π New Microsoft Teams Integration Provides Visibility, Controls to Prevent Data Loss π
π Read
via "".
Digital Guardian's integration with Microsoft Teams allows organizations to reduce the risk of data loss without hampering productivity.π Read
via "".
Digital Guardian
New Microsoft Teams Integration Provides Visibility, Controls to Prevent Data Loss
Digital Guardian's integration with Microsoft Teams allows organizations to reduce the risk of data loss without hampering productivity.
π¦Ώ Frequently asked questions on Extended Detection and Response π¦Ώ
π Read
via "Tech Republic".
This article answers a few of the more common questions from those who are trying to figure out the XDR space.π Read
via "Tech Republic".
TechRepublic
Frequently asked questions on Extended Detection and Response
This article answers a few of the more common questions from those who are trying to figure out the XDR space.
β No More Ransom Saves Victims Nearly β¬1 Over 5 Years β
π Read
via "Threat Post".
No More Ransom is collecting decryptors so ransomware victims donβt have to pay to get their data back and attackers donβt get rich.π Read
via "Threat Post".
Threat Post
No More Ransom Saves Victims Nearly β¬1 billion Over 5 Years
No More Ransom is collecting decryptors so ransomware victims donβt have to pay to get their data back and attackers donβt get rich.
βΌ CVE-2021-32748 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Richdocuments in an open source self hosted online office. Nextcloud uses the WOPI ("Web Application Open Platform Interface") protocol to communicate with the Collabora Editor, the communication between these two services was not protected by a credentials or IP check. Whilst this does not result in gaining access to data that the user has not yet access to, it can result in a bypass of any enforced watermark on documents as described on the [Nextcloud Virtual Data Room](https://nextcloud.com/virtual-data-room/) website and [our documentation](https://portal.nextcloud.com/article/nextcloud-and-virtual-data-room-configuration-59.html). The Nextcloud Richdocuments releases 3.8.3 and 4.2.0 add an additional admin settings for an allowlist of IP addresses that can access the WOPI API. We recommend upgrading and configuring the allowlist to a list of Collabora servers. There is no known workaround. Note that this primarily results a bypass of any configured watermark or download protection using File Access Control. If you do not require or rely on these as a security feature no immediate action is required on your end.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32796 βΌ
π Read
via "National Vulnerability Database".
xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32788 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open source discussion platform. In versions prior to 2.7.7 there are two bugs which led to the post creator of a whisper post being revealed to non-staff users. 1: Staff users that creates a whisper post in a personal message is revealed to non-staff participants of the personal message even though the whisper post cannot be seen by them. 2: When a whisper post is before the last post in a post stream, deleting the last post will result in the creator of the whisper post to be revealed to non-staff users as the last poster of the topic.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23414 βΌ
π Read
via "National Vulnerability Database".
This affects the package video.js before 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code.π Read
via "National Vulnerability Database".
β Podcast: Why Securing Active Directory Is a Nightmare β
π Read
via "Threat Post".
Researchers preview work to be presented at Black Hat on how AD βmisconfiguration debtβ lays out a dizzying array of attack paths, such as in PetitPotam.π Read
via "Threat Post".
βΌ CVE-2021-32000 βΌ
π Read
via "National Vulnerability Database".
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enterprise Server 12 SP3 clone-master-clean-up version 1.6-4.6.1 and prior versions. SUSE Linux Enterprise Server 15 SP1 clone-master-clean-up version 1.6-3.9.1 and prior versions. openSUSE Factory clone-master-clean-up version 1.6-1.4 and prior versions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32001 βΌ
π Read
via "National Vulnerability Database".
A Missing Encryption of Sensitive Data vulnerability in k3s, kde2 of SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup to extract the cluster's confidential keying material (cluster certificate authority private keys, secrets encryption configuration passphrase, etc) and decrypt it, without having to know the token value. This issue affects: SUSE Rancher K3s version v1.19.12+k3s1, v1.20.8+k3s1, v1.21.2+k3s1 and prior versions; RKE2 version v1.19.12+rke2r1, v1.20.8+rke2r1, v1.21.2+rke2r1 and prior versions.π Read
via "National Vulnerability Database".
π¦Ώ How the Dark Web enables access to corporate networks π¦Ώ
π Read
via "Tech Republic".
