βΌ CVE-2021-0324 βΌ
π Read
via "National Vulnerability Database".
Product: AndroidVersions: Android SoCAndroid ID: A-175402462π Read
via "National Vulnerability Database".
βΌ CVE-2021-0467 βΌ
π Read
via "National Vulnerability Database".
In Chromecast bootROM, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-174490700π Read
via "National Vulnerability Database".
π΄ VPN Attacks Surged in First Quarter π΄
π Read
via "Dark Reading".
But volume of malware, botnet, and other exploit activity declined because of the Emotet botnet takedown.π Read
via "Dark Reading".
Dark Reading
VPN Attacks Surged in First Quarter
But volume of malware, botnet, and other exploit activity declined because of the Emotet botnet takedown.
βΌ CVE-2021-34693 βΌ
π Read
via "National Vulnerability Database".
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27887 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) vulnerability in the main dashboard of Ellipse APM versions allows an authenticated user or integrated application to inject malicious data into the application that can then be executed in a victimΓ’β¬β’s browser. This issue affects: Hitachi ABB Power Grids Ellipse APM 5.3 version 5.3.0.1 and prior versions; 5.2 version 5.2.0.3 and prior versions; 5.1 version 5.1.0.6 and prior versions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31618 βΌ
π Read
via "National Vulnerability Database".
Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server. This issue affected mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never released.π Read
via "National Vulnerability Database".
β Apple Hurries Patches for Safari Bugs Under Active Attack β
π Read
via "Threat Post".
Apple patched two bugs impacting its Safari browser WebKit engine that it said are actively being exploited.π Read
via "Threat Post".
Threat Post
Apple Hurries Patches for Safari Bugs Under Active Attack
Apple patched two bugs impacting its Safari browser WebKit engine that it said are actively being exploited.
β βFace of Anonymousβ suspect deported from Mexico to face US hacking charges β
π Read
via "Naked Security".
After nearly a decade as a US expat dubbed "The Face of Anoynmous", he's back in the US facing cybercrime charges from almost a decade ago.π Read
via "Naked Security".
Naked Security
βFace of Anonymousβ suspect deported from Mexico to face US hacking charges
After nearly a decade as a US expat dubbed βThe Face of Anoynmousβ, heβs back in the US facing cybercrime charges from almost a decade ago.
β Microsoft Gets Second Shot at Banning hiQ from Scraping LinkedIn User Data β
π Read
via "Threat Post".
Decision throws out previous ruling in favor of hiQ Labs that prevented Microsoftβs business networking platform to forbid the company from harvesting public info from user profiles.π Read
via "Threat Post".
Threat Post
Microsoft Gets Second Shot at Banning hiQ from Scraping LinkedIn User Data
Decision throws out previous ruling in favor of hiQ Labs that prevented Microsoftβs business networking platform to forbid the company from harvesting public info from user profiles.
π¦Ώ Microsoft product vulnerabilities reached a new high of 1,268 in 2020 π¦Ώ
π Read
via "Tech Republic".
56% of all Microsoft critical vulnerabilities could have been mitigated by removing admin rights, according to the 2021 BeyondTrust Microsoft Vulnerabilities Report.π Read
via "Tech Republic".
π΄ How Does the Government Buy Its Cybersecurity? π΄
π Read
via "Dark Reading".
The federal government is emphasizing cybersecurity regulation, education, and defense strategies this year.π Read
via "Dark Reading".
β SASE & Zero Trust: The Dream Team β
π Read
via "Threat Post".
Forcepointβs Nico Fischbach, global CTO and VPE of SASE, and Chase Cunningham, chief strategy officer at Ericom Software, on using SASE to make Zero Trust real.π Read
via "Threat Post".
π Hashcat Advanced Password Recovery 6.2.2 Source Code π
π Read
via "Packet Storm Security".
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Hashcat Advanced Password Recovery 6.2.2 Source Code β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ How President Biden Can Better Defend the US From Russian Hacks π΄
π Read
via "Dark Reading".
Wilson Center cybersecurity expert Meg King pinpoints five ambitious steps the administration should take, including a comprehensive national data breach notification protocol.π Read
via "Dark Reading".
Dark Reading
How President Biden Can Better Defend the US From Russian Hacks
Wilson Center cybersecurity expert Meg King pinpoints five ambitious steps the administration should take, including a comprehensive national data breach notification protocol.
β Microsoft Disrupts Large-Scale, Cloud-Based BEC Campaign β
π Read
via "Threat Post".
Varied cloud infrastructure was used to phish email credentials, monitor for and forward finance-related messages and automate operations.π Read
via "Threat Post".
Threat Post
Microsoft Disrupts Large-Scale, Cloud-Based BEC Campaign
Varied cloud infrastructure was used to phish email credentials, monitor for and forward finance-related messages and automate operations.
β Malicious PDFs Flood the Web, Lead to Password-Snarfing β
π Read
via "Threat Post".
SolarMarker makers are using SEO poisoning, stuffing thousands of PDFs with tens of thousands of pages full of SEO keywords & links to redirect to the malware.π Read
via "Threat Post".
Threat Post
Malicious PDFs Flood the Web, Lead to Password-Snarfing
SolarMarker makers are using SEO poisoning, stuffing thousands of PDFs with tens of thousands of pages full of SEO keywords & links to redirect to the malware.
π΄ What Industrial Control System Vulnerabilities Can Teach Us About Protecting the Supply Chain π΄
π Read
via "Dark Reading".
Older technologies used in industrial and critical infrastructure leave the sector highly vulnerable to attack, but organizations can take steps to better protect themselves.π Read
via "Dark Reading".
Dark Reading
What Industrial Control System Vulnerabilities Can Teach Us About Protecting the Supply Chain
Older technologies used in industrial and critical infrastructure leave the sector highly vulnerable to attack, but organizations can take steps to better protect themselves.
π΄ Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities π΄
π Read
via "Dark Reading".
Terbium Labs' products and services will become part of Deloitte's Detect & Respond lineup, the company confirms.π Read
via "Dark Reading".
βΌ CVE-2021-31497 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13311.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31487 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12715.π Read
via "National Vulnerability Database".
π΄ Andariel Group Targets South Korean Entities in New Campaign π΄
π Read
via "Dark Reading".
Andariel, designated as a sub-group of the Lazarus Group APT, has historically targeted South Korean organzations.π Read
via "Dark Reading".