β Law Firm to the Fortune 500 Breached with Ransomware β
π Read
via "Threat Post".
Deep-pocketed clients' customers & suppliers could be in the attacker's net, with potential PII exposure from an A-list clientele such as Apple, Boeing and IBM.π Read
via "Threat Post".
Threat Post
Law Firm to the Fortune 500 Breached with Ransomware
Deep-pocketed clients' customers & suppliers could be in the attacker's net, with potential PII exposure from an A-list clientele such as Apple, Boeing and IBM.
βΌ CVE-2021-32767 βΌ
π Read
via "National Vulnerability Database".
TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 versions 9.5.28, 10.4.18, 11.3.1 contain a patch for this vulnerability.π Read
via "National Vulnerability Database".
π¦Ώ Your iPhone and the Pegasus spyware hack: What you need to know π¦Ώ
π Read
via "Tech Republic".
iPhones have been compromised by the NSO Group's Pegasus spyware. Should you be worried? That depends on who you ask.π Read
via "Tech Republic".
TechRepublic
Your iPhone and the Pegasus spyware hack: What you need to know
iPhones have been compromised by the NSO Group's Pegasus spyware. Should you be worried? That depends on who you ask.
π¦Ώ Top 5 things to know about supply chain attacks π¦Ώ
π Read
via "Tech Republic".
Worried about supply chain attacks? Tom Merritt can help you understand your risk.π Read
via "Tech Republic".
TechRepublic
Top 5 things to know about supply chain attacks
Worried about supply chain attacks? Tom Merritt can help you understand your risk.
β Researchers: NSO Groupβs Pegasus Spyware Should Spark Bans, Apple Accountability β
π Read
via "Threat Post".
Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others.π Read
via "Threat Post".
Threat Post
Researchers: NSO Groupβs Pegasus Spyware Should Spark Bans, Apple Accountability
Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others.
π¦Ώ Top 5 things to know about supply chain attacks π¦Ώ
π Read
via "Tech Republic".
Worried about supply chain attacks? Tom Merritt can help you understand your risk.π Read
via "Tech Republic".
TechRepublic
Top 5 things to know about supply chain attacks
Worried about supply chain attacks? Tom Merritt can help you understand your risk.
βΌ CVE-2020-25206 βΌ
π Read
via "National Vulnerability Database".
The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes. An attacker with access to a web console account may execute operating system commands on affected devices by sending crafted POST requests to the affected endpoints (/core/api/calls/Throughput.php, /core/api/calls/WANStats.php, /core/api/calls/PhyStats.php, /core/api/calls/QosStats.php). This results in the complete takeover of the vulnerable device. This vulnerability does not occur in the older 1.5.x firmware versions.π Read
via "National Vulnerability Database".
π¦Ώ Security experts: Consistency and security are key in creating vaccine passports π¦Ώ
π Read
via "Tech Republic".
Countries and states have to agree on a consistent platform for vaccine passports in order to make them work effectively.π Read
via "Tech Republic".
TechRepublic
Security experts: Consistency and security are key in creating vaccine passports
Countries and states have to agree on a consistent platform for vaccine passports in order to make them work effectively.
π¦Ώ Vaccine passports have to be consistent so that all countries can recognize them, expert says π¦Ώ
π Read
via "Tech Republic".
This might create problems for those from poorer countries. Their countries may not have the resources to create vaccine passports that are readable everywhere.π Read
via "Tech Republic".
TechRepublic
Vaccine passports have to be consistent so that all countries can recognize them, expert says
This might create problems for those from poorer countries. Their countries may not have the resources to create vaccine passports that are readable everywhere.
βΌ CVE-2020-23284 βΌ
π Read
via "National Vulnerability Database".
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32751 βΌ
π Read
via "National Vulnerability Database".
