π DOJ Charges Two More North Korean Hackers in Global Attacks π
π Read
via "Digital Guardian".
The Department of Justice this week peeled back more layers on the North Korean military hacking unit Lazarus Group and its longtime cybercrime spree.π Read
via "Digital Guardian".
Digital Guardian
DOJ Charges Two More North Korean Hackers in Global Attacks
The Department of Justice this week peeled back more layers on the North Korean military hacking unit Lazarus Group and its longtime cybercrime spree.
βΌ CVE-2021-27335 βΌ
π Read
via "National Vulnerability Database".
KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27329 βΌ
π Read
via "National Vulnerability Database".
Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or HTTP requests to arbitrary domain names.π Read
via "National Vulnerability Database".
βΌ CVE-2019-18243 βΌ
π Read
via "National Vulnerability Database".
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27379 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21318 βΌ
π Read
via "National Vulnerability Database".
Opencast is a free, open-source platform to support the management of educational audio and video content. In Opencast before version 9.2 there is a vulnerability in which publishing an episode with strict access rules will overwrite the currently set series access. This allows for an easy denial of access for all users without superuser privileges, effectively hiding the series. Access to series and series metadata on the search service (shown in media module and player) depends on the events published which are part of the series. Publishing an event will automatically publish a series and update access to it. Removing an event or republishing the event should do the same. Affected versions of Opencast may not update the series access or remove a published series if an event is being removed. On removal of an episode, this may lead to an access control list for series metadata with broader access rules than the merged access rules of all remaining events, or the series metadata still being available although all episodes of that series have been removed. This problem is fixed in Opencast 9.2.π Read
via "National Vulnerability Database".
π΄ Microsoft Azure Front Door Gets a Security Upgrade π΄
π Read
via "Dark Reading".
New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.π Read
via "Dark Reading".
Darkreading
Microsoft Azure Front Door Gets a Security Upgrade
New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.
β Kia Motors Hit With $20M Ransomware Attack β Report β
π Read
via "Threat Post".
So far, Kia Motors America has publicly acknowledged an βextended system outage,β but ransomware gang DoppelPaymer claimed it has locked down the companyβs files in a cyberattack that includes a $20 million ransom demand. That $20 million will gain Kia a decryptor and a guarantee to not to publish sensitive data bits on the gangβs [β¦]π Read
via "Threat Post".
Threat Post
Kia Motors Hit With $20M Ransomware Attack β Report
DoppelPaymer ransomware gang claims credit for Kiaβs outage, demands $20 million in double-extortion attack.
π΄ Apple Offers Closer Look at Its Platform Security Technologies, Features π΄
π Read
via "Dark Reading".
In a nearly 200-page document, company offers a detailed overview of Secure Enclave and multiple other security controls in Apple silicon-based Macs and other platforms.π Read
via "Dark Reading".
Dark Reading
Apple Offers Closer Look at Its Platform Security Technologies, Features
In a nearly 200-page document, company offers a detailed overview of Secure Enclave and multiple other security controls in Apple silicon-based Macs and other platforms.
β Apple Outlines 2021 Security, Privacy Roadmap β
π Read
via "Threat Post".
Latest Apple Platform Security update folds iOS, macOS and hardware into security 2021 roadmap.π Read
via "Threat Post".
Threat Post
Apple Outlines 2021 Security, Privacy Roadmap
Latest Apple Platform Security update folds iOS, macOS and hardware into security 2021 roadmap.
β Cybercriminal Enterprise βRingleadersβ Stole $55M Via COVID-19 Fraud, Romance Scams β
π Read
via "Threat Post".
The Department of Justice (DoJ) cracked down on a Ghana-based cybercriminal enterprise behind a slew of romance scams, COVID-19 fraud attacks and business email compromise schemes since 2013.π Read
via "Threat Post".
Threat Post
Cybercriminal Enterprise βRingleadersβ Stole $55M Via COVID-19 Fraud, Romance Scams
The Department of Justice (DoJ) cracked down on a Ghana-based cybercriminal enterprise behind a slew of romance scams, COVID-19 fraud attacks and business email compromise schemes since 2013.
βΌ CVE-2020-35776 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35591 βΌ
π Read
via "National Vulnerability Database".
Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the attacker access to the user's account through the active session.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35592 βΌ
π Read
via "National Vulnerability Database".
Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI. A remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against other users and steal the session cookie.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26717 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6. When re-negotiating for T.38, if the initial remote response was delayed just enough, Asterisk would send both audio and T.38 in the SDP. If this happened, and the remote responded with a declined T.38 stream, then Asterisk would crash.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3271 βΌ
π Read
via "National Vulnerability Database".
PressBooks 5.17.3 contains a cross-site scripting (XSS). Stored XSS can be submitted via the Book Info's Long Description Body, and all actions to open or preview the books page will result in the triggering the stored XSS.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36233 βΌ
π Read
via "National Vulnerability Database".
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26906 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in res_pjsip_session.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16.8-cert5. An SDP negotiation vulnerability in PJSIP allows a remote server to potentially crash Asterisk by sending specific SIP responses that cause an SDP negotiation failure.π Read
via "National Vulnerability Database".
π΄ CrowdStrike Buys Log Management Startup Humio for $400M π΄
π Read
via "Dark Reading".
CrowdStrike plans to use Humio's technology to continue building out its extended detection and response platform.π Read
via "Dark Reading".
Dark Reading
CrowdStrike Buys Log Management Startup Humio for $400M
CrowdStrike plans to use Humio's technology to continue building out its extended detection and response platform.
π΄ Microsoft Concludes Internal Investigation into Solorigate Breach π΄
π Read
via "Dark Reading".
The software giant found no evidence that attackers gained extensive access to services or customer data.π Read
via "Dark Reading".
Darkreading
Microsoft Concludes Internal Investigation into Solorigate Breach
The software giant found no evidence that attackers gained extensive access to services or customer data.
βΌ CVE-2021-26747 βΌ
π Read
via "National Vulnerability Database".
Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution.π Read
via "National Vulnerability Database".