βΌ CVE-2021-30129 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0π Read
via "National Vulnerability Database".
βΌ CVE-2021-32679 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, filenames where not escaped by default in controllers using `DownloadResponse`. When a user-supplied filename was passed unsanitized into a `DownloadResponse`, this could be used to trick users into downloading malicious files with a benign file extension. This would show in UI behaviours where Nextcloud applications would display a benign file extension (e.g. JPEG), but the file will actually be downloaded with an executable file extension. The vulnerability is patched in versions 19.0.13, 20.0.11, and 21.0.3. Administrators of Nextcloud instances do not have a workaround available, but developers of Nextcloud apps may manually escape the file name before passing it into `DownloadResponse`.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32678 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, ratelimits are not applied to OCS API responses. This affects any OCS API controller (`OCSController`) using the `@BruteForceProtection` annotation. Risk depends on the installed applications on the Nextcloud Server, but could range from bypassing authentication ratelimits or spamming other Nextcloud users. The vulnerability is patched in versions 19.0.13, 20.0.11, and 21.0.3. No workarounds aside from upgrading are known to exist.π Read
via "National Vulnerability Database".
π΄ AI and Cybersecurity: Making Sense of the Confusion π΄
π Read
via "Dark Reading".
Artificial intelligence is a maturing area in cybersecurity, but there are different concerns depending on whether you're a defender or an attacker.π Read
via "Dark Reading".
Dark Reading
AI and Cybersecurity: Making Sense of the Confusion
Artificial intelligence is a maturing area in cybersecurity, but there are different concerns depending on whether you're a defender or an attacker.
π΄ Kaseya Releases Security Patch As Companies Continue to Recover π΄
π Read
via "Dark Reading".
Estimates indicate the number of affected companies could grow, while Kaseya faces renewed scrutiny as former employees reportedly criticize its lack of focus on security.π Read
via "Dark Reading".
Dark Reading
Kaseya Releases Security Patch as Companies Continue to Recover
Estimates indicate the number of affected companies could grow, while Kaseya faces renewed scrutiny as former employees reportedly criticize its lack of focus on security.
β Kaseya Patches Zero-Days Used in REvil Attacks β
π Read
via "Threat Post".
The security update addresses three VSA vulnerabilities used by the ransomware gang to launch a worldwide supply-chain attack on MSPs and their customers.π Read
via "Threat Post".
Threat Post
Kaseya Patches Zero-Days Used in REvil Attacks
The security update addresses three VSA vulnerabilities used by the ransomware gang to launch a worldwide supply-chain attack on MSPs and their customers.
βΌ CVE-2021-30639 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between requests. This meant that once a non-blocking I/O error occurred, all future requests handled by that request object would fail. Users were able to trigger non-blocking I/O errors, e.g. by dropping a connection, thereby creating the possibility of triggering a DoS. Applications that do not use non-blocking I/O are not exposed to this vulnerability. This issue affects Apache Tomcat 10.0.3 to 10.0.4; 9.0.44; 8.5.64.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36382 βΌ
π Read
via "National Vulnerability Database".
Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).π Read
via "National Vulnerability Database".
βΌ CVE-2020-18979 βΌ
π Read
via "National Vulnerability Database".
Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via theX-forwarded-for Header parameter.π Read
via "National Vulnerability Database".
β Where do all those cybercrime payments go? β
π Read
via "Naked Security".
Yes, the headline is a rhetorical question. But sometimes we get literal answers, and they're well worth remembering.π Read
via "Naked Security".
Naked Security
Where do all those cybercrime payments go?
Yes, the headline is a rhetorical question. But sometimes we get literal answers, and theyβre well worth remembering.
π¦Ώ The most dangerous messaging apps on Android π¦Ώ
π Read
via "Tech Republic".
Messaging apps are becoming some of the most popular smartphone programs in the world, and that means more attempts to phish their users, Kaspersky finds.π Read
via "Tech Republic".
TechRepublic
The most dangerous messaging apps on Android
Messaging apps are becoming some of the most popular smartphone programs in the world, and that means more attempts to phish their users, Kaspersky finds.
β Donβt get tricked by this crashtastic iPhone Wi-Fi hack! β
π Read
via "Naked Security".
Learn how the trick works so that you can avoid it in case someone thinks it's a joke to catch you out.π Read
via "Naked Security".
Naked Security
Donβt get tricked by this crashtastic iPhone Wi-Fi hack!
Learn how the trick works so that you can avoid it in case someone thinks itβs a joke to catch you out.
β Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack β
π Read
via "Threat Post".
The attacks are enabled by an unpatched security vulnerability in ForgeRock's Access Management, a popular platform that front-ends web apps and remote-access setups.π Read
via "Threat Post".
Threat Post
Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack
The attacks are enabled by a (fixed) vulnerability in ForgeRock's Access Management, a popular platform that front-ends web apps and remote-access setups.
βΌ CVE-2021-32703 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the shareinfo endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. The issue was fixed in versions 19.0.13, 20.0.11, and 21.0.3. There are no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20414 βΌ
π Read
via "National Vulnerability Database".
IBM Guardium Data Encryption (GDE) 3.0.0.2 could allow a user to bruce force sensitive information due to not properly limiting the number of interactions. IBM X-Force ID: 196216.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36381 βΌ
π Read
via "National Vulnerability Database".
In Edifecs Transaction Management through 2021-07-12, an unauthenticated user can inject arbitrary text into a user's browser via logon.jsp?logon_error= on the login screen of the Web application.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29803 βΌ
π Read
via "National Vulnerability Database".
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204164.π Read
via "National Vulnerability Database".
π΄ Microsoft Confirms Acquisition of RiskIQ π΄
π Read
via "Dark Reading".
RiskIQ's technology helps businesses assess their security across the Microsoft cloud, Amazon Web Services, other clouds, and on-premises.π Read
via "Dark Reading".
π European Authorities Bust Phishing Ring π
π Read
via "".
The group, which was based in Romania, reportedly conned online consumers out of $2 million.π Read
via "".
Digital Guardian
European Authorities Bust Phishing Ring
The group, which was based in Romania, reportedly conned online consumers out of $2 million.
βΌ CVE-2021-32707 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a `background-image` CSS attribute. Note that the images were still passed through the Nextcloud image proxy, and thus there was no IP leakage. The issue was patched in version 1.9.6 and 1.10.0. No workarounds are known to exist.π Read
via "National Vulnerability Database".
β WordPress File Management Plugin Riddled with Critical Bugs β
π Read
via "Threat Post".
The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution.π Read
via "Threat Post".
Threat Post
WordPress File Management Plugin Riddled with Critical Bugs
The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution.