βΌ CVE-2021-25910 βΌ
π Read
via "National Vulnerability Database".
Improper Authentication vulnerability in the cookie parameter of ZIV AUTOMATION 4CCT-EA6-334126BF allows a local attacker to perform modifications in several parameters of the affected device as an authenticated user.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25123 βΌ
π Read
via "National Vulnerability Database".
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice addlicense_func function.π Read
via "National Vulnerability Database".
π¦Ώ 6 data categories to learn for faster cybersecurity responses π¦Ώ
π Read
via "Tech Republic".
By knowing the different types of data, it can help your company protect itself from breaches and better recover from a cyberattack.π Read
via "Tech Republic".
TechRepublic
5 data categories to learn for faster cybersecurity responses
By knowing the different types of data, it can help your company protect itself from breaches and better recover from a cyberattack.
π Friday Five 1/29 π
π Read
via "Digital Guardian".
Linux bugs, hacker personas, and the Emotet botnet disrupted - catch up on all of the week's infosec news with the Friday Five!π Read
via "Digital Guardian".
Digital Guardian
Friday Five 1/29
Linux bugs, hacker personas, and the Emotet botnet disrupted - catch up on all of the week's infosec news with the Friday Five!
π Digital Guardian Named a Top Place to Work in the US π
π Read
via "Digital Guardian".
Digital Guardian was named a top place to work in the United States in 2021!π Read
via "Digital Guardian".
Digital Guardian
Digital Guardian Named a Top Place to Work in the US
Digital Guardian was named a top place to work in the United States in 2021!
π¦Ώ Identifying data terms can improve cybersecurity efficiency π¦Ώ
π Read
via "Tech Republic".
The term "data" is vague. Knowing the types of data helps companies protect themselves and better recover from a cyberattack.π Read
via "Tech Republic".
TechRepublic
5 data categories to learn for faster cybersecurity responses
By knowing the different types of data, it can help your company protect itself from breaches and better recover from a cyberattack.
β Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System β
π Read
via "Threat Post".
Apple has made structural improvements in iOS 14 to block message-based, zero-click exploits.π Read
via "Threat Post".
Threat Post
Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System
Apple has made structural improvements in iOS 14 to block message-based, zero-click exploits.
π¦Ώ CISA warns of attacks on cloud-based services π¦Ώ
π Read
via "Tech Republic".
Companies are most vulnerable when employees work from home or use a combination of company and personal devices.π Read
via "Tech Republic".
TechRepublic
CISA warns of attacks on cloud-based services
Companies are most vulnerable when employees work from home or use a combination of company and personal devices.
π¦Ώ SolarWinds attack: Cybersecurity experts share lessons learned and how to protect your business π¦Ώ
π Read
via "Tech Republic".
The highly sophisticated SolarWinds attack was designed to circumvent threat detectionβand it did, for much too long. Two cybersecurity experts share some valuable lessons learned from the attack.π Read
via "Tech Republic".
π¦Ώ Is your boss spying on you? It's possible, and privacy laws aren't there yet π¦Ώ
π Read
via "Tech Republic".
Some companies are using monitoring software to keep tabs on employees working from home. Some organizations are crying foul.π Read
via "Tech Republic".
TechRepublic
Is your boss spying on you? It's possible, and privacy laws aren't there yet
Some companies are using monitoring software to keep tabs on employees working from home. Some organizations are crying foul.
π¦Ώ Vishing: FBI says beware of voice phishing at large organizations π¦Ώ
π Read
via "Tech Republic".
Attackers are tricking employees into logging into phishing sites.π Read
via "Tech Republic".
TechRepublic
Vishing: FBI says beware of voice phishing at large organizations
Attackers are tricking employees into logging into phishing sites.
βΌ CVE-2021-3345 βΌ
π Read
via "National Vulnerability Database".
_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20586 βΌ
π Read
via "National Vulnerability Database".
