π¦Ώ These states saw the most hacks in 2020 π¦Ώ
π Read
via "Tech Republic".
A report uses FBI data to parse out state-by-state hacking data by the number of victims and total financial losses for every 100,000 residents.π Read
via "Tech Republic".
TechRepublic
These states saw the most hacks in 2020
A report uses FBI data to parse out state-by-state hacking data by the number of victims and total financial losses for every 100,000 residents.
π UFONet 1.7 π
π Read
via "Packet Storm Security".
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.π Read
via "Packet Storm Security".
Packetstormsecurity
UFONet 1.7 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π¦Ώ Personal data compromises up 38%, according to new cybersecurity report π¦Ώ
π Read
via "Tech Republic".
The report parses out data by industry. Overall, healthcare topped the list, followed by financial services and manufacturing and utilities.π Read
via "Tech Republic".
TechRepublic
Personal data compromises up 38%, according to new cybersecurity report
The report parses out data by industry. Overall, healthcare topped the list, followed by financial services and manufacturing and utilities.
β Home delivery scams get smarter β donβt get caught out β
π Read
via "Naked Security".
We've said it before, and we'll say it again: don't be in too much of a hurry for those home deliveries you're expecting!π Read
via "Naked Security".
Naked Security
Home delivery scams get smarter β donβt get caught out
Weβve said it before, and weβll say it again: donβt be in too much of a hurry for those home deliveries youβre expecting!
βΌ CVE-2021-33211 βΌ
π Read
via "National Vulnerability Database".
A Directory Traversal vulnerability in the Unzip feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to write files to arbitrary directories via relative paths in ZIP archives.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22781 βΌ
π Read
via "National Vulnerability Database".
Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), and SCADAPack RemoteConnect for x70, all versions, that could cause a leak of SMTP credential used for mailbox authentication when an attacker can access a project file.π Read
via "National Vulnerability Database".
π΄ 10 Mistakes Companies Make In Their Ransomware Responses π΄
π Read
via "Dark Reading".
Hit by ransomware? These missteps can take a bad scenario and make it even worse.π Read
via "Dark Reading".
Dark Reading
10 Mistakes Companies Make In Their Ransomware Responses
Hit by ransomware? These missteps can take a bad scenario and make it even worse.
β Trickbot Malware Rebounds with Virtual-Desktop Espionage Module β
π Read
via "Threat Post".
The attackers have spruced up the 'vncDll' module used for spying on targets and stealing data.π Read
via "Threat Post".
Threat Post
Trickbot Malware Rebounds with Virtual-Desktop Espionage Module
The attackers have spruced up the 'vncDll' module used for spying on targets and stealing data.
π¦Ώ IoT projects demand new skills from IT project managers π¦Ώ
π Read
via "Tech Republic".
If you think regular IT project managers can run IoT projects, you might be miscalculating. Here's why.π Read
via "Tech Republic".
TechRepublic
IoT projects demand new skills from IT project managers
If you think regular IT project managers can run IoT projects, you might be miscalculating. Here's why.
β Linux-Focused Cryptojacking Gang Tracked to Romania β
π Read
via "Threat Post".
The gang is using a new brute-forcer β βDiicot bruteβ β to crack passwords on Linux-based machines with weak passwords.π Read
via "Threat Post".
Threat Post
Linux-Focused Cryptojacking Gang Tracked to Romania
The gang is using a new brute-forcer β βDiicot bruteβ β to crack passwords on Linux-based machines with weak passwords.
π΄ Did the Cybersecurity Workforce Gap Distract Us From the Leak? π΄
π Read
via "Dark Reading".
Cyber games can play a critical role in re-engaging our workforce and addressing the employee retention crisis.π Read
via "Dark Reading".
Dark Reading
Did the Cybersecurity Workforce Gap Distract Us From the Leak?
Cyber games can play a critical role in re-engaging our workforce and addressing the employee retention crisis.
βΌ CVE-2020-29147 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability in wy_controlls/wy_side_visitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36740 βΌ
π Read
via "National Vulnerability Database".
Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8.π Read
via "National Vulnerability Database".
β Cryptominer Farm Rigged with 3,800 PS4s Busted in Ukraine β
π Read
via "Threat Post".
Ukrainian cops seize PlayStation 4 consoles, graphics cards, processors and more in cryptomining sting involving alleged electricity theft.π Read
via "Threat Post".
Threat Post
Cryptominer Farm Rigged with 3,800 PS4s Busted in Ukraine
Ukrainian cops seize PlayStation 4 consoles, graphics cards, processors and more in cryptomining sting involving alleged electricity theft.
π¦Ώ Kaspersky: LuminousMoth spearphishing campaign hit 1,500 targets in Asia π¦Ώ
π Read
via "Tech Republic".
Security researchers think HoneyMyte is behind the advanced persistent threat that has mostly targeted government entities.π Read
via "Tech Republic".
TechRepublic
Kaspersky: LuminousMoth spearphishing campaign hit 1,500 targets in Asia
Security researchers think HoneyMyte is behind the advanced persistent threat that has mostly targeted government entities.
βΌ CVE-2021-34514 βΌ
π Read
via "National Vulnerability Database".
Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-33771.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33746 βΌ
π Read
via "National Vulnerability Database".
Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33754, CVE-2021-33780, CVE-2021-34494, CVE-2021-34525.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34490 βΌ
π Read
via "National Vulnerability Database".
Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-31183, CVE-2021-33772.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34473 βΌ
π Read
via "National Vulnerability Database".
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33774 βΌ
π Read
via "National Vulnerability Database".
Windows Event Tracing Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-33768 βΌ
π Read
via "National Vulnerability Database".
Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34470, CVE-2021-34523.π Read
via "National Vulnerability Database".