Geo-political tension is metastasizing in cyberspace. Last week, CISA, the NSA and FBI issued an unprecedented advisory on imminent Russian cyberattack campaigns detailing the modus operandi of these groups. Destructive cyberattack campaigns are being spawned by Russian cyber-militias. Microsoft discovered DEV-0586 a master boot record (MBR) Wiper that is detonating within Ukrainian government agency networks. The post Defending from Within appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2022/01/defending-from-within.html?utm_source=rss&utm_medium=rss&utm_campaign=defending-from-within
Linux kernel vulnerability CVE-2021-3653 Security Advisory Security Advisory Description A flaw was found in the KVMs AMD code for supporting SVM nested virtualization. The flaw occurs when ...
More info:
https://support.f5.com/csp/article/K11546763?utm_source=f5support&utm_medium=RSS
Linux kernel vulnerability CVE-2021-37576 Security Advisory Security Advisory Description arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest ...
More info:
https://support.f5.com/csp/article/K39029022?utm_source=f5support&utm_medium=RSS
Linux kernel vulnerability CVE-2021-3656 Security Advisory Security Advisory Description ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when ...
More info:
https://support.f5.com/csp/article/K80212034?utm_source=f5support&utm_medium=RSS
Project: Drupal coreDate: 2022-January-19Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:DefaultVulnerability: Cross Site ScriptingDescription: jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. As part of this 1.13.0 update, they disclosed the following security issue that may
More info:
https://www.drupal.org/sa-core-2022-001
More info:
https://www.oracle.com/security-alerts/cpujan2022.html
Project: Drupal coreDate: 2022-January-19Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:DefaultVulnerability: Cross Site ScriptingDescription: jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. As part of this 1.13.0 update, they disclosed the following security issue that may
More info:
https://www.drupal.org/sa-core-2022-001
Project: Drupal coreDate: 2022-January-19Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:DefaultVulnerability: Cross site scriptingDescription: jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life.Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. In addition to the issue covered by SA-CORE-20220-001, further security vulnerabilities
More info:
https://www.drupal.org/sa-core-2022-002
BIG-IP ASM and Advanced WAF REST API endpoint vulnerability CVE-2022-23026 Security Advisory Security Advisory Description An authenticated user with low privileges, such as a guest, can upload ...
More info:
https://support.f5.com/csp/article/K08402414?utm_source=f5support&utm_medium=RSS
BIG-IP SIP ALG vulnerability CVE-2022-23025 Security Advisory Security Advisory Description When a SIP ALG profile is configured on a virtual server, undisclosed requests can cause the Traffic ...
More info:
https://support.f5.com/csp/article/K44110411?utm_source=f5support&utm_medium=RSS
