🦿 Container security: How to get the most out of best practices 🦿
📖 Read
via "Tech Republic".
Containers are complex virtual entities that provide proven benefits to the business but also require strong security guidelines. Learn how to get the most out of container security best practices.📖 Read
via "Tech Republic".
🕴 WFH: A Smart Time to Revisit Employee Use of Social Media 🕴
📖 Read
via "Dark Reading".
Employers have their hands full when it comes to monitoring online activities that could hurt the brand or violate the organization's core values.📖 Read
via "Dark Reading".
🔏 Friday Five 7/2 🔏
📖 Read
via "".
Ransomware venture capital, VPN shutdowns, and the latest from Fancy Bear - catch up on all of the week's infosec news with the Friday Five!📖 Read
via "".
Digital Guardian
Friday Five 7/2
Ransomware venture capital, VPN shutdowns, and the latest from Fancy Bear - catch up on all of the week's infosec news with the Friday Five!
‼ CVE-2021-36130 ‼
📖 Read
via "National Vulnerability Database".
An XSS issue was discovered in the SocialProfile extension in MediaWiki through 1.36. Within several gift-related special pages, a privileged user with the awardmanage right could inject arbitrary HTML and JavaScript within various gift-related data fields. The attack could easily propagate across many pages for many users.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36132 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in the FileImporter extension in MediaWiki through 1.36. For certain relaxed configurations of the $wgFileImporterRequiredRight variable, it might not validate all appropriate user rights, thus allowing a user with insufficient rights to perform operations (specifically file uploads) that they should not be allowed to perform.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3606 ‼
📖 Read
via "National Vulnerability Database".
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe).📖 Read
via "National Vulnerability Database".
🕴 5 Mistakes That Impact a Security Team's Success 🕴
📖 Read
via "Dark Reading".
The way we work and treat each other go a long way in improving our organizations' security posture.📖 Read
via "Dark Reading".
Dark Reading
5 Mistakes That Impact a Security Team's Success
The way we work and treat each other go a long way in improving our organizations' security posture.
❌ TrickBot Spruces Up Its Banking Trojan Module ❌
📖 Read
via "Threat Post".
After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game.📖 Read
via "Threat Post".
Threat Post
TrickBot Spruces Up Its Banking Trojan Module
After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game.
‼ CVE-2021-27950 ‼
📖 Read
via "National Vulnerability Database".
A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through 1.2.3.12 allows an authenticated attacker to execute arbitrary SQL commands via the id parameter to mesdocs.ajax.php in azurWebEngine/eShop. By default, the query is executed as DBA.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-32735 ‼
📖 Read
via "National Vulnerability Database".
Kirby is a content management system. In Kirby CMS versions 3.5.5 and 3.5.6, the Panel's `ListItem` component (used in the pages and files section for example) displayed HTML in page titles as it is. This could be used for cross-site scripting (XSS) attacks. Malicious authenticated Panel users can escalate their privileges if they get access to the Panel session of an admin user. Visitors without Panel access can use the attack vector if the site allows changing site data from a frontend form. Kirby 3.5.7 patches the vulnerability. As a partial workaround, site administrators can protect against attacks from visitors without Panel access by validating or sanitizing provided data from the frontend form.📖 Read
via "National Vulnerability Database".
🛠 Suricata IDPE 6.0.3 🛠
📖 Read
via "Packet Storm Security".
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.📖 Read
via "Packet Storm Security".
Packetstormsecurity
Suricata IDPE 6.0.3 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🕴 SOC Investment Improves Detection and Response Times, Data Shows 🕴
📖 Read
via "Dark Reading".
A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.📖 Read
via "Dark Reading".
Dark Reading
SOC Investment Improves Detection and Response Times, Data Shows
A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.
🕴 Microsoft Issues New CVE for 'PrintNightmare' Flaw 🕴
📖 Read
via "Dark Reading".
Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.📖 Read
via "Dark Reading".
Dark Reading
Microsoft Issues New CVE for 'PrintNightmare' Flaw
Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.
🕴 Secured-Core PCs May Mitigate Firmware Attacks, But Adoption Lags 🕴
📖 Read
via "Dark Reading".
Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs - but most systems do not have the technology yet.📖 Read
via "Dark Reading".
‼ CVE-2021-23402 ‼
📖 Read
via "National Vulnerability Database".
All versions of package record-like-deep-assign are vulnerable to Prototype Pollution via the main functionality.📖 Read
via "National Vulnerability Database".
🕴 Barracuda Agrees to Acquire Skout Cybersecurity 🕴
📖 Read
via "Dark Reading".
The acquisition will bring Barracuda into the extended detection and response (XDR) market with a tool for managed service providers.📖 Read
via "Dark Reading".
‼ CVE-2021-32737 ‼
📖 Read
via "National Vulnerability Database".
Sulu is an open-source PHP content management system based on the Symfony framework. In versions of Sulu prior to 1.6.41, it is possible for a logged in admin user to add a script injection (cross-site-scripting) in the collection title. The problem is patched in version 1.6.41. As a workaround, one may manually patch the affected JavaScript files in lieu of updating.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-23185 ‼
📖 Read
via "National Vulnerability Database".
A stored cross site scripting (XSS) vulnerability in /administration/setting_security.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-23178 ‼
📖 Read
via "National Vulnerability Database".
An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out, allowing for an attacker to perform a session replay attack and impersonate the victim user.📖 Read
via "National Vulnerability Database".
🦿 You don't have to be a tech expert to become a cybersecurity pro 🦿
📖 Read
via "Tech Republic".
Attention to detail, creativity and perseverance are key traits for a good white hat hacker. These positions are in high demand.📖 Read
via "Tech Republic".
‼ CVE-2021-36146 ‼
📖 Read
via "National Vulnerability Database".
ACRN before 2.5 has a devicemodel/hw/pci/xhci.c NULL Pointer Dereference for a trb pointer.📖 Read
via "National Vulnerability Database".