❌ Stolen Jones Day Law Firm Files Posted on Dark Web ❌
📖 Read
via "Threat Post".
Jones Day, which represented Trump, said the breach is part of the Accellion attack from December.📖 Read
via "Threat Post".
Threat Post
Stolen Jones Day Law Firm Files Posted on Dark Web
Jones Day, which represented Trump, said the breach is part of the Accellion attack from December.
❌ Windows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign ❌
📖 Read
via "Threat Post".
The WatchDog malware has flown under the radar for two years in what researchers call one of the 'largest' Monero cryptojacking attacks ever.📖 Read
via "Threat Post".
Threat Post
Windows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign
The WatchDog malware has flown under the radar for two years in what researchers call one of the 'largest' Monero cryptojacking attacks ever.
🦿 LastPass: A cheat sheet 🦿
📖 Read
via "Tech Republic".
This comprehensive guide covers everything you need to know about password management app LastPass, including its newly announced free cross-platform access.📖 Read
via "Tech Republic".
TechRepublic
LastPass password management app: A cheat sheet
This comprehensive guide covers everything you need to know about password management app LastPass, including recent restrictions on free accounts.
🕴 White House Says 100 Private Sector Orgs Hit in SolarWinds Campaign 🕴
📖 Read
via "Dark Reading".
Anne Neuberger, a top Biden cybersecurity official, provided an update on the government's investigation into the massive breach.📖 Read
via "Dark Reading".
Dark Reading
White House Says 100 Private Sector Orgs Hit in SolarWinds Campaign
Anne Neuberger, a top Biden cybersecurity official, provided an update on the government's investigation into the massive breach.
🕴 US Unseals Indictments Against North Korean Cyberattackers for Thefts Totaling $1.3B 🕴
📖 Read
via "Dark Reading".
FBI, CISA, and Treasury Department also release details about North Korean malware used in cryptocurrency thefts since 2018.📖 Read
via "Dark Reading".
Dark Reading
US Unseals Indictments Against North Korean Cyberattackers for Thefts Totaling $1.3B
FBI, CISA, and Treasury Department also release details about North Korean malware used in cryptocurrency thefts since 2018.
‼ CVE-2021-26720 ‼
📖 Read
via "National Vulnerability Database".
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27367 ‼
📖 Read
via "National Vulnerability Database".
Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25605 ‼
📖 Read
via "National Vulnerability Database".
Cleartext transmission of sensitive information in Agora Video SDK prior to 3.1 allows a remote attacker to obtain access to audio and video of any ongoing Agora video call through observation of cleartext network traffic.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-26911 ‼
📖 Read
via "National Vulnerability Database".
core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3396 ‼
📖 Read
via "National Vulnerability Database".
OpenNMS Meridian 2016, 2017, 2018 before 2018.1.25, 2019 before 2019.1.16, and 2020 before 2020.1.5, Horizon 1.2 through 27.0.4, and Newts <1.5.3 has Incorrect Access Control, which allows local and remote code execution using JEXL expressions.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27374 ‼
📖 Read
via "National Vulnerability Database".
VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 before patch20210207 allows attackers to achieve "Zugriff auf Inhalte der WebOffice Applikation."📖 Read
via "National Vulnerability Database".
‼ CVE-2020-36245 ‼
📖 Read
via "National Vulnerability Database".
GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. The attacker must be able to reach TCP port 7912, e.g., by being on the same Wi-Fi network.📖 Read
via "National Vulnerability Database".
🕴 Egregor Arrests a Blow, But Ransomware Will Likely Bounce Back 🕴
📖 Read
via "Dark Reading".
Similar to previous ransomware takedowns, this disruption to the ransomware-as-a-service model will likely be short-lived, security experts say.📖 Read
via "Dark Reading".
Dark Reading
Egregor Arrests a Blow, But Ransomware Will Likely Bounce Back
Similar to previous ransomware takedowns, this disruption to the ransomware-as-a-service model will likely be short-lived, security experts say.
‼ CVE-2020-9306 ‼
📖 Read
via "National Vulnerability Database".
Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials" issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12878 ‼
📖 Read
via "National Vulnerability Database".
Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27138 ‼
📖 Read
via "National Vulnerability Database".
The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-8625 ‼
📖 Read
via "National Vulnerability Database".
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -> 9.11.27, 9.12.0 -> 9.16.11, and versions BIND 9.11.3-S1 -> 9.11.27-S1 and 9.16.8-S1 -> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27097 ‼
📖 Read
via "National Vulnerability Database".
The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT.📖 Read
via "National Vulnerability Database".
🕴 Virginia Takes Different Tack Than California With Data Privacy Law 🕴
📖 Read
via "Dark Reading".
Online businesses targeting Virginia consumers and have personal data of 100,000 consumers in the state must conform to the new statute.📖 Read
via "Dark Reading".
Dark Reading
Virginia Takes Different Tack Than California With Data Privacy Law
Online businesses targeting Virginia consumers and have personal data of 100,000 consumers in the state must conform to the new statute.
🕴 Pro Tip: Say What You Know 🕴
📖 Read
via "Dark Reading".
During the immediate period following a breach, it's vital to move fast - but not trip over yourself.📖 Read
via "Dark Reading".
Dark Reading
The Edge
During the immediate period following a breach, it's vital to move fast - but not trip over yourself.
‼ CVE-2020-35577 ‼
📖 Read
via "National Vulnerability Database".
In Endalia Selection Portal before 4.205.0, an Insecure Direct Object Reference (IDOR) allows any authenticated user to download every file uploaded to the platform by changing the value of the file identifier (aka CommonDownload identification number).📖 Read
via "National Vulnerability Database".