π΄ Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours π΄
π Read
via "Dark Reading".
Automation allowed a REvil affiliate to move from exploitation of vulnerable servers to installing ransomware on downstream companies faster than most defenders could react.π Read
via "Dark Reading".
Dark Reading
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Automation allowed a REvil affiliate to move from exploitation of vulnerable servers to installing ransomware on downstream companies faster than most defenders could react.
π¦Ώ Scammers exploiting Kaseya ransomware attack to deploy malware π¦Ώ
π Read
via "Tech Republic".
A new phishing campaign claims to offer a security update for Kaseya's VSA software but actually tries to install malware, says Malwarebytes.π Read
via "Tech Republic".
TechRepublic
Scammers exploiting Kaseya ransomware attack to deploy malware
A new phishing campaign claims to offer a security update for Kaseya's VSA software but actually tries to install malware, says Malwarebytes.
βΌ CVE-2021-32714 βΌ
π Read
via "National Vulnerability Database".
hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper's HTTP server and client code had a flaw that could trigger an integer overflow when decoding chunk sizes that are too big. This allows possible data loss, or if combined with an upstream HTTP proxy that allows chunk sizes larger than hyper does, can result in "request smuggling" or "desync attacks." The vulnerability is patched in version 0.14.10. Two possible workarounds exist. One may reject requests manually that contain a `Transfer-Encoding` header or ensure any upstream proxy rejects `Transfer-Encoding` chunk sizes greater than what fits in 64-bit unsigned integers.π Read
via "National Vulnerability Database".
βΌ CVE-2007-5002 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21775 βΌ
π Read
via "National Vulnerability Database".
A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21807 βΌ
π Read
via "National Vulnerability Database".
An integer overflow vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34430 βΌ
π Read
via "National Vulnerability Database".
Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS traffic.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28809 βΌ
π Read
via "National Vulnerability Database".
An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3. If exploited, this vulnerability allows attackers to compromise the security of the operating system.QNAP have already fixed this vulnerability in the following versions of HBS 3: QTS 4.3.6: HBS 3 v3.0.210507 and later QTS 4.3.4: HBS 3 v3.0.210506 and later QTS 4.3.3: HBS 3 v3.0.210506 and laterπ Read
via "National Vulnerability Database".
βΌ CVE-2021-31817 βΌ
π Read
via "National Vulnerability Database".
When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31816 βΌ
π Read
via "National Vulnerability Database".
When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext.π Read
via "National Vulnerability Database".
π¦Ώ Ransomware: Top 5 more things to know π¦Ώ
π Read
via "Tech Republic".
Ransomware attacks are getting bigger and harder to defend against. Tom Merritt lists five more things about ransomware you need to know.π Read
via "Tech Republic".
π΄ What Colonial Pipeline Means for Commercial Building Cybersecurity π΄
π Read
via "Dark Reading".
Banks and hospitals may be common targets, but now commercial real estate must learn to protect itself against stealthy hackers.π Read
via "Dark Reading".
Dark Reading
What Colonial Pipeline Means for Commercial Building Cybersecurity
Banks and hospitals may be common targets, but now commercial real estate must learn to protect itself against stealthy hackers.
βΌ CVE-2021-21779 βΌ
π Read
via "National Vulnerability Database".
A use-after-free vulnerability exists in the way WebkitΓ’β¬β’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.π Read
via "National Vulnerability Database".
π΄ The NSA's 'New' Mission: Get More Public With the Private Sector π΄
π Read
via "Dark Reading".
The National Security Agency's gradual emergence from the shadows was "inevitable" in cybersecurity, says Vinnie Liu, co-founder and CEO of offensive security firm Bishop Fox and a former NSA analyst. Now the agency has to figure out how to best work with the private sector, especially organizations outside the well-resourced and seasoned Fortune 100.π Read
via "Dark Reading".
Dark Reading
The NSA's 'New' Mission: Get More Public With the Private Sector
The National Security Agency's gradual emergence from the shadows was "inevitable" in cybersecurity, says Vinnie Liu, co-founder and CEO of offensive security firm Bishop Fox and a former NSA analyst. Now the agency has to figure out how to best work withβ¦
π΄ Kaseya Hacked via Authentication Bypass π΄
π Read
via "Dark Reading".
The Kaseya ransomware attack is believed to have been down to an authentication bypass. Yes, ransomware needs to be on your radar -- but good authentication practices are also imperative.π Read
via "Dark Reading".
Dark Reading
Kaseya Hacked via Authentication Bypass
The Kaseya ransomware attack is believed to have been down to an authentication bypass. Yes, ransomware needs to be on your radar -- but good authentication practices are also imperative.
π¦Ώ Android app users targeted with cryptomining scams π¦Ώ
π Read
via "Tech Republic".
Found on Google Play and third-party app stores, the apps discovered by Lookout stole an estimated $350,000 from more than 93,000 people.π Read
via "Tech Republic".
TechRepublic
Android app users targeted with cryptomining scams
Found on Google Play and third-party app stores, the apps discovered by Lookout stole an estimated $350,000 from more than 93,000 people.
π¦Ώ 77% of executives plan to hire in the months ahead, according to a new poll π¦Ώ
π Read
via "Tech Republic".
West Monroe's executive poll details third-quarter hiring expectations, cybersecurity preparedness, investments to digitize business operations and more.π Read
via "Tech Republic".
TechRepublic
77% of executives plan to hire in the months ahead, according to a new poll
West Monroe's executive poll details third-quarter hiring expectations, cybersecurity preparedness, investments to digitize business operations and more.
π¦Ώ "Black Widow" digital premier a cover for malware and scams, says Kaspersky π¦Ώ
π Read
via "Tech Republic".
Phishing, malicious files and other forms of fraud have followed the highly awaited movie since it was first delayed due to COVID-19. On the eve of its actual release, the scams have begun anew.π Read
via "Tech Republic".
TechRepublic
"Black Widow" digital premier a cover for malware and scams, says Kaspersky
Phishing, malicious files and other forms of fraud have followed the highly awaited movie since it was first delayed due to COVID-19. On the eve of its actual release, the scams have begun anew.
β How Fake Accounts and Sneaker-Bots Took Over the Internet β
π Read
via "Threat Post".
Jason Kent, hacker-in-residence at Cequence Security, discusses fake online accounts, and the fraud they carry out on a daily basis.π Read
via "Threat Post".
Threat Post
How Fake Accounts and Sneaker-Bots Took Over the Internet
Jason Kent, hacker-in-residence at Cequence Security, discusses fake online accounts, and the fraud they carry out on a daily basis.
βΌ CVE-2021-29150 βΌ
π Read
via "National Vulnerability Database".
A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25440 βΌ
π Read
via "National Vulnerability Database".
Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege.π Read
via "National Vulnerability Database".