The number of ads selling access to corporate networks has continued to increase from 2019 to 2020 and into 2021, says Positive Technologies.π Read
via "Tech Republic".
TechRepublic
How the Dark Web enables access to corporate networks
The number of ads selling access to corporate networks has continued to increase from 2019 to 2020 and into 2021, says Positive Technologies.
β Reboot of PunkSpider Tool at DEF CON Stirs Debate β
π Read
via "Threat Post".
Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure, at DEF CON.π Read
via "Threat Post".
Threat Post
Reboot of PunkSpider Tool at DEF CON Stirs Debate
Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure, at DEF CON.
βΌ CVE-2021-23415 βΌ
π Read
via "National Vulnerability Database".
This affects the package elFinder.AspNet before 1.1.1. The user-controlled file name is not properly sanitized before it is used to create a file system path.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23416 βΌ
π Read
via "National Vulnerability Database".
This affects all versions of package curly-bracket-parser. When used as a template library, it does not properly sanitize the user input.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23417 βΌ
π Read
via "National Vulnerability Database".
All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function.π Read
via "National Vulnerability Database".
π¦Ώ Data breach costs hit record high due to pandemic π¦Ώ
π Read
via "Tech Republic".
The average cost of a data breach among companies surveyed for IBM Security reached $4.24 million per incident, the highest in 17 years.π Read
via "Tech Republic".
TechRepublic
Data breach costs hit record high due to pandemic
The average cost of a data breach among companies surveyed for IBM Security reached $4.24 million per incident, the highest in 17 years.
β BlackMatter & Haron: Evil Ransomware Newborns or Rebirths β
π Read
via "Threat Post".
Theyβre either new or old REvil & DarkSide wine in new bottles. Both have a taste for deep-pocketed targets and DarkSide-esque virtue-signaling.π Read
via "Threat Post".
Threat Post
BlackMatter & Haron: Evil Ransomware Newborns or Rebirths
Theyβre either new or old REvil & DarkSide wine in new bottles. Both have a taste for apex companies and DarkSide-esque virtue-signaling.
π΄ 8 Security Tools to be Unveiled at Black Hat USA π΄
π Read
via "Dark Reading".
Security researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.π Read
via "Dark Reading".
Dark Reading
8 Security Tools to be Unveiled at Black Hat USA
Security researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.
βΌ CVE-2021-37578 βΌ
π Read
via "National Vulnerability Database".
Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicious serialized object to the above RMI entries. The objects get deserialized without any check on the incoming data. In the worst case, it may let the attacker run arbitrary code remotely. For both jUDDI web service applications and jUDDI clients, the usage of RMI is disabled by default. Since this is an optional feature and an extension to the UDDI protocol, the likelihood of impact is low. Starting with 3.3.10, all RMI related code was removed.π Read
via "National Vulnerability Database".
π¦Ώ "Real Estate for a Purpose": Cisco unveils hybrid work plans and tech to support distributed teams π¦Ώ
π Read
via "Tech Republic".
After a year of WFH, companies are offering a mixed bag of flexible work arrangements. In the hybrid work era, the traditional office is getting a makeover to assist workers on-site and elsewhere.π Read
via "Tech Republic".
TechRepublic
"Real Estate for a Purpose": Cisco unveils hybrid work plans and tech to support distributed teams
After a year of WFH, companies are offering a mixed bag of flexible work arrangements. In the hybrid work era, the traditional office is getting a makeover to assist workers on-site and elsewhere.
βΌ CVE-2020-36239 βΌ
π Read
via "National Vulnerability Database".
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17.0 exposed a Ehcache RMI network service which attackers, who can connect to the service, on port 40001 and potentially 40011[0][1], could execute arbitrary code of their choice in Jira through deserialization due to a missing authentication vulnerability. While Atlassian strongly suggests restricting access to the Ehcache ports to only Data Center instances, fixed versions of Jira will now require a shared secret in order to allow access to the Ehcache service. [0] In Jira Data Center, Jira Core Data Center, and Jira Software Data Center versions prior to 7.13.1, the Ehcache object port can be randomly allocated. [1] In Jira Service Management Data Center versions prior to 3.16.1, the Ehcache object port can be randomly allocated.π Read
via "National Vulnerability Database".