information Companies, Safe Backup, Siebel CRM, Provide Chain, Methods, Utilities Functions, and Virtualization.

The corporate introduced that, whereas no new patches had been launched for World Lifecycle Administration, NoSQL, Spatial Studio, and SQL Developer, updates rolling out for them tackle third-party vulnerabilities.

Among the safety patches launched for different Oracle software program tackle further vulnerabilities as effectively, together with in third-party parts.

As standard, Oracle urges customers and directors to use the newly launched patches in a well timed method, warning that attackers are always concentrating on recognized vulnerabilities in its merchandise, for which fixes can be found.

“In some cases, it has been reported that attackers have been profitable as a result of focused prospects had failed to use accessible Oracle patches. Oracle subsequently strongly recommends that prospects stay on actively-supported variations and apply Essential Patch Replace safety patches directly,” the corporate says.

Oracle plans to launch the following quarterly CPU on January 18, 2022.

Associated: Oracle Releases July 2021 CPU With 342 Security Patches

Associated: Oracle Delivers 390 Security Fixes With April 2021 CPU

Associated: Oracle’s January 2021 CPU Contains 329 New Security Patches

view counter

Ionut Arghire is a world correspondent for SecurityWeek.

Earlier Columns by Ionut Arghire:

Source link

Cyber Security

NFT Market OpenSea Patches Flaw Probably Resulting in Cryptocurrency Theft

OpenSea, the world’s largest NFT market, has addressed a safety vulnerability that might have allowed hackers to hijack consumer accounts and empty their crypto wallets with the assistance of maliciously crafted NFTs (non-fungible tokens).

The difficulty was found by safety researchers with Test Level, following complaints from OpenSea customers of crypto-theft makes an attempt after receiving and opening free airdropped NFTs.

NFTs are distinctive and non-interchangeable items of knowledge that can be utilized to characterize easily-reproducible objects corresponding to movies, audio and pictures as distinctive objects.

The safety defect recognized by Test Level couldn’t be exploited with out consumer interplay. The malicious NFTs would set off pop-up messages on which the consumer needed to settle for subsequent operations that allowed hackers to seize their account data.

Particularly, the message would request for the consumer to permit a connection to their cryptocurrency pockets. With such pop-ups widespread on OpenSea for different actions, customers would probably verify the connection with out an excessive amount of pondering.

Thus, the sufferer believed they have been enabling motion on the acquired gifted NFT, however they have been in reality offering the hackers with entry to their pockets.

Subsequently, the hackers might provoke a fraudulent transaction from the sufferer’s pockets to an attacker-controlled pockets, which might set off one other pop-up message from OpenSea’s storage area.

Ought to the sufferer settle for the transaction with out noticing what it was all about, their wallets would have been emptied.

It’s price noting that the vulnerability was recognized in the course of the cybersecurity agency’s investigation into reviews of pockets thefts, however this doesn’t look like the flaw leveraged in these assaults.

Test Level says they knowledgeable OpenSea of the found safety gap on September 26 and that the platform addressed the problem inside an hour after receiving the report.

“These assaults would have relied on customers approving malicious exercise via a third-party pockets supplier by connecting their pockets and offering a signature for the malicious transaction. Now we have been unable to establish any situations the place this vulnerability was exploited,” OpenSea stated.

Customers are suggested to rigorously examine all the pop-up messages they obtain and what’s requested from them, to establish suspicious requests and reject them.

In August 2021, OpenSea recorded $3.4 billion in transaction quantity.

Associated: New ‘Hildegard’ Malware Targets Kubernetes Systems

Associated: Sophos: Crypto-Jacking Campaign Linked to Iranian Company

view counter

Ionut Arghire is a global correspondent for SecurityWeek.

Earlier Columns by Ionut Arghire:

Source link

Cyber Security

Cisco Patches Excessive-Severity Vulnerabilities in Safety Home equipment, Enterprise Switches

Cisco this week launched patches for a number of high-severity vulnerabilities affecting its Net Safety Equipment (WSA), Intersight Digital Equipment, Small Enterprise 220 switches, and different merchandise.

Profitable exploitation of those vulnerabilities might enable attackers to trigger a denial of service (DoS) situation, execute arbitrary instructions as root, or elevate privileges.

Two high-severity points (CVE-2021-34779, CVE-2021-34780) had been discovered within the Hyperlink Layer Discovery Protocol (LLDP) implementation for Small Enterprise 220 sequence good switches, resulting in the execution of arbitrary code and a denial of service situation.

The software program replace launched for the enterprise swap sequence additionally resolves 4 medium-severity safety flaws that would end in LLDP reminiscence corruption on an affected machine.

