π¦Ώ Ransomware attackers are growing bolder and using new extortion methods π¦Ώ
π Read
via "Tech Republic".
IT and OT environments are increasing targets and threat actors are using Dark Web forums to launch cybercrimes, according to Accenture's 2021 Cyber Threat Intelligence report.π Read
via "Tech Republic".
TechRepublic
Ransomware attackers are growing bolder and using new extortion methods
IT and OT environments are increasing targets and threat actors are using Dark Web forums to launch cybercrimes, according to Accenture's 2021 Cyber Threat Intelligence report.
π Wireshark Analyzer 3.4.7 π
π Read
via "Packet Storm Security".
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Wireshark Analyzer 3.4.7 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ What to Look for in an Effective Threat Hunter π΄
π Read
via "Dark Reading".
The most important personality traits, skills, and certifications to look for when hiring a threat hunting team.π Read
via "Dark Reading".
Dark Reading
Dark Reading | Security | Protect The Business
Dark Reading: Connecting The Cybersecurity Community.
β SonicWall Warns Firewall Hardware Bugs Under Attack β
π Read
via "Threat Post".
SonicWall issued an urgent security alert warning customers that some of its current and legacy firewall appliances were under active attack.π Read
via "Threat Post".
Threat Post
SonicWall Warns Secure VPN Hardware Bugs Under Attack
SonicWall issued an urgent security alert warning customers that some of its current and legacy secure VPN appliances were under active attack.
π An Interview with Adam Burns, Manager of Cybersecurity Analysts at Digital Guardian Part I π
π Read
via "".
In part one of our Q&A with Adam Burns, we discuss his background in security, ransomware in the news, and what traits make for a successful analyst.π Read
via "".
Digital Guardian
An Interview with Adam Burns, Manager of Cybersecurity Analysts at Digital Guardian Part I
In part one of our Q&A with Adam Burns, we discuss his background in security, ransomware in the news, and what traits make for a successful analyst.
βΌ CVE-2020-12731 βΌ
π Read
via "National Vulnerability Database".
The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt.magicmotion/files/Pictures, whence it can be read by other applications.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25593 βΌ
π Read
via "National Vulnerability Database".
Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34691 βΌ
π Read
via "National Vulnerability Database".
iDrive RemotePC before 4.0.1 on Linux allows denial of service. A remote and unauthenticated attacker can disconnect a valid user session by connecting to an ephemeral port.π Read
via "National Vulnerability Database".
π¦Ώ How to add the mic and camera killswitches in Android 12 π¦Ώ
π Read
via "Tech Republic".
Android 12 adds killswitches for both the mic and camera. Jack Wallen shows you how to add them and use them.π Read
via "Tech Republic".
TechRepublic
How to add the mic and camera kill switches in Android 12
Android 12 adds kill switches for both the mic and camera. Jack Wallen shows you how to add them and use them.
β The Code Red worm 20 years on β what have we learned? β
π Read
via "Naked Security".
"It was 20 years ago today..." that we learned a few lessons that are well worth revisiting!π Read
via "Naked Security".
Naked Security
The Code Red worm 20 years on β what have we learned?
βIt was 20 years ago todayβ¦β that we learned a few lessons that are well worth revisiting!
π΄ How to Bridge On-Premises and Cloud Identity π΄
π Read
via "Dark Reading".
Identity fabric, a cloud-native framework, removes the need for multiple, siloed, proprietary identity systems.π Read
via "Dark Reading".
Dark Reading
How to Bridge On-Premises and Cloud Identity
Identity fabric, a cloud-native framework, removes the need for multiple, siloed, proprietary identity systems.
βΌ CVE-2021-34429 βΌ
π Read
via "National Vulnerability Database".
For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21586 βΌ
π Read
via "National Vulnerability Database".
Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user could exploit this vulnerability in order to read arbitrary files on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3042 βΌ
π Read
via "National Vulnerability Database".
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM privileges. Exploiting this vulnerability requires the user to have file creation privilege in the Windows root directory (such as C:\). This issue impacts: All versions of Cortex XDR agent 6.1 without content update 181 or a later version; All versions of Cortex XDR agent 7.2 without content update 181 or a later version; All versions of Cortex XDR agent 7.3 without content update 181 or a later version. Cortex XDR agent 5.0 versions are not impacted by this issue. Content updates are required to resolve this issue and are automatically applied for the agent.π Read
via "National Vulnerability Database".
π΄ IoT-Specific Malware Infections Jumped 700% Amid Pandemic π΄
π Read
via "Dark Reading".
Gafgyt and Mirai malware represented majority of IoT malware, new data from Zscaler shows.π Read
via "Dark Reading".
Dark Reading
IoT-Specific Malware Infections Jumped 700% Amid Pandemic
Gafgyt and Mirai malware represented majority of IoT malware, new data from Zscaler shows.
π¦Ώ Cisco Talos researchers find crypto mining detections have doubled in the last year π¦Ώ
π Read
via "Tech Republic".
Security experts recommend looking for increased activity from illicit mining on corporate networks when cryptocurrency prices go up.π Read
via "Tech Republic".
TechRepublic
Cisco Talos researchers find crypto mining detections have doubled in the last year
Security experts recommend looking for increased activity from illicit mining on corporate networks when cryptocurrency prices go up.
βΌ CVE-2021-34830 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Cookie HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12028.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20496 βΌ
π Read
via "National Vulnerability Database".
IBM Security Verify Access Docker 10.0.0 could allow an authenticated user to bypass input due to improper input validation. IBM X-Force ID: 197966.π Read
via "National Vulnerability Database".
π΄ CISA Launches New Website to Aid Ransomware Defenders π΄
π Read
via "Dark Reading".
StopRansomware.gov provides information to help organizations protect against, and respond to, ransomware attacks.π Read
via "Dark Reading".
Dark Reading
CISA Launches New Website to Aid Ransomware Defenders
StopRansomware.gov provides information to help organizations protect against, and respond to, ransomware attacks.
π΄ Microsoft: Israeli Firm's Tools Used to Target Activists, Dissidents π΄
π Read
via "Dark Reading".
Candiru sold spyware that exploited Windows vulnerabilities and had been used in attacks against dissidents, activists, and journalists.π Read
via "Dark Reading".
Dark Reading
Microsoft: Israeli Firm's Tools Used to Target Activists, Dissidents
Candiru sold spyware that exploited Windows vulnerabilities and had been used in attacks against dissidents, activists, and journalists.
β Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases β
π Read
via "Threat Post".
The popular e-commerce platform for WordPress has started deploying emergency patches.π Read
via "Threat Post".
Threat Post
Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases
The popular e-commerce platform for WordPress has started deploying emergency patches.