β Insider Versus Outsider: Navigating Top Data Loss Threats β
π Read
via "Threat Post".
Troy Gill, manager of security research at Zix, discusses the most common ways sensitive data is scooped up by nefarious sorts.π Read
via "Threat Post".
Threat Post
Insider Versus Outsider: Navigating Top Data Loss Threats
Troy Gill, manager of security research at Zix, discusses the most common ways sensitive data is scooped up by nefarious sorts.
βΌ CVE-2005-0394 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26834 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability exists in Znote 0.5.2. An attacker can insert payloads, and the code execution will happen immediately on markdown view mode.π Read
via "National Vulnerability Database".
β Carnival Cruise Cyber-Torpedoed by Cyberattack β
π Read
via "Threat Post".
This is the fourth time in a bit over a year that Carnivalβs admitted to breaches, with two of them being ransomware attacks.π Read
via "Threat Post".
Threat Post
Carnival Cruise Cyber-Torpedoed by Cyberattack
This is the fourth time in a bit over a year that Carnivalβs admitted to breaches, with two of them being ransomware attacks.
β Whatβs Making Your Company a Ransomware Sitting Duck β
π Read
via "Threat Post".
What's the low-hanging fruit for ransomware attackers? What steps could help to fend them off, and whatβs stopping organizations from implementing those steps?π Read
via "Threat Post".
βΌ CVE-2021-3604 βΌ
π Read
via "National Vulnerability Database".
Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information of users and administrator accounts stored in the database.π Read
via "National Vulnerability Database".
βΌ CVE-2020-18442 βΌ
π Read
via "National Vulnerability Database".
Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".π Read
via "National Vulnerability Database".
π΄ 11 Security Certifications to Seek Out This Summer π΄
π Read
via "Dark Reading".
The more you know, the more you grow. The Edge takes a fresh look at leading security certifications that can help advance your security career.π Read
via "Dark Reading".
Dark Reading
11 Security Certifications to Seek Out This Summer
The more you know, the more you grow. The Edge takes a fresh look at leading security certifications that can help advance your career.
β Can *YOU* blow a PC speaker using only a Linux kernel driver? β
π Read
via "Naked Security".
Can you help? There's a hidden meaning here, and it's time to find it!π Read
via "Naked Security".
Naked Security
Can *YOU* blow a PC speaker using only a Linux kernel driver?
Can you help? Thereβs a hidden meaning here, and itβs time to find it!
β S3 Ep37: Quantum crypto, refunding Bitcoins, and Alpaca problems [Podcast] β
π Read
via "Naked Security".
Latest episode - listen now!π Read
via "Naked Security".
Naked Security
S3 Ep37: Quantum crypto, refunding Bitcoins, and Alpaca problems [Podcast]
Latest episode β listen now!
βΌ CVE-2021-33818 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.π Read
via "National Vulnerability Database".
π΄ Accidental Insider Leaks Prove Major Source of Risk π΄
π Read
via "Dark Reading".
Research reports highlight growing concerns around insider negligence that leads to data breaches.π Read
via "Dark Reading".
Dark Reading
Accidental Insider Leaks Prove Major Source of Risk
Research reports highlight growing concerns around insider negligence that leads to data breaches.
π΄ Attackers Find New Way to Exploit Google Docs for Phishing π΄
π Read
via "Dark Reading".
Tactic continues recent trend by attackers to use trusted cloud services to send and host malicious content.π Read
via "Dark Reading".
βΌ CVE-2021-33823 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33824 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31272 βΌ
π Read
via "National Vulnerability Database".
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31662 βΌ
π Read
via "National Vulnerability Database".
RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33186 βΌ
π Read
via "National Vulnerability Database".
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24368 βΌ
π Read
via "National Vulnerability Database".
The Quiz And Survey Master ΓΒ’Γ’β¬Òβ¬Ε Best Quiz, Exam and Survey Plugin WordPress plugin before 7.1.18 did not sanitise or escape its result_id parameter when displaying an existing quiz result page, leading to a reflected Cross-Site Scripting issue. This could allow for privilege escalation by inducing a logged in admin to open a malicious linkπ Read
via "National Vulnerability Database".
βΌ CVE-2020-20467 βΌ
π Read
via "National Vulnerability Database".
White Shark System (WSS) 1.3.2 is vulnerable to sensitive information disclosure via default_task_add.php, remote attackers can exploit the vulnerability to create a task.π Read
via "National Vulnerability Database".