β 16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines β
π Read
via "Threat Post".
The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode.π Read
via "Threat Post".
Threat Post
16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines
The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode.
β Why Your Business Needs a Long-Term Remote Security Strategy β
π Read
via "Threat Post".
Chris Hass, director of information security and research at Automox, discusses the future of work: A hybrid home/office model that will demand new security approaches.π Read
via "Threat Post".
Threat Post
Why Your Business Needs a Long-Term Remote Security Strategy
Chris Hass, director of information security and research at Automox, discusses the future of work: A hybrid home/office model that will demand new security approaches.
β Apple iPhone patches are out β no news if recent Wi-Fi bug is fixed β
π Read
via "Naked Security".
Remember that weird iPhone Wi-Fi bug from a week or so ago? Let's hope this update patches it!π Read
via "Naked Security".
Naked Security
Apple iPhone patches are out β no news if recent Wi-Fi bug is fixed
Remember that weird iPhone Wi-Fi bug from a week or so ago? Letβs hope this update patches it!
βΌ CVE-2020-15660 βΌ
π Read
via "National Vulnerability Database".
Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.π Read
via "National Vulnerability Database".
π¦Ώ Ransomware: International cooperation is needed to curb these cybersecurity threats, says expert π¦Ώ
π Read
via "Tech Republic".
Ransomware knows no borders. An attorney with cybersecurity expertise suggests the only way to stop ransomware is for nations to create a global solution.π Read
via "Tech Republic".
TechRepublic
Ransomware: International cooperation is needed to curb these cybersecurity threats, says expert
Ransomware knows no borders. An attorney with cybersecurity expertise suggests the only way to stop ransomware is for nations to create a global solution.
βΌ CVE-2021-32668 βΌ
π Read
via "National Vulnerability Database".
TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When error messages are not properly encoded, the components _QueryGenerator_ and _QueryView_ are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this issue.π Read
via "National Vulnerability Database".
β Law Firm to the Fortune 500 Breached with Ransomware β
π Read
via "Threat Post".
Deep-pocketed clients' customers & suppliers could be in the attacker's net, with potential PII exposure from an A-list clientele such as Apple, Boeing and IBM.π Read
via "Threat Post".
Threat Post
Law Firm to the Fortune 500 Breached with Ransomware
Deep-pocketed clients' customers & suppliers could be in the attacker's net, with potential PII exposure from an A-list clientele such as Apple, Boeing and IBM.
βΌ CVE-2021-32767 βΌ
π Read
via "National Vulnerability Database".
TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 versions 9.5.28, 10.4.18, 11.3.1 contain a patch for this vulnerability.π Read
via "National Vulnerability Database".
π¦Ώ Your iPhone and the Pegasus spyware hack: What you need to know π¦Ώ
π Read
via "Tech Republic".
iPhones have been compromised by the NSO Group's Pegasus spyware. Should you be worried? That depends on who you ask.π Read
via "Tech Republic".
TechRepublic
Your iPhone and the Pegasus spyware hack: What you need to know
iPhones have been compromised by the NSO Group's Pegasus spyware. Should you be worried? That depends on who you ask.
π¦Ώ Top 5 things to know about supply chain attacks π¦Ώ
π Read
via "Tech Republic".
Worried about supply chain attacks? Tom Merritt can help you understand your risk.π Read
via "Tech Republic".
TechRepublic
Top 5 things to know about supply chain attacks
Worried about supply chain attacks? Tom Merritt can help you understand your risk.
β Researchers: NSO Groupβs Pegasus Spyware Should Spark Bans, Apple Accountability β
π Read
via "Threat Post".
Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others.π Read
via "Threat Post".
Threat Post
Researchers: NSO Groupβs Pegasus Spyware Should Spark Bans, Apple Accountability
Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others.
π¦Ώ Top 5 things to know about supply chain attacks π¦Ώ
π Read
via "Tech Republic".
