β Microsoft Office Users Warned on New Malware-Protection Bypass β
π Read
via "Threat Post".
Word and Excel documents are enlisted to disable Office macro warnings, so the Zloader banking malware can be downloaded onto systems without security tools flagging it.π Read
via "Threat Post".
Threat Post
Microsoft Office Users Warned on New Malware-Protection Bypass
Word and Excel documents are enlisted to disable Office macro warnings, so the Zloader banking malware can be downloaded onto systems without security tools flagging it.
βΌ CVE-2021-3541 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.π Read
via "National Vulnerability Database".
π΄ CISA Analysis Reveals Successful Attack Techniques of FY 2020 π΄
π Read
via "Dark Reading".
The analysis shows potential attack paths and the most effective techniques for each tactic documented in CISA's Risk and Vulnerability Assessments.π Read
via "Dark Reading".
Dark Reading
CISA Analysis Reveals Successful Attack Techniques of FY 2020
The analysis shows potential attack paths and the most effective techniques for each tactic documented in CISA's Risk and Vulnerability Assessments.
βΌ CVE-2021-24007 βΌ
π Read
via "National Vulnerability Database".
Multiple improper neutralization of special elements of SQL commands vulnerabilities in FortiMail before 6.4.4 may allow a non-authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22129 βΌ
π Read
via "National Vulnerability Database".
Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests.π Read
via "National Vulnerability Database".
π΄ How Dangerous is Malware? New Report Finds It's Tough to Tell π΄
π Read
via "Dark Reading".
Determining which malware is most damaging, and worthy of immediate attention, has become difficult in environments filled with alerts and noise.π Read
via "Dark Reading".
βΌ CVE-2021-36367 βΌ
π Read
via "National Vulnerability Database".
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).π Read
via "National Vulnerability Database".
βΌ CVE-2021-36371 βΌ
π Read
via "National Vulnerability Database".
Emissary-Ingress (formerly Ambassador API Gateway) through 1.13.9 allows attackers to bypass client certificate requirements (i.e., mTLS cert_required) on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate authentication. The attacker must send an SNI specifying an unprotected backend and an HTTP Host header specifying a protected backend.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25394 βΌ
π Read
via "National Vulnerability Database".
A stored cross site scripting (XSS) vulnerability in moziloCMS 2.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Content" parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25876 βΌ
π Read
via "National Vulnerability Database".
A stored cross site scripting (XSS) vulnerability in the 'Pages' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Page Title' parameter.π Read
via "National Vulnerability Database".
β Cyber Polygon 2021: Towards Secure Development of Digital Ecosystems β
π Read
via "Threat Post".
Cybersecurity is one of the most important topics on the global agenda, boosted by the pandemic. As the global digitalisation is further accelerating, the world is becoming ever more interconnected. Digital ecosystems are being created all around us: countries, corporations and individuals are taking advantage of the rapid spread of the Internet and smart devices. In this context, a single vulnerable link is enough to bring down the entire system, just like the domino effect.π Read
via "Threat Post".
Threat Post
Cyber Polygon 2021: Towards Secure Development of Digital Ecosystems
Cybersecurity is one of the most important topics on the global agenda, boosted by the pandemic. As the global digitalisation is further accelerating, the world is becoming ever more interconnected. Digital ecosystems are being created all around us: countriesβ¦
βΌ CVE-2021-29106 βΌ
π Read
via "National Vulnerability Database".
A reflected Cross Site Scripting (XXS) vulnerability in ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the userΓ’β¬β’s browser.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29103 βΌ
π Read
via "National Vulnerability Database".
A reflected Cross Site Scripting (XXS) vulnerability in ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the userΓ’β¬β’s browser.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29105 βΌ
π Read
via "National Vulnerability Database".
A stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Services Directory version 10.8.1 and below may allow a remote authenticated attacker to pass and store malicious strings in the ArcGIS Services Directory.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22917 βΌ
π Read
via "National Vulnerability Database".
Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27293 βΌ
π Read
via "National Vulnerability Database".
RestSharp < 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service (ReDoS) when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus the remote server can trigger Denial of Service.π Read
via "National Vulnerability Database".
π΄ Navigating Active Directory Security: Dangers and Defenses π΄
π Read
via "Dark Reading".
Microsoft Active Directory, ubiquitous across enterprises, has long been a primary target for attackers seeking network access and sensitive data.π Read
via "Dark Reading".
Dark Reading
Navigating Active Directory Security: Dangers and Defenses
Microsoft Active Directory, ubiquitous across enterprises, has long been a primary target for attackers seeking network access and sensitive data.
βΌ CVE-2021-30129 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0π Read
via "National Vulnerability Database".
βΌ CVE-2021-32679 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, filenames where not escaped by default in controllers using `DownloadResponse`. When a user-supplied filename was passed unsanitized into a `DownloadResponse`, this could be used to trick users into downloading malicious files with a benign file extension. This would show in UI behaviours where Nextcloud applications would display a benign file extension (e.g. JPEG), but the file will actually be downloaded with an executable file extension. The vulnerability is patched in versions 19.0.13, 20.0.11, and 21.0.3. Administrators of Nextcloud instances do not have a workaround available, but developers of Nextcloud apps may manually escape the file name before passing it into `DownloadResponse`.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32678 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, ratelimits are not applied to OCS API responses. This affects any OCS API controller (`OCSController`) using the `@BruteForceProtection` annotation. Risk depends on the installed applications on the Nextcloud Server, but could range from bypassing authentication ratelimits or spamming other Nextcloud users. The vulnerability is patched in versions 19.0.13, 20.0.11, and 21.0.3. No workarounds aside from upgrading are known to exist.π Read
via "National Vulnerability Database".
π΄ AI and Cybersecurity: Making Sense of the Confusion π΄
π Read
via "Dark Reading".
Artificial intelligence is a maturing area in cybersecurity, but there are different concerns depending on whether you're a defender or an attacker.π Read
via "Dark Reading".
Dark Reading
AI and Cybersecurity: Making Sense of the Confusion
Artificial intelligence is a maturing area in cybersecurity, but there are different concerns depending on whether you're a defender or an attacker.