Resource management errors vulnerability in a robot controller of MELFA FR Series(controller "CR800-*V*D" of RV-*FR***-D-* all versions, controller "CR800-*HD" of RH-*FRH***-D-* all versions, controller "CR800-*HRD" of RH-*FRHR***-D-* all versions, controller "CR800-*V*R with R16RTCPU" of RV-*FR***-R-* all versions, controller "CR800-*HR with R16RTCPU" of RH-*FRH***-R-* all versions, controller "CR800-*HRR with R16RTCPU" of RH-*FRHR***-R-* all versions, controller "CR800-*V*Q with Q172DSRCPU" of RV-*FR***-Q-* all versions, controller "CR800-*HQ with Q172DSRCPU" of RH-*FRH***-Q-* all versions, controller "CR800-*HRQ with Q172DSRCPU" of RH-*FRHR***-Q-* all versions) and a robot controller of MELFA CR Series(controller "CR800-CVD" of RV-8CRL-D-* all versions, controller "CR800-CHD" of RH-*CRH**-D-* all versions) as well as a cooperative robot ASSISTA(controller "CR800-05VD" of RV-5AS-D-* all versions) allows a remote unauthenticated attacker to cause a DoS of the execution of the robot program and the Ethernet communication by sending a large amount of packets in burst over a short period of time. As a result of DoS, an error may occur. A reset is required to recover it if the error occurs.π Read
via "National Vulnerability Database".
β Industrial Gear at Risk from Fuji Code-Execution Bugs β
π Read
via "Threat Post".
Fuji Electricβs Tellus Lite V-Simulator and V-Server Lite can allow attackers to take advantage of operational technology (OT)-IT convergence on factory floors, at utility plants and more.π Read
via "Threat Post".
Threat Post
Industrial Gear at Risk from Fuji Code-Execution Bugs
Fuji Electricβs Tellus Lite V-Simulator and V-Server Lite can allow attackers to take advantage of operational technology (OT)-IT convergence on factory floors, at utility plants and more.
βΌ CVE-2021-3346 βΌ
π Read
via "National Vulnerability Database".
Foris before 101.1.1, as used in Turris OS, lacks certain HTML escaping in the login template.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3347 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23328 βΌ
π Read
via "National Vulnerability Database".
This affects all versions of package iniparserjs. This vulnerability relates when ini_parser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.π Read
via "National Vulnerability Database".
π΄ FBI Encounters: Reporting an Insider Security Incident to the Feds π΄
π Read
via "Dark Reading".
Most insider incidents don't get reported to the FBI due to fear of debilitating business disruptions, public embarrassment, and screeching vans skidding into the parking lot to confiscate servers. But is that reality?π Read
via "Dark Reading".
Dark Reading
FBI Encounters: Reporting an Insider Security Incident to the Feds
Most insider incidents don't get reported to the FBI due to fear of debilitating business disruptions, public embarrassment, and screeching vans skidding into the parking lot to confiscate servers. But is that reality?
π΄ Ransomware Payoffs Surge by 311% to Nearly $350 Million π΄
π Read
via "Dark Reading".
Payments to ransomware gangs using cryptocurrency more than quadrupled in 2020, with less than 200 cryptocurrency wallets receiving 80% of funds.π Read
via "Dark Reading".
Darkreading
Ransomware Payoffs Surge by 311% to Nearly $350 Million
Payments to ransomware gangs using cryptocurrency more than quadrupled in 2020, with less than 200 cryptocurrency wallets receiving 80% of funds.
π¦Ώ Distributed denial of service (DDoS) attacks: A cheat sheet π¦Ώ
π Read
via "Tech Republic".
This comprehensive guide covers different types of denial of service attacks, DDoS protection strategies, as well as why it matters for business.π Read
via "Tech Republic".
TechRepublic
Distributed denial of service (DDoS) attacks: A cheat sheet
This comprehensive guide covers different types of denial of service attacks, DDoS protection strategies, as well as why it matters for business.
βΌ CVE-2021-25134 βΌ
π Read
via "National Vulnerability Database".
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function.π Read
via "National Vulnerability Database".