One other extreme vulnerability is an inadequate enter validation within the Intersight Digital Equipment. Tracked as CVE-2021-34748, the safety gap might result in the execution of arbitrary instructions with root privileges.

This week Cisco additionally resolved two high-severity vulnerabilities within the ATA 190 sequence and ATA 190 sequence multiplatform (MPP) software program. Tracked as CVE-2021-34710 and CVE-2021-34735, the issues may very well be exploited for distant code execution and to trigger a denial of service (DoS) situation, respectively.

One among these vulnerabilities was reported to Cisco by firmware safety firm IoT Inspector, which described its findings in an advisory revealed on Thursday.

Cisco additionally addressed an improper reminiscence administration flaw in AsyncOS for Net Safety Equipment (WSA) that would result in DoS, in addition to a race situation within the AnyConnect Safe Mobility Shopper for Linux and macOS that may very well be abused to execute arbitrary code with root privileges.

One other high-severity flaw addressed this week is CVE-2021-1594, an inadequate enter validation within the REST API of Cisco Id Providers Engine (ISE). An attacker in a man-in-the-middle place in a position to decrypt HTTPS site visitors between two ISE personas on separate nodes might exploit the flaw to execute arbitrary instructions with root privileges.

Cisco additionally launched patches for a number of medium-severity flaws affecting TelePresence CE and RoomOS, Good Software program Supervisor On-Prem, 220 sequence enterprise switches, Id Providers Engine, IP Cellphone software program, Electronic mail Safety Equipment (ESA), DNA Heart, and Orbital.

Cisco has launched patches for these vulnerabilities and says it isn’t conscious of exploits for them being publicly disclosed. Further particulars on the resolved points could be discovered on Cisco’s security portal.

Associated: Cisco Patches Critical Vulnerabilities in IOS XE Software

Associated: Cisco Patches High-Severity Security Flaws in IOS XR

Associated: Cisco Patches Critical Enterprise NFVIS Vulnerability for Which PoC Exploit Is Available

view counter

Ionut Arghire is a world correspondent for SecurityWeek.

Earlier Columns by Ionut Arghire:

Source link

Cyber Security

OnionShare: Safe communications platform utilized by whistleblowers and journalists patches information publicity bug

Charlie Osborne

05 October 2021 at 12:35 UTC

Up to date: 05 October 2021 at 12:44 UTC

Open supply software program is used to guard a sender’s id

OnionShare: Secure communications platform used by whistleblowers patches data exposure bug

A software utilized by whisteblowers and the media to securely ship data has patched two vulnerabilities that might have impacted the nameless nature of the file-sharing system.

OnionShare is an open source software throughout Home windows, macOS, and Linux techniques designed to maintain customers nameless whereas finishing up actions together with file sharing, web site internet hosting, and messaging.

The service, made obtainable via the Tor community and developed by The Intercept director of infoSec Micah Lee, is utilized by most of the people in addition to journalists and whistleblowers to protect privateness.

Read more of the latest privacy news

On October 4, IHTeam revealed a security advisory on OnionShare. The workforce performed an unbiased evaluation of the software program and uncovered two bugs, tracked as CVE-2021-41868 and CVE-2021-41867, which exist in variations of the software program previous to v.2.4.

CVE-2021-41868 was present in OnionShare’s file add mechanism. By default, OnionShare generates random usernames and passwords in Primary Auth at startup in personal mode, IHTeam says, and so importing performance ought to solely be restricted to these with the correct credentials.

Nonetheless, whereas analyzing the operate, the workforce discovered that a logic issue brought on recordsdata to be
uploaded and saved remotely earlier than an authentication examine happened.

DON’T MISS Mission accomplished: Security plugin HTTPS Everywhere to be deprecated in 2022

The second vulnerability reported by the Italian safety workforce, CVE-2021-41867, might be exploited to reveal the members of a chat session. This downside, present in OnionShare’s parameter (), allowed websocket connections from unauthenticated customers, whether or not or not they owned a Flask session cookie.

“It appears that evidently with out a legitimate session ID it was not attainable to intercept messages between customers, for the reason that system closely [relies] on the session to attach into the default room – and with out a legitimate one, messages stay undelivered to unauthenticated customers,” the disclosing researcher Simone ‘d0td0tslash’ said.

“It’s nonetheless really useful to keep away from initiating a connection with out prior validating the session cookie.”

OnionShare builders have now tackled each points and released a new version of the software program, v.2.4, on September 17.

The Day by day Swig has reached out to Lee and we are going to replace as and after we hear again.

YOU MAY ALSO LIKE Critical encryption vulnerability found in secure communications platform Matrix

Source link