❌ U.S. Accuses North Korean Hackers of Stealing Millions ❌
📖 Read
via "Threat Post".
The feds have expanded the list of financial and political hacking crimes they allege are linked to Lazarus Group and North Korea.📖 Read
via "Threat Post".
Threat Post
U.S. Accuses North Korean Hackers of Stealing Millions
The feds have expanded the list of financial and political hacking crimes they allege are linked to Lazarus Group and North Korea.
🦿 Kaspersky: Goofing off a little at work may help security teams stay focused 🦿
📖 Read
via "Tech Republic".
The security company found that 85% of workers spend up to five hours a week watching YouTube, listening to podcasts, or exercising during work hours.📖 Read
via "Tech Republic".
TechRepublic
Kaspersky: Goofing off a little at work may help security teams stay focused
The security company found that 85% of workers spend up to five hours a week watching YouTube, listening to podcasts, or exercising during work hours.
‼ CVE-2021-1366 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1372 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. This vulnerability is due to the unsafe usage of shared memory by the affected software. An attacker with permissions to view system memory could exploit this vulnerability by running an application on the local system that is designed to read shared memory. A successful exploit could allow the attacker to retrieve sensitive information from the shared memory, including usernames, meeting information, or authentication tokens. Note: To exploit this vulnerability, an attacker must have valid credentials on a Microsoft Windows end-user system and must log in after another user has already authenticated with Webex on the same end-user system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1412 ‼
📖 Read
via "National Vulnerability Database".
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system. For more information about these vulnerabilities, see the Details section of this advisory.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1378 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1416 ‼
📖 Read
via "National Vulnerability Database".
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system. For more information about these vulnerabilities, see the Details section of this advisory.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1351 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of the affected service. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.📖 Read
via "National Vulnerability Database".
❌ Ninja Forms WordPress Plugin Bug Opens Websites to Hacks ❌
📖 Read
via "Threat Post".
The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking.📖 Read
via "Threat Post".
Threat Post
Ninja Forms WordPress Plugin Bug Opens Websites to Hacks
The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking.
🔏 Suit Claims Attorneys Stole, Destroyed Data Before Joining Rival Firm 🔏
📖 Read
via "Digital Guardian".
A new lawsuit alleges four attorneys, months before they left for a competing firm, plotted their exit, copied and destroyed corporate data.📖 Read
via "Digital Guardian".
Digital Guardian
Suit Claims Attorneys Stole, Destroyed Data Before Joining Rival Firm
A new lawsuit alleges four attorneys plotted their exit months before they left for a competing firm, then copied and destroyed corporate data.
🕴 Kia Faces $20M DoppelPaymer Ransomware Attack 🕴
📖 Read
via "Dark Reading".
Kia Motors America this week experienced a nationwide IT outage; now, reports indicate the company was hit with ransomware.📖 Read
via "Dark Reading".
Dark Reading
Kia Faces $20M DoppelPaymer Ransomware Attack
Kia Motors America this week experienced a nationwide IT outage; now, reports indicate the company was hit with ransomware.
‼ CVE-2020-13555 ‼
📖 Read
via "National Vulnerability Database".
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13553 ‼
📖 Read
via "National Vulnerability Database".
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13551 ‼
📖 Read
via "National Vulnerability Database".
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13552 ‼
📖 Read
via "National Vulnerability Database".
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13550 ‼
📖 Read
via "National Vulnerability Database".
A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
❌ Stolen Jones Day Law Firm Files Posted on Dark Web ❌
📖 Read
via "Threat Post".
Jones Day, which represented Trump, said the breach is part of the Accellion attack from December.📖 Read
via "Threat Post".
Threat Post
Stolen Jones Day Law Firm Files Posted on Dark Web
Jones Day, which represented Trump, said the breach is part of the Accellion attack from December.
❌ Windows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign ❌
📖 Read
via "Threat Post".
The WatchDog malware has flown under the radar for two years in what researchers call one of the 'largest' Monero cryptojacking attacks ever.📖 Read
via "Threat Post".
Threat Post
Windows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign
The WatchDog malware has flown under the radar for two years in what researchers call one of the 'largest' Monero cryptojacking attacks ever.
🦿 LastPass: A cheat sheet 🦿
📖 Read
via "Tech Republic".
This comprehensive guide covers everything you need to know about password management app LastPass, including its newly announced free cross-platform access.📖 Read
via "Tech Republic".
TechRepublic
LastPass password management app: A cheat sheet
This comprehensive guide covers everything you need to know about password management app LastPass, including recent restrictions on free accounts.
🕴 White House Says 100 Private Sector Orgs Hit in SolarWinds Campaign 🕴
📖 Read
via "Dark Reading".
Anne Neuberger, a top Biden cybersecurity official, provided an update on the government's investigation into the massive breach.📖 Read
via "Dark Reading".
Dark Reading
White House Says 100 Private Sector Orgs Hit in SolarWinds Campaign
Anne Neuberger, a top Biden cybersecurity official, provided an update on the government's investigation into the massive breach.
🕴 US Unseals Indictments Against North Korean Cyberattackers for Thefts Totaling $1.3B 🕴
📖 Read
via "Dark Reading".
FBI, CISA, and Treasury Department also release details about North Korean malware used in cryptocurrency thefts since 2018.📖 Read
via "Dark Reading".
Dark Reading
US Unseals Indictments Against North Korean Cyberattackers for Thefts Totaling $1.3B
FBI, CISA, and Treasury Department also release details about North Korean malware used in cryptocurrency thefts since 2018.