βΌ CVE-2020-27874 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat 7.0.18. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM Decoder. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11580.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27870 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-11917.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2021-20335 βΌ
π Read
via "National Vulnerability Database".
For MongoDB Ops Manager 4.2.X with multiple OM application servers, that have SSL turned on for their MongoDB processes, the upgrade to MongoDB Ops Manager 4.4.X triggers a bug where Automation thinks SSL is being turned off, and can disable SSL temporarily for members of the cluster. This issue is temporary and eventually corrects itself after MongoDB Ops Manager instances have finished upgrading to MongoDB Ops Manager 4.4. In addition, customers must be running with clientCertificateMode=OPTIONAL / allowConnectionsWithoutCertificates=true to be impacted.π Read
via "National Vulnerability Database".
β Military, Nuclear Entities Under Target By Novel Android Malware β
π Read
via "Threat Post".
The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.π Read
via "Threat Post".
Threat Post
Military, Nuclear Entities Under Target By Novel Android Malware
The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.
β S3 Ep19: Chrome zero-day, coffee hacking and Perl.com stolen [Podcast] β
π Read
via "Naked Security".
Latest episode (includes 111,848 "free" cups of coffee) - listen now!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2021-23335 βΌ
π Read
via "National Vulnerability Database".
All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23334 βΌ
π Read
via "National Vulnerability Database".
All versions of package static-eval are vulnerable to Arbitrary Code Execution using FunctionExpressions and TemplateLiterals. PoC: var evaluate = require('static-eval'); var parse = require('esprima').parse; var src="(function (x) { return ${eval("console.log(global.process.mainModule.constructor._load('child_process').execSync('ls').toString())")} })()" var ast = parse(src).body[0].expression; evaluate(ast)π Read
via "National Vulnerability Database".
π΄ Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever π΄
π Read
via "Dark Reading".
Cloud-native deployments tend to be small, interchangeable, and easier to protect, but their software supply chains require closer attention.π Read
via "Dark Reading".
Dark Reading
Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever
Cloud-native deployments tend to be small, interchangeable, and easier to protect, but their software supply chains require closer attention.
β Various Malware Lurks in Discord App to Target Gamers β
π Read
via "Threat Post".
Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and token stealers.π Read
via "Threat Post".
Threat Post
Various Malware Lurks in Discord App to Target Gamers
Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and tokenβ¦
π AIDE 0.17.3 π
π Read
via "Packet Storm Security".
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.π Read
via "Packet Storm Security".
Packetstormsecurity
AIDE 0.17.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β How Email Attacks are Evolving in 2021 β
π Read
via "Threat Post".
The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.π Read
via "Threat Post".
Threat Post
How Email Attacks are Evolving in 2021
The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.
β Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims β
π Read
via "Threat Post".
The attackers ported victims' cell phone lines and then defeated 2FA to access accounts and apps.π Read
via "Threat Post".
Threat Post
Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims
The attackers ported victims' cell phone lines and then defeated 2FA to access accounts and apps.
π΄ Unemployment Fraud: As If Being Out of Work Wasn't Bad Enough π΄
π Read
via "Dark Reading".
With the pandemic as a backdrop, cybercriminals have recognized an unprecedented opportunity to steer billions of dollars in unemployment claims into the own accounts.π Read
via "Dark Reading".
Dark Reading
Unemployment Fraud: As If Being Out of Work Wasn't Bad Enough
With the pandemic as a backdrop, cybercriminals have recognized an unprecedented opportunity to steer billions of dollars in unemployment claims into the own accounts.
βΌ CVE-2020-8027 βΌ
π Read
via "National Vulnerability Database".
A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8029 βΌ
π Read
via "National Vulnerability Database".
A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8030 βΌ
π Read
via "National Vulnerability Database".
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8031 βΌ
π Read
via "National Vulnerability Database".
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prior to 2.10.8.π Read
via "National Vulnerability Database".
π΄ 7 Things We Know So Far About the SolarWinds Attacks π΄
π Read
via "Dark Reading".
Two months after the news first broke, many questions remain about the sophisticated cyber-espionage campaign.π Read
via "Dark Reading".
Dark Reading
7 Things We Know So Far About the SolarWinds Attacks
Two months after the news first broke, many questions remain about the sophisticated cyber-espionage campaign.
π΄ Game Over: Stopping DDoS Attacks Before They Start π΄
π Read
via "Dark Reading".
Video games are poised for a revolution, but benefits will come to fruition only if the industry can guarantee consistent performance and availability.π Read
via "Dark Reading".
Dark Reading
Game Over: Stopping DDoS Attacks Before They Start
Video games are poised for a revolution, but benefits will come to fruition only if the industry can guarantee consistent performance and availability.
π¦Ώ How to use the Vault command line tool to store your code secrets π¦Ώ
π Read
via "Tech Republic".
Developers must stop saving secrets in code. One way to avoid that is to use HashiCorp's Vault. Jack Wallen shows you how to install this tool and take your first steps in its usage.π Read
via "Tech Republic".
TechRepublic
How to use the Vault command line tool to store your code secrets
Developers must stop saving secrets in code. One way to avoid that is to use HashiCorp's Vault. Jack Wallen shows you how to install this tool and take your first steps in its usage.
π FBI Urges Caution with Legacy Systems Following Water Hack π
π Read
via "Digital Guardian".
The FBI reiterated that using end-of-life operating systems and desktop sharing software can open the doors for attackers, like in the Oldsmar water treatment plant hack.π Read
via "Digital Guardian".
Digital Guardian
FBI Urges Caution with Legacy Systems Following Water Hack
The FBI reiterated that using end-of-life operating systems and desktop sharing software can open the doors for attackers, like in the Oldsmar water treatment plant hack.