🦿 Kaseya attack: "Yes, we can do something about this, and we should do something about this" 🦿
📖 Read
via "Tech Republic".
The Kaseya attack is especially unique because it didn't begin with a password breach, and the companies were following cybersecurity best practices. So, how can we protect against this threat?📖 Read
via "Tech Republic".
TechRepublic
Kaseya attack: How ransomeware attacks are like startups and what we need to do about that
The Kaseya attack is especially unique because it didn't begin with a password breach, and the companies were following cybersecurity best practices. So, how can we protect against this threat?
❌ Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers ❌
📖 Read
via "Threat Post".
HelloKitty joins the growing list of ransomware bigwigs going after the juicy target of VMware ESXi, where one hit gets scads of VMs.📖 Read
via "Threat Post".
Threat Post
Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers
HelloKitty joins the growing list of ransomware bigwigs going after the juicy target of VMware ESXi, where one hit gets scads of VMs.
‼ CVE-2021-34447 ‼
📖 Read
via "National Vulnerability Database".
Windows MSHTML Platform Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34497.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34464 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Defender Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34522.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34459 ‼
📖 Read
via "National Vulnerability Database".
Windows AppContainer Elevation Of Privilege Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2019-3752 ‼
📖 Read
via "National Vulnerability Database".
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4. contain an XML External Entity(XXE) Injection vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability to cause Denial of Service or information exposure by supplying specially crafted document type definitions (DTDs) in an XML request.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36769 ‼
📖 Read
via "National Vulnerability Database".
A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36213 ‼
📖 Read
via "National Vulnerability Database".
In HashiCorp Consul before 1.10.1 (and Consul Enterprise), xds can generate a situation where a single L7 deny intention (with a default deny policy) results in an allow action.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-32574 ‼
📖 Read
via "National Vulnerability Database".
HashiCorp Consul before 1.10.1 (and Consul Enterprise) has Missing SSL Certificate Validation. xds does not ensure that the Subject Alternative Name of an upstream is validated.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36773 ‼
📖 Read
via "National Vulnerability Database".
uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service (unbounded recursion that can trigger memory consumption and a loss of all blocking functionality).📖 Read
via "National Vulnerability Database".
⚠ S3 Ep41: Crashing iPhones, PrintNightmares, and Code Red memories [Podcast] ⚠
📖 Read
via "Naked Security".
Latest episode - listen now!📖 Read
via "Naked Security".
Naked Security
S3 Ep41: Crashing iPhones, PrintNightmares, and Code Red memories [Podcast]
Latest episode – listen now!
‼ CVE-2021-33592 ‼
📖 Read
via "National Vulnerability Database".
NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. Special characters in filename parameter can be the cause of bypassing code signing check function.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-24453 ‼
📖 Read
via "National Vulnerability Database".
The Include Me WordPress plugin through 1.2.1 is vulnerable to path traversal / local file inclusion, which can lead to Remote Code Execution (RCE) of the system due to log poisoning and therefore potentially a full compromise of the underlying structure📖 Read
via "National Vulnerability Database".
‼ CVE-2021-24452 ‼
📖 Read
via "National Vulnerability Database".
The W3 Total Cache WordPress plugin before 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as the parameter is output in a JavaScript context without proper escaping. This could allow an attacker, who can convince an authenticated admin into clicking a link, to run malicious JavaScript within the user's web browser, which could lead to full site compromise.📖 Read
via "National Vulnerability Database".
🕴 Breaking Down the Threat of Going All-In With Microsoft Security 🕴
📖 Read
via "Dark Reading".
Limit risk by dividing responsibility for infrastructure, tools, and security.📖 Read
via "Dark Reading".
Dark Reading
Breaking Down the Threat of Going All-In With Microsoft Security
Limit risk by dividing responsibility for infrastructure, tools, and security.
🕴 7 Ways AI and ML Are Helping and Hurting Cybersecurity 🕴
📖 Read
via "Dark Reading".
In the right hands, artificial intelligence and machine learning can enrich our cyber defenses. In the wrong hands, they can create significant harm.📖 Read
via "Dark Reading".
Dark Reading
7 Ways AI and ML Are Helping and Hurting Cybersecurity
In the right hands, artificial intelligence and machine learning can enrich our cyber defenses. In the wrong hands, they can create significant harm.
‼ CVE-2021-35967 ‼
📖 Read
via "National Vulnerability Database".
The directory page parameter of the Orca HCM digital learning platform does not filter special characters. Remote attackers can access the system directory thru Path Traversal without logging in.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33501 ‼
📖 Read
via "National Vulnerability Database".
Overwolf Client 0.169.0.22 allows XSS, with resultant Remote Code Execution, via an overwolfstore:// URL.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-31216 ‼
📖 Read
via "National Vulnerability Database".
Siren Investigate before 11.1.1 contains a server side request forgery (SSRF) defect in the built-in image proxy route (which is enabled by default). An attacker with access to the Investigate installation can specify an arbitrary URL in the parameters of the image proxy route and fetch external URLs as the Investigate process on the host.📖 Read
via "National Vulnerability Database".
🛠 American Fuzzy Lop plus plus 3.14c 🛠
📖 Read
via "Packet Storm Security".
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.📖 Read
via "Packet Storm Security".
Packetstormsecurity
American Fuzzy Lop plus plus 3.14c ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🛠 Hashcat Advanced Password Recovery 6.2.3 Source Code 🛠
📖 Read
via "Packet Storm Security".
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.📖 Read
via "Packet Storm Security".
Packetstormsecurity
Hashcat Advanced Password Recovery 6.2.3 Source Code ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers