🦿 How legitimate security tool Cobalt Strike is being used in cyberattacks 🦿
📖 Read
via "Tech Republic".
Normally used by organizations for penetration testing, Cobalt Strike is exploited by cybercriminals to launch attacks, says Proofpoint.📖 Read
via "Tech Republic".
TechRepublic
How legitimate security tool Cobalt Strike is being used in cyberattacks
Normally used by organizations for penetration testing, Cobalt Strike is exploited by cybercriminals to launch attacks, says Proofpoint.
🦿 Cyberattacks and ransomware are no longer burglary; they're home invasion, expert says 🦿
📖 Read
via "Tech Republic".
More than 3.5 million people worldwide are needed to play defense against cyberattacks.📖 Read
via "Tech Republic".
TechRepublic
Cyberattacks and ransomware are no longer burglary; they're home invasion, expert says
More than 3.5 million people worldwide are needed to play defense against cyberattacks.
🕴 CISA Publishes Catalog of Poor Security Practices 🕴
📖 Read
via "Dark Reading".
Organizations often focus on promoting best practices, CISA says, but stopping poor security practices is equally important.📖 Read
via "Dark Reading".
❌ Users Clueless About Cybersecurity Risks: Study ❌
📖 Read
via "Threat Post".
The return to offices, coupled with uninformed users (including IT pros) has teed up an unprecedented risk of enterprise attack.📖 Read
via "Threat Post".
Threat Post
Users Clueless About Cybersecurity Risks: Study
The return to offices, coupled with uninformed users, has teed up an unprecedented risk of enterprise attack.
🦿 iOS 15: How to enable Mail Privacy Protection 🦿
📖 Read
via "Tech Republic".
If you have access to Apple's iOS 15 Developer Beta, learn how to use an important security feature called Mail Privacy Protection.📖 Read
via "Tech Republic".
TechRepublic
iOS 15: How to enable Mail Privacy Protection
Learn how to use the new iOS 15 security feature called Mail Privacy Protection, which can hide your IP address and other tracking data often sent to marketers without your knowledge.
‼ CVE-2021-32721 ‼
📖 Read
via "National Vulnerability Database".
PowerMux is a drop-in replacement for Go's http.ServeMux. In PowerMux versions prior to 1.1.1, attackers may be able to craft phishing links and other open redirects by exploiting the trailing slash redirection feature. This may lead to users being redirected to untrusted sites after following an attacker crafted link. The issue is resolved in v1.1.1. There are no existing workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22338 ‼
📖 Read
via "National Vulnerability Database".
There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not perform the strict operation to the input XML message. Attacker can send specific message to exploit this vulnerability, leading to the module denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-23275 ‼
📖 Read
via "National Vulnerability Database".
The Windows Installation component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Server, TIBCO Spotfire Server, TIBCO Spotfire Server, TIBCO Spotfire Statistics Services, TIBCO Spotfire Statistics Services, and TIBCO Spotfire Statistics Services contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from a lack of access restrictions on certain files and/or folders in the installation. Affected releases are TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition: versions 1.2.4 and below, TIBCO Enterprise Runtime for R - Server Edition: versions 1.3.0 and 1.3.1, TIBCO Enterprise Runtime for R - Server Edition: versions 1.4.0, 1.5.0, and 1.6.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions 11.3.0 and below, TIBCO Spotfire Server: versions 10.3.12 and below, TIBCO Spotfire Server: versions 10.4.0, 10.5.0, 10.6.0, 10.6.1, 10.7.0, 10.8.0, 10.8.1, 10.9.0, 10.10.0, 10.10.1, 10.10.2, 10.10.3, and 10.10.4, TIBCO Spotfire Server: versions 11.0.0, 11.1.0, 11.2.0, and 11.3.0, TIBCO Spotfire Statistics Services: versions 10.3.0 and below, TIBCO Spotfire Statistics Services: versions 10.10.0, 10.10.1, and 10.10.2, and TIBCO Spotfire Statistics Services: versions 11.1.0, 11.2.0, and 11.3.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-29480 ‼
📖 Read
via "National Vulnerability Database".
Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the client side session module uses the application startup time as the signing key by default. This means that if an attacker can determine this time, and if encryption is not also used (which is recommended, but is not on by default), the session data could be tampered with by someone with the ability to write cookies. The default configuration is unsuitable for production use as an application restart renders all sessions invalid and is not multi-host compatible, but its use is not actively prevented. As of Ratpack 1.9.0, the default value is a securely randomly generated value, generated at application startup time. As a workaround, supply an alternative signing key, as per the documentation's recommendation.📖 Read
via "National Vulnerability Database".
🕴 Ransomware Losses Drive Up Cyber-Insurance Costs 🕴
📖 Read
via "Dark Reading".
Premiums have gone up by 7% on average for small firms and between 10% and 40% for medium and large businesses.📖 Read
via "Dark Reading".
🕴 Google Updates Vulnerability Data Format to Support Automation 🕴
📖 Read
via "Dark Reading".
The Open Source Vulnerability schema supports automated vulnerability handling in Go, Rust, Python, and Distributed Weakness Filing system, and it could be the favored format for future exporting of data.📖 Read
via "Dark Reading".
Dark Reading
Google Updates Vulnerability Data Format to Support Automation
The Open Source Vulnerability schema supports automated vulnerability handling in Go, Rust, Python, and Distributed Weakness Filing system, and it could be the favored format for future exporting of data.
‼ CVE-2021-22329 ‼
📖 Read
via "National Vulnerability Database".
There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22341 ‼
📖 Read
via "National Vulnerability Database".
There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35959 ‼
📖 Read
via "National Vulnerability Database".
In Plone 5.0 through 5.2.4, Editors are vulnerable to XSS in the folder contents view, if a Contributor has created a folder with a SCRIPT tag in the description field.📖 Read
via "National Vulnerability Database".
🦿 Windows 11: Understanding the system requirements and the security benefits 🦿
📖 Read
via "Tech Republic".
Security is a big part of Windows 11, but so is delivering productivity and a good experience with all the security features turned on.📖 Read
via "Tech Republic".
TechRepublic
Windows 11: Understanding the system requirements and the security benefits
Security is a big part of Windows 11, but so is delivering productivity and a good experience with all the security features turned on.
‼ CVE-2021-32566 ‼
📖 Read
via "National Vulnerability Database".
Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35474 ‼
📖 Read
via "National Vulnerability Database".
Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.📖 Read
via "National Vulnerability Database".
⚠ Police warn of WhatsApp scams in time for Social Media Day ⚠
📖 Read
via "Naked Security".
Happy Social Media Day! Make it a day to review whether your social media security really is up to scratch.📖 Read
via "Naked Security".
Naked Security
Police warn of WhatsApp scams in time for Social Media Day
Happy Social Media Day! Make it a day to review whether your social media security really is up to scratch.
‼ CVE-2021-34383 ‼
📖 Read
via "National Vulnerability Database".
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-28692 ‼
📖 Read
via "National Vulnerability Database".
inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead, the issuing CPU spin-waits for the completion of the most recently issued command(s). Some of these waiting loops try to apply a timeout to fail overly-slow commands. The course of action upon a perceived timeout actually being detected is inappropriate: - on Intel hardware guests which did not originally cause the timeout may be marked as crashed, - on AMD hardware higher layer callers would not be notified of the issue, making them continue as if the IOMMU operation succeeded.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34385 ‼
📖 Read
via "National Vulnerability Database".
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calculation of a length could lead to a heap overflow.📖 Read
via "National Vulnerability Database".