π¦Ώ Microsoft product vulnerabilities reached a new high of 1,268 in 2020 π¦Ώ
π Read
via "Tech Republic".
56% of all Microsoft critical vulnerabilities could have been mitigated by removing admin rights, according to the 2021 BeyondTrust Microsoft Vulnerabilities Report.π Read
via "Tech Republic".
π΄ How Does the Government Buy Its Cybersecurity? π΄
π Read
via "Dark Reading".
The federal government is emphasizing cybersecurity regulation, education, and defense strategies this year.π Read
via "Dark Reading".
β SASE & Zero Trust: The Dream Team β
π Read
via "Threat Post".
Forcepointβs Nico Fischbach, global CTO and VPE of SASE, and Chase Cunningham, chief strategy officer at Ericom Software, on using SASE to make Zero Trust real.π Read
via "Threat Post".
π Hashcat Advanced Password Recovery 6.2.2 Source Code π
π Read
via "Packet Storm Security".
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Hashcat Advanced Password Recovery 6.2.2 Source Code β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ How President Biden Can Better Defend the US From Russian Hacks π΄
π Read
via "Dark Reading".
Wilson Center cybersecurity expert Meg King pinpoints five ambitious steps the administration should take, including a comprehensive national data breach notification protocol.π Read
via "Dark Reading".
Dark Reading
How President Biden Can Better Defend the US From Russian Hacks
Wilson Center cybersecurity expert Meg King pinpoints five ambitious steps the administration should take, including a comprehensive national data breach notification protocol.
β Microsoft Disrupts Large-Scale, Cloud-Based BEC Campaign β
π Read
via "Threat Post".
Varied cloud infrastructure was used to phish email credentials, monitor for and forward finance-related messages and automate operations.π Read
via "Threat Post".
Threat Post
Microsoft Disrupts Large-Scale, Cloud-Based BEC Campaign
Varied cloud infrastructure was used to phish email credentials, monitor for and forward finance-related messages and automate operations.
β Malicious PDFs Flood the Web, Lead to Password-Snarfing β
π Read
via "Threat Post".
SolarMarker makers are using SEO poisoning, stuffing thousands of PDFs with tens of thousands of pages full of SEO keywords & links to redirect to the malware.π Read
via "Threat Post".
Threat Post
Malicious PDFs Flood the Web, Lead to Password-Snarfing
SolarMarker makers are using SEO poisoning, stuffing thousands of PDFs with tens of thousands of pages full of SEO keywords & links to redirect to the malware.
π΄ What Industrial Control System Vulnerabilities Can Teach Us About Protecting the Supply Chain π΄
π Read
via "Dark Reading".
Older technologies used in industrial and critical infrastructure leave the sector highly vulnerable to attack, but organizations can take steps to better protect themselves.π Read
via "Dark Reading".
Dark Reading
What Industrial Control System Vulnerabilities Can Teach Us About Protecting the Supply Chain
Older technologies used in industrial and critical infrastructure leave the sector highly vulnerable to attack, but organizations can take steps to better protect themselves.
π΄ Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities π΄
π Read
via "Dark Reading".
Terbium Labs' products and services will become part of Deloitte's Detect & Respond lineup, the company confirms.π Read
via "Dark Reading".
βΌ CVE-2021-31497 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13311.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31487 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12715.π Read
via "National Vulnerability Database".
π΄ Andariel Group Targets South Korean Entities in New Campaign π΄
π Read
via "Dark Reading".
Andariel, designated as a sub-group of the Lazarus Group APT, has historically targeted South Korean organzations.π Read
via "Dark Reading".
β Millions of Connected Cameras Open to Eavesdropping β
π Read
via "Threat Post".
A supply-chain component lays open camera feeds to remote attackers thanks to a critical security vulnerability.π Read
via "Threat Post".
Threat Post
Millions of Connected Cameras Open to Eavesdropping
A supply-chain component lays open camera feeds to remote attackers thanks to a critical security vulnerability.
π΄ Security Experts Scrutinize Apple, Amazon IoT Networks π΄
π Read
via "Dark Reading".
Both companies have done their due diligence in creating connected-device networks, but the pervasiveness of the devices worries some security researchers.π Read
via "Dark Reading".
Dark Reading
Security Experts Scrutinize Apple, Amazon IoT Networks
Both companies have done their due diligence in creating connected-device networks, but the pervasiveness of the devices worries some security researchers.
π΄ Microsoft Disrupts Large-Scale BEC Campaign Across Web Services π΄
π Read
via "Dark Reading".
Attackers had used the cloud-based infrastructure to target mailboxes and add forwarding rules to learn about financial transactions.π Read
via "Dark Reading".
π΄ Thousands of VMware vCenter Servers Remain Open to Attack Over the Internet π΄
π Read
via "Dark Reading".
Three weeks after company disclosed two critical vulnerabilities in the workload management utility, many organizations have not patched the technology yet, security vendor says.π Read
via "Dark Reading".
Dark Reading
Thousands of VMware vCenter Servers Remain Open to Attack Over the Internet
Three weeks after company disclosed two critical vulnerabilities in the workload management utility, many organizations have not patched the technology yet, security vendor says.
βΌ CVE-2021-34170 βΌ
π Read
via "National Vulnerability Database".
Bandai Namco FromSoftware Dark Souls III allows remote attackers to execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2020-21316 βΌ
π Read
via "National Vulnerability Database".
A Cross-site scripting (XSS) vulnerability exists in the comment section in ZrLog 2.1.3, which allows remote attackers to inject arbitrary web script and stolen administrator cookies via the nickname parameter and gain access to the admin panel.π Read
via "National Vulnerability Database".
βΌ CVE-2021-30550 βΌ
π Read
via "National Vulnerability Database".
Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24037 βΌ
π Read
via "National Vulnerability Database".
A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32623 βΌ
π Read
via "National Vulnerability Database".
Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a (seemingly permanent) denial of service attack, essentially taking down Opencast using a single HTTP request. To exploit this, users need to have ingest privileges, limiting the group of potential attackers The problem has been fixed in Opencast 9.6. There is no known workaround for this issue.π Read
via "National Vulnerability Database".