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. This may impact those who use `gradlew` on Unix-like systems or use the scripts generated by Gradle in thieir application on Unix-like systems. For this vulnerability to be exploitable, an attacker needs to be able to set the value of particular environment variables and have those environment variables be seen by the vulnerable scripts. This issue has been patched in Gradle 7.2 by removing the use of `eval` and requiring the use of the `bash` shell. There are a few workarounds available. For CI/CD systems using the Gradle build tool, one may ensure that untrusted users are unable to change environment variables for the user that executes `gradlew`. If one is unable to upgrade to Gradle 7.2, one may generate a new `gradlew` script with Gradle 7.2 and use it for older versions of Gradle. Fpplications using start scripts generated by Gradle, one may ensure that untrusted users are unable to change environment variables for the user that executes the start script. A vulnerable start script could be manually patched to remove the use of `eval` or the use of environment variables that affect the application's command-line. If the application is simple enough, one may be able to avoid the use of the start scripts by running the application directly with Java command.π Read
via "National Vulnerability Database".
βΌ CVE-2021-1098 βΌ
π Read
via "National Vulnerability Database".
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. This flaw allows a malicious guest to perform operations by reusing those resources, which may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).π Read
via "National Vulnerability Database".
βΌ CVE-2021-2451 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS Base Score depend on the software that uses Outside In Technology. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology, but if data is not received over a network the CVSS score may be lower. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N).π Read
via "National Vulnerability Database".
βΌ CVE-2021-1100 βΌ
π Read
via "National Vulnerability Database".
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).π Read
via "National Vulnerability Database".
β MacOS Being Picked Apart by $49 XLoader Data Stealer β
π Read
via "Threat Post".
Cheap, easy & prolific, the new version of the old FormBook form-stealer and keylogger has added Mac users to its hit list, and itβs selling like hotcakes.π Read
via "Threat Post".
Threat Post
MacOS Being Picked Apart by $49 XLoader Data Stealer
Cheap, easy and prolific, the new version of the old FormBook form-stealer and keylogger has added Mac users to its hit list, and itβs selling like hotcakes.
βΌ CVE-2021-23409 βΌ
π Read
via "National Vulnerability Database".
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header.π Read
via "National Vulnerability Database".
π¦Ώ Moving OT to the cloud means accounting for a whole new host of security risks π¦Ώ
π Read
via "Tech Republic".
ICS systems managed via cloud software are open to exploits that could be destructive enough to cause physical damage to industrial systems. Here's how to protect your operational technology network.π Read
via "Tech Republic".
TechRepublic
Moving OT to the cloud means accounting for a whole new host of security risks
ICS systems managed via cloud software are open to exploits that could be destructive enough to cause physical damage to industrial systems. Here's how to protect your operational technology network.
π¦Ώ Cybersecurity lags behind as IoT devices proliferate, according to a new report π¦Ώ
π Read
via "Tech Republic".
About one-quarter of respondents do not incorporate any of the listed measures to protect these devices and many feel as though consumers are not responsible for smart and IoT device security.π Read
via "Tech Republic".
TechRepublic
Cybersecurity lags behind as IoT devices proliferate, according to a new report
About one-quarter of respondents do not incorporate any of the listed measures to protect these devices and many feel as though consumers are not responsible for smart and IoT device security.
β Tracking Malware and Ransomware Domains in 2021 β
π Read
via "Threat Post".
Ransomware is the threat of 2021. Itβs impacting everything from large enterprises, hospitals, to other aspects of our critical infrastructure. Here, weβll take a look at actual malware domain traffic and how it correlates to ransomware attacks in the news.π Read
via "Threat Post".
Threat Post
Tracking Malware and Ransomware Domains in 2021
Ransomware is the threat of 2021. Itβs impacting everything from large enterprises, hospitals, to other aspects of our critical infrastructure. Here, weβll take a look at actual malware domain traffic and how it correlates to ransomware attacks in the news.
β French Launch NSO Probe After Macron Believed Spyware Target β
π Read
via "Threat Post".
Fourteen world leaders were among those found on list of NSO believed targets for its Pegasus spyware.π Read
via "Threat Post".
Threat Post
French Launch NSO Probe After Macron Believed Spyware Target
Fourteen world leaders were among those found on list of NSO believed targets for its Pegasus spyware.
π Catch Up With Digital Guardian Virtually at Black Hat 2021 π
π Read
via "".
We're looking forward to seeing you online at Black Hat next month!π Read
via "".
Digital Guardian
Catch Up With Digital Guardian Virtually at Black Hat 2021
We're looking forward to seeing you online at Black Hat next month!