Worried about supply chain attacks? Tom Merritt can help you understand your risk.π Read
via "Tech Republic".
TechRepublic
Top 5 things to know about supply chain attacks
Worried about supply chain attacks? Tom Merritt can help you understand your risk.
βΌ CVE-2020-25206 βΌ
π Read
via "National Vulnerability Database".
The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes. An attacker with access to a web console account may execute operating system commands on affected devices by sending crafted POST requests to the affected endpoints (/core/api/calls/Throughput.php, /core/api/calls/WANStats.php, /core/api/calls/PhyStats.php, /core/api/calls/QosStats.php). This results in the complete takeover of the vulnerable device. This vulnerability does not occur in the older 1.5.x firmware versions.π Read
via "National Vulnerability Database".
π¦Ώ Security experts: Consistency and security are key in creating vaccine passports π¦Ώ
π Read
via "Tech Republic".
Countries and states have to agree on a consistent platform for vaccine passports in order to make them work effectively.π Read
via "Tech Republic".
TechRepublic
Security experts: Consistency and security are key in creating vaccine passports
Countries and states have to agree on a consistent platform for vaccine passports in order to make them work effectively.
π¦Ώ Vaccine passports have to be consistent so that all countries can recognize them, expert says π¦Ώ
π Read
via "Tech Republic".
This might create problems for those from poorer countries. Their countries may not have the resources to create vaccine passports that are readable everywhere.π Read
via "Tech Republic".
TechRepublic
Vaccine passports have to be consistent so that all countries can recognize them, expert says
This might create problems for those from poorer countries. Their countries may not have the resources to create vaccine passports that are readable everywhere.
βΌ CVE-2020-23284 βΌ
π Read
via "National Vulnerability Database".
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32751 βΌ
π Read
via "National Vulnerability Database".
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. This may impact those who use `gradlew` on Unix-like systems or use the scripts generated by Gradle in thieir application on Unix-like systems. For this vulnerability to be exploitable, an attacker needs to be able to set the value of particular environment variables and have those environment variables be seen by the vulnerable scripts. This issue has been patched in Gradle 7.2 by removing the use of `eval` and requiring the use of the `bash` shell. There are a few workarounds available. For CI/CD systems using the Gradle build tool, one may ensure that untrusted users are unable to change environment variables for the user that executes `gradlew`. If one is unable to upgrade to Gradle 7.2, one may generate a new `gradlew` script with Gradle 7.2 and use it for older versions of Gradle. Fpplications using start scripts generated by Gradle, one may ensure that untrusted users are unable to change environment variables for the user that executes the start script. A vulnerable start script could be manually patched to remove the use of `eval` or the use of environment variables that affect the application's command-line. If the application is simple enough, one may be able to avoid the use of the start scripts by running the application directly with Java command.π Read
via "National Vulnerability Database".
βΌ CVE-2021-1098 βΌ
π Read
via "National Vulnerability Database".
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. This flaw allows a malicious guest to perform operations by reusing those resources, which may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).π Read
via "National Vulnerability Database".
βΌ CVE-2021-2451 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS Base Score depend on the software that uses Outside In Technology. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology, but if data is not received over a network the CVSS score may be lower. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N).π Read
via "National Vulnerability Database".
βΌ CVE-2021-1100 βΌ
π Read
via "National Vulnerability Database".
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).π Read
via "National Vulnerability Database".
β MacOS Being Picked Apart by $49 XLoader Data Stealer β
π Read
via "Threat Post".
Cheap, easy & prolific, the new version of the old FormBook form-stealer and keylogger has added Mac users to its hit list, and itβs selling like hotcakes.π Read
via "Threat Post".
Threat Post
MacOS Being Picked Apart by $49 XLoader Data Stealer
Cheap, easy and prolific, the new version of the old FormBook form-stealer and keylogger has added Mac users to its hit list, and itβs selling like hotcakes.