β CISA Offers New Mitigation for PrintNightmare Bug β
π Read
via "Threat Post".
CERT urges administrators to disable the Windows Print spooler service in Domain Controllers and systems that donβt print, while Microsoft attempts to clarify RCE flaw with a new CVE assignment.π Read
via "Threat Post".
Threat Post
CISA Offers New Mitigation for PrintNightmare Bug
CERT urges administrators to disable the Windows Print spooler service in Domain Controllers and systems that donβt print, while Microsoft attempts to clarify RCE flaw with a new CVE assignment.
βΌ CVE-2021-27455 βΌ
π Read
via "National Vulnerability Database".
Delta Electronics DOPSoft Versions 4.0.10.17 and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to disclose information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35029 βΌ
π Read
via "National Vulnerability Database".
An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.π Read
via "National Vulnerability Database".
β US email hacker gets his βcomputer trespassβ conviction reversed β
π Read
via "Naked Security".
Court says that we need to "avoid a construction that makes some language mere surplusage."π Read
via "Naked Security".
Naked Security
US email hacker gets his βcomputer trespassβ conviction reversed
Court says that we need to βavoid a construction that makes some language mere surplusage.β
π¦Ώ Container security: How to get the most out of best practices π¦Ώ
π Read
via "Tech Republic".
Containers are complex virtual entities that provide proven benefits to the business but also require strong security guidelines. Learn how to get the most out of container security best practices.π Read
via "Tech Republic".
π΄ WFH: A Smart Time to Revisit Employee Use of Social Media π΄
π Read
via "Dark Reading".
Employers have their hands full when it comes to monitoring online activities that could hurt the brand or violate the organization's core values.π Read
via "Dark Reading".
π Friday Five 7/2 π
π Read
via "".
Ransomware venture capital, VPN shutdowns, and the latest from Fancy Bear - catch up on all of the week's infosec news with the Friday Five!π Read
via "".
Digital Guardian
Friday Five 7/2
Ransomware venture capital, VPN shutdowns, and the latest from Fancy Bear - catch up on all of the week's infosec news with the Friday Five!
βΌ CVE-2021-36130 βΌ
π Read
via "National Vulnerability Database".
An XSS issue was discovered in the SocialProfile extension in MediaWiki through 1.36. Within several gift-related special pages, a privileged user with the awardmanage right could inject arbitrary HTML and JavaScript within various gift-related data fields. The attack could easily propagate across many pages for many users.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36132 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the FileImporter extension in MediaWiki through 1.36. For certain relaxed configurations of the $wgFileImporterRequiredRight variable, it might not validate all appropriate user rights, thus allowing a user with insufficient rights to perform operations (specifically file uploads) that they should not be allowed to perform.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3606 βΌ
π Read
via "National Vulnerability Database".
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe).π Read
via "National Vulnerability Database".
π΄ 5 Mistakes That Impact a Security Team's Success π΄
π Read
via "Dark Reading".
The way we work and treat each other go a long way in improving our organizations' security posture.π Read
via "Dark Reading".
Dark Reading
5 Mistakes That Impact a Security Team's Success
The way we work and treat each other go a long way in improving our organizations' security posture.
β TrickBot Spruces Up Its Banking Trojan Module β
π Read
via "Threat Post".
After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game.π Read
via "Threat Post".
Threat Post
TrickBot Spruces Up Its Banking Trojan Module
After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game.
βΌ CVE-2021-27950 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through 1.2.3.12 allows an authenticated attacker to execute arbitrary SQL commands via the id parameter to mesdocs.ajax.php in azurWebEngine/eShop. By default, the query is executed as DBA.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32735 βΌ
π Read
via "National Vulnerability Database".
Kirby is a content management system. In Kirby CMS versions 3.5.5 and 3.5.6, the Panel's `ListItem` component (used in the pages and files section for example) displayed HTML in page titles as it is. This could be used for cross-site scripting (XSS) attacks. Malicious authenticated Panel users can escalate their privileges if they get access to the Panel session of an admin user. Visitors without Panel access can use the attack vector if the site allows changing site data from a frontend form. Kirby 3.5.7 patches the vulnerability. As a partial workaround, site administrators can protect against attacks from visitors without Panel access by validating or sanitizing provided data from the frontend form.π Read
via "National Vulnerability Database".
π Suricata IDPE 6.0.3 π
π Read
via "Packet Storm Security".
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.π Read
via "Packet Storm Security".
Packetstormsecurity
Suricata IDPE 6.0.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ SOC Investment Improves Detection and Response Times, Data Shows π΄
π Read
via "Dark Reading".
A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.π Read
via "Dark Reading".
Dark Reading
SOC Investment Improves Detection and Response Times, Data Shows
A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.
π΄ Microsoft Issues New CVE for 'PrintNightmare' Flaw π΄
π Read
via "Dark Reading".
Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.π Read
via "Dark Reading".
Dark Reading
Microsoft Issues New CVE for 'PrintNightmare' Flaw
Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.
π΄ Secured-Core PCs May Mitigate Firmware Attacks, But Adoption Lags π΄
π Read
via "Dark Reading".
Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs - but most systems do not have the technology yet.π Read
via "Dark Reading".
βΌ CVE-2021-23402 βΌ
π Read
via "National Vulnerability Database".
All versions of package record-like-deep-assign are vulnerable to Prototype Pollution via the main functionality.π Read
via "National Vulnerability Database".
π΄ Barracuda Agrees to Acquire Skout Cybersecurity π΄
π Read
via "Dark Reading".
The acquisition will bring Barracuda into the extended detection and response (XDR) market with a tool for managed service providers.π Read
via "Dark Reading".
βΌ CVE-2021-32737 βΌ
π Read
via "National Vulnerability Database".
Sulu is an open-source PHP content management system based on the Symfony framework. In versions of Sulu prior to 1.6.41, it is possible for a logged in admin user to add a script injection (cross-site-scripting) in the collection title. The problem is patched in version 1.6.41. As a workaround, one may manually patch the affected JavaScript files in lieu of updating.π Read
via "National Vulnerability Database".