β Military, Nuclear Entities Under Target By Novel Android Malware β
π Read
via "Threat Post".
The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.π Read
via "Threat Post".
Threat Post
Military, Nuclear Entities Under Target By Novel Android Malware
The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.
β S3 Ep19: Chrome zero-day, coffee hacking and Perl.com stolen [Podcast] β
π Read
via "Naked Security".
Latest episode (includes 111,848 "free" cups of coffee) - listen now!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2021-23335 βΌ
π Read
via "National Vulnerability Database".
All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23334 βΌ
π Read
via "National Vulnerability Database".
All versions of package static-eval are vulnerable to Arbitrary Code Execution using FunctionExpressions and TemplateLiterals. PoC: var evaluate = require('static-eval'); var parse = require('esprima').parse; var src="(function (x) { return ${eval("console.log(global.process.mainModule.constructor._load('child_process').execSync('ls').toString())")} })()" var ast = parse(src).body[0].expression; evaluate(ast)π Read
via "National Vulnerability Database".
π΄ Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever π΄
π Read
via "Dark Reading".
Cloud-native deployments tend to be small, interchangeable, and easier to protect, but their software supply chains require closer attention.π Read
via "Dark Reading".
Dark Reading
Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever
Cloud-native deployments tend to be small, interchangeable, and easier to protect, but their software supply chains require closer attention.
β Various Malware Lurks in Discord App to Target Gamers β
π Read
via "Threat Post".
Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and token stealers.π Read
via "Threat Post".
Threat Post
Various Malware Lurks in Discord App to Target Gamers
Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and tokenβ¦
π AIDE 0.17.3 π
π Read
via "Packet Storm Security".
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.π Read
via "Packet Storm Security".
Packetstormsecurity
AIDE 0.17.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β How Email Attacks are Evolving in 2021 β
π Read
via "Threat Post".
The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.π Read
via "Threat Post".
Threat Post
How Email Attacks are Evolving in 2021
The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.
β Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims β
π Read
via "Threat Post".
The attackers ported victims' cell phone lines and then defeated 2FA to access accounts and apps.π Read
via "Threat Post".
Threat Post
Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims
The attackers ported victims' cell phone lines and then defeated 2FA to access accounts and apps.
π΄ Unemployment Fraud: As If Being Out of Work Wasn't Bad Enough π΄
π Read
via "Dark Reading".
With the pandemic as a backdrop, cybercriminals have recognized an unprecedented opportunity to steer billions of dollars in unemployment claims into the own accounts.π Read
via "Dark Reading".
Dark Reading
Unemployment Fraud: As If Being Out of Work Wasn't Bad Enough
With the pandemic as a backdrop, cybercriminals have recognized an unprecedented opportunity to steer billions of dollars in unemployment claims into the own accounts.
βΌ CVE-2020-8027 βΌ
π Read
via "National Vulnerability Database".
A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8029 βΌ
π Read
via "National Vulnerability Database".
A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8030 βΌ
π Read
via "National Vulnerability Database".
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8031 βΌ
π Read
via "National Vulnerability Database".
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prior to 2.10.8.π Read
via "National Vulnerability Database".
π΄ 7 Things We Know So Far About the SolarWinds Attacks π΄
π Read
via "Dark Reading".
Two months after the news first broke, many questions remain about the sophisticated cyber-espionage campaign.π Read
via "Dark Reading".
Dark Reading
7 Things We Know So Far About the SolarWinds Attacks
Two months after the news first broke, many questions remain about the sophisticated cyber-espionage campaign.
π΄ Game Over: Stopping DDoS Attacks Before They Start π΄
π Read
via "Dark Reading".
Video games are poised for a revolution, but benefits will come to fruition only if the industry can guarantee consistent performance and availability.π Read
via "Dark Reading".
Dark Reading
Game Over: Stopping DDoS Attacks Before They Start
Video games are poised for a revolution, but benefits will come to fruition only if the industry can guarantee consistent performance and availability.
π¦Ώ How to use the Vault command line tool to store your code secrets π¦Ώ
π Read
via "Tech Republic".
Developers must stop saving secrets in code. One way to avoid that is to use HashiCorp's Vault. Jack Wallen shows you how to install this tool and take your first steps in its usage.π Read
via "Tech Republic".
TechRepublic
How to use the Vault command line tool to store your code secrets
Developers must stop saving secrets in code. One way to avoid that is to use HashiCorp's Vault. Jack Wallen shows you how to install this tool and take your first steps in its usage.
π FBI Urges Caution with Legacy Systems Following Water Hack π
π Read
via "Digital Guardian".
The FBI reiterated that using end-of-life operating systems and desktop sharing software can open the doors for attackers, like in the Oldsmar water treatment plant hack.π Read
via "Digital Guardian".
Digital Guardian
FBI Urges Caution with Legacy Systems Following Water Hack
The FBI reiterated that using end-of-life operating systems and desktop sharing software can open the doors for attackers, like in the Oldsmar water treatment plant hack.
π΄ Microsoft Launches Phase 2 Mitigation for Zerologon Flaw π΄
π Read
via "Dark Reading".
The Netlogon remote code execution vulnerability, disclosed last August, has been weaponized by APT groups.π Read
via "Dark Reading".
Darkreading
Microsoft Launches Phase 2 Mitigation for Zerologon Flaw
The Netlogon remote code execution vulnerability, disclosed last August, has been weaponized by APT groups.
βΌ CVE-2020-13185 βΌ
π Read
via "National Vulnerability Database".
Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attacker in the ability to execute sensitive functions without credentials.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21301 βΌ
π Read
via "National Vulnerability Database".
Wire is an open-source collaboration platform. In Wire for iOS (iPhone and iPad) before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has their camera enabled and then disables it. It's a privacy issue because video is streamed to the call when the user believes it is disabled. It impacts all users in video calls. This is fixed in version 3.75.π Read
via "National Vulnerability Database".