βΌ CVE-2021-35475 βΌ
π Read
via "National Vulnerability Database".
SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties.π Read
via "National Vulnerability Database".
β Hackers Crack Pirated Games with Cryptojacking Malware β
π Read
via "Threat Post".
Threat actors have so far made about $2 million from Crackonosh, which secretly mines Monero cryptocurrency from affected devices.π Read
via "Threat Post".
Threat Post
Hackers Crack Pirated Games with Cryptojacking Malware
Threat actors have so far made about $2 million from Crackonosh, which secretly mines Monero cryptocurrency from affected devices.
π΄ 7 Unconventional Pieces of Password Wisdom π΄
π Read
via "Dark Reading".
Challenging common beliefs about best practices in password hygiene.π Read
via "Dark Reading".
Dark Reading
7 Unconventional Pieces of Password Wisdom
Challenging common beliefs about best practices in password hygiene.
βΌ CVE-2021-31615 βΌ
π Read
via "National Vulnerability Database".
Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its packet transmission to achieve full MITM status without terminating the link. When applied against devices establishing or using encrypted links, crafted packets may be used to terminate an existing link, but will not compromise the confidentiality or integrity of the link.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35049 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost and return results in an HTTP response in an authenticated session. The vulnerability is present in Fidelis Network and Deception versions prior to 9.3.7 and in version 9.4. Patches and updates are available to address this vulnerability.π Read
via "National Vulnerability Database".
π΄ High-Level FIN7 Member Sentenced to 7 Years in Prison π΄
π Read
via "Dark Reading".
Andrii Kolpakov, who served as a high-level pentester for the criminal group, was also ordered to pay $2.5 million in restitution.π Read
via "Dark Reading".
β My Book Live Users Wake Up to Wiped Devices, Active RCE Attacks β
π Read
via "Threat Post".
βI am totally screwed,β one user wailed after finding years of data nuked. Western Digital advised yanking the NAS storage devices offline ASAP: There's an exploit.π Read
via "Threat Post".
Threat Post
My Book Live Users Wake Up to Wiped Devices, Active RCE Attacks
βI am totally screwed,β one user wailed after finding years of data nuked. Western Digital advised yanking the NAS storage devices offline ASAP: There's an exploit.
π΄ School's Out for Summer, but Don't Close the Book on Cybersecurity Training π΄
π Read
via "Dark Reading".
Strengthening their security posture should be at the top of school IT departments' summer to-do list.π Read
via "Dark Reading".
βΌ CVE-2021-34184 βΌ
π Read
via "National Vulnerability Database".
Miniaudio 0.10.35 has a Double free vulnerability that could cause a buffer overflow in ma_default_vfs_close__stdio in miniaudio.h.π Read
via "National Vulnerability Database".
β Cisco ASA Bug Now Actively Exploited as PoC Drops β
π Read
via "Threat Post".
In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish exploit code on Twitter.π Read
via "Threat Post".
Threat Post
Cisco ASA Bug Now Actively Exploited as PoC Drops
In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish exploit code on Twitter.
π Flawfinder 2.0.18 π
π Read
via "Packet Storm Security".
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.π Read
via "Packet Storm Security".
Packetstormsecurity
Flawfinder 2.0.18 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Friday Five 6/25 π
π Read
via "".
Ransomware debates, spyware indictments, and CISA confirmations- catch up on all of the week's infosec news with the Friday Five!π Read
via "".
Digital Guardian
Friday Five 6/25
Ransomware debates, spyware indictments, and CISA confirmations- catch up on all of the week's infosec news with the Friday Five!
π΄ Data Privacy Is in 23andMe CSO's DNA π΄
π Read
via "Dark Reading".
How serious is the company about safeguarding its customers and their genetic information? "We're hiding data even from ourselves," says the biotech and genetic testing company's head of security.π Read
via "Dark Reading".
Dark Reading
Data Privacy Is in 23andMe CSO's DNA
How serious is the company about safeguarding its customers and their genetic information? "We're hiding data even from ourselves," says the biotech and genetic testing company's head of security.
βΌ CVE-2021-3314 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35501 βΌ
π Read
via "National Vulnerability Database".
PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. When a user or an administrator visits the console, the XSS payload will be executed.π Read
via "National Vulnerability Database".
β FIN7 βPen Testerβ Headed to Jail Amid $1B in Payment-Card Losses β
π Read
via "Threat Post".
One of the Carbanak cybergang's highest-level hackers is destined to serve seven years while making $2.5 million in restitution payments.π Read
via "Threat Post".
Threat Post
FIN7 βPen Testerβ Headed to Jail Amid $1B in Payment-Card Losses
One of the Carbanak cybergang's highest-level hackers is destined to serve seven years while making $2.5 million in restitution payments.
π¦Ώ Ransomware-as-a-service business model takes a hit in the aftermath of the Colonial Pipeline attack π¦Ώ
π Read
via "Tech Republic".
Cybercrime gangs are finding it harder to recruit partners for the affiliate programs that power ransomware attacks.π Read
via "Tech Republic".
TechRepublic
Ransomware-as-a-service business model takes a hit in the aftermath of the Colonial Pipeline attack
Cybercrime gangs are finding it harder to recruit partners for the affiliate programs that power ransomware attacks.
βΌ CVE-2021-33529 βΌ
π Read
via "National Vulnerability Database".
In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within the service agent binary allows for the decryption of captured traffic across the network from or to the device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33532 βΌ
π Read
via "National Vulnerability Database".
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33542 βΌ
π Read
via "National Vulnerability Database".
Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data. The attacker needs to get access to an original bus configuration file (*.bcp) to be able to manipulate data inside. After manipulation the attacker needs to exchange the original file by the manipulated one on the application programming workstation. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities. Automated systems in operation which were programmed with one of the above-mentioned products are not affected.π Read
via "National Vulnerability Database".
π¦Ώ Linux: How to find details about user logins π¦Ώ
π Read
via "Tech Republic".
If you need to gather information on user logins for your Linux servers, Jack Wallen has just the tool for you.π Read
via "Tech Republic".
TechRepublic
How to find details about user logins on Linux
If you need to gather information on user logins for your Linux servers, Jack Wallen has just the tool for you.