π΄ DHS CISA Warns of Phishing Emails Rigged with KONNI Malware π΄
π Read
via "Dark Reading: ".
Konni is a remote administration tool cyberattackers use to steal files, capture keystrokes, take screenshots, and execute malicious code.π Read
via "Dark Reading: ".
Dark Reading
DHS CISA Warns of Phishing Emails Rigged with KONNI Malware
Konni is a remote administration tool cyberattackers use to steal files, capture keystrokes, take screenshots, and execute malicious code.
ATENTIONβΌ New - CVE-2015-8033
π Read
via "National Vulnerability Database".
In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user account.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-8032
π Read
via "National Vulnerability Database".
In Textpattern 4.5.7, an unprivileged author can change an article's markup setting.π Read
via "National Vulnerability Database".
β Mac Users Targeted by Spyware Spreading via Xcode Projects β
π Read
via "Threatpost".
The XCSSET suite of malware also hijacks browsers, has a ransomware module and more -- and uses a pair of zero-day exploits.π Read
via "Threatpost".
Threat Post
Mac Users Targeted by Spyware Spreading via Xcode Projects
The XCSSET suite of malware also hijacks browsers, has a ransomware module and more β and uses a pair of zero-day exploits.
π΄ IcedID Shows Obfuscation Sophistication in New Campaign π΄
π Read
via "Dark Reading: ".
The malware's developers have turned to dynamic link libraries (DLLs) to hide their work.π Read
via "Dark Reading: ".
Dark Reading
IcedID Shows Obfuscation Sophistication in New Campaign
The malware's developers have turned to dynamic link libraries (DLLs) to hide their work.
π΄ Research Casts Doubt on Value of Threat Intel Feeds π΄
π Read
via "Dark Reading: ".
Two commercial threat intelligence services and four open source feeds rarely provide the same information, raising questions about how security teams should gauge their utility.π Read
via "Dark Reading: ".
Dark Reading
Research Casts Doubt on Value of Threat Intel Feeds
Two commercial threat intelligence services and four open source feeds rarely provide the same information, raising questions about how security teams should gauge their utility.
β PoC Exploit Targeting Apache Struts Surfaces on GitHub β
π Read
via "Threatpost".
Researchers have discovered freely available PoC code and exploit that can be used to attack unpatched security holes in Apache Struts 2.π Read
via "Threatpost".
Threat Post
PoC Exploit Targeting Apache Struts Surfaces on GitHub
Researchers have discovered freely available PoC code and exploit that can be used to attack unpatched security holes in Apache Struts 2.
ATENTIONβΌ New - CVE-2020-0255
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-10751. Reason: This candidate is a duplicate of CVE-2020-10751. Notes: All CVE users should reference CVE-2020-10751 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-11085
π Read
via "National Vulnerability Database".
php/qmn_options_questions_tab.php in the quiz-master-next plugin before 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js mishandles parsing inside of a SCRIPT element.π Read
via "National Vulnerability Database".
β Monday review β catch up on our latest articles and videos β
π Read
via "Naked Security".
Our recent articles and videos, all in one place.π Read
via "Naked Security".
Naked Security
Monday review β catch up on our latest articles and videos
Our recent articles and videos, all in one place.
π΄ The IT Backbone of Cybercrime π΄
π Read
via "Dark Reading: ".
Like their counterparts who run legitimate businesses, cybercriminals need hosting and cybersecurity protection, too.π Read
via "Dark Reading: ".
π What is Azure Security? π
π Read
via "Subscriber Blog RSS Feed ".
Azure Security refers to security tools and capabilities available on Microsoftβs Azure cloud platform. In this article, weβll discuss Azure Security and the Azure Security Center.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
What is Azure Security?
Azure Security refers to security tools and capabilities available on Microsoftβs Azure cloud platform. In this article, weβll discuss Azure Security and the Azure Security Center.
ATENTIONβΌ New - CVE-2018-7085
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-7062
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-7061
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-9018
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-9017
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-9016
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-9015
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-9014
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-9013
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".