β Reboot of PunkSpider Tool at DEF CON Stirs Debate β
π Read
via "Threat Post".
Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure, at DEF CON.π Read
via "Threat Post".
Threat Post
Reboot of PunkSpider Tool at DEF CON Stirs Debate
Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure, at DEF CON.
βΌ CVE-2021-23415 βΌ
π Read
via "National Vulnerability Database".
This affects the package elFinder.AspNet before 1.1.1. The user-controlled file name is not properly sanitized before it is used to create a file system path.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23416 βΌ
π Read
via "National Vulnerability Database".
This affects all versions of package curly-bracket-parser. When used as a template library, it does not properly sanitize the user input.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23417 βΌ
π Read
via "National Vulnerability Database".
All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function.π Read
via "National Vulnerability Database".
π¦Ώ Data breach costs hit record high due to pandemic π¦Ώ
π Read
via "Tech Republic".
The average cost of a data breach among companies surveyed for IBM Security reached $4.24 million per incident, the highest in 17 years.π Read
via "Tech Republic".
TechRepublic
Data breach costs hit record high due to pandemic
The average cost of a data breach among companies surveyed for IBM Security reached $4.24 million per incident, the highest in 17 years.
β BlackMatter & Haron: Evil Ransomware Newborns or Rebirths β
π Read
via "Threat Post".
Theyβre either new or old REvil & DarkSide wine in new bottles. Both have a taste for deep-pocketed targets and DarkSide-esque virtue-signaling.π Read
via "Threat Post".
Threat Post
BlackMatter & Haron: Evil Ransomware Newborns or Rebirths
Theyβre either new or old REvil & DarkSide wine in new bottles. Both have a taste for apex companies and DarkSide-esque virtue-signaling.
π΄ 8 Security Tools to be Unveiled at Black Hat USA π΄
π Read
via "Dark Reading".
Security researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.π Read
via "Dark Reading".
Dark Reading
8 Security Tools to be Unveiled at Black Hat USA
Security researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.
βΌ CVE-2021-37578 βΌ
π Read
via "National Vulnerability Database".
Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicious serialized object to the above RMI entries. The objects get deserialized without any check on the incoming data. In the worst case, it may let the attacker run arbitrary code remotely. For both jUDDI web service applications and jUDDI clients, the usage of RMI is disabled by default. Since this is an optional feature and an extension to the UDDI protocol, the likelihood of impact is low. Starting with 3.3.10, all RMI related code was removed.π Read
via "National Vulnerability Database".
π¦Ώ "Real Estate for a Purpose": Cisco unveils hybrid work plans and tech to support distributed teams π¦Ώ
π Read
via "Tech Republic".
After a year of WFH, companies are offering a mixed bag of flexible work arrangements. In the hybrid work era, the traditional office is getting a makeover to assist workers on-site and elsewhere.π Read
via "Tech Republic".
TechRepublic
"Real Estate for a Purpose": Cisco unveils hybrid work plans and tech to support distributed teams
After a year of WFH, companies are offering a mixed bag of flexible work arrangements. In the hybrid work era, the traditional office is getting a makeover to assist workers on-site and elsewhere.
βΌ CVE-2020-36239 βΌ
π Read
via "National Vulnerability Database".
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17.0 exposed a Ehcache RMI network service which attackers, who can connect to the service, on port 40001 and potentially 40011[0][1], could execute arbitrary code of their choice in Jira through deserialization due to a missing authentication vulnerability. While Atlassian strongly suggests restricting access to the Ehcache ports to only Data Center instances, fixed versions of Jira will now require a shared secret in order to allow access to the Ehcache service. [0] In Jira Data Center, Jira Core Data Center, and Jira Software Data Center versions prior to 7.13.1, the Ehcache object port can be randomly allocated. [1] In Jira Service Management Data Center versions prior to 3.16.1, the Ehcache object port can be randomly allocated.π Read
via "National Vulnerability Database".
β Six Malicious Linux Shell Scripts Used to Evade Defenses and How to Stop Them β
π Read
via "Threat Post".
Uptycs Threat Research outline how malicious Linux shell scripts are used to cloak attacks and how defenders can detect and mitigate against them.π Read
via "Threat Post".
Threat Post
Six Malicious Linux Shell Scripts Used to Evade Defenses and How to Stop Them
Uptycs Threat Research outline how malicious Linux shell scripts are used to cloak attacks and how defenders can detect and mitigate against them.
βΌ CVE-2021-20505 βΌ
π Read
via "National Vulnerability Database".
The PowerVM Logical Partition Mobility(LPM) (PowerVM Hypervisor FW920, FW930, FW940, and FW950) encryption key exchange protocol can be compromised. If an attacker has the ability to capture encrypted LPM network traffic and is able to gain service access to the FSP they can use this information to perform a series of PowerVM service procedures to decrypt the captured migration traffic IBM X-Force ID: 198232π Read
via "National Vulnerability Database".
π¦Ώ How to attend Black Hat USA 2021 and DEF CON 29 virtually π¦Ώ
π Read
via "Tech Republic".
DEF CON 29 sold out of virtual passes, so tuning in on Twitch and Discord are the best options for attending online this year.π Read
via "Tech Republic".
TechRepublic
How to attend Black Hat USA 2021 and DEF CON 29 virtually
DEF CON 29 sold out of virtual passes, so tuning in on Twitch and Discord are the best options for attending online this year.
β Israeli Government Agencies Visit NSO Group Offices β
π Read
via "Threat Post".
Authorities opened an investigation into the secretive Israeli security firm.π Read
via "Threat Post".
Threat Post
Israeli Government Agencies Visit NSO Group Offices
Authorities opened an investigation into the secretive Israeli security firm.
βΌ CVE-2021-21538 βΌ
π Read
via "National Vulnerability Database".
Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the virtual console.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5353 βΌ
π Read
via "National Vulnerability Database".
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21546 βΌ
π Read
via "National Vulnerability Database".
Dell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information Disclosure in Log Files vulnerability. A local low-privileged user of the Networker server could potentially exploit this vulnerability to read plain-text credentials from server log files.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5329 βΌ
π Read
via "National Vulnerability Database".
Dell EMC Avamar Server contains an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.π Read
via "National Vulnerability Database".
β CISAβs Top 30 Bugs: Oneβs Old Enough to Buy Beer β
π Read
via "Threat Post".
There are patches or remediations for all of them, but they're still being picked apart. Why should attackers stop if the flaws remain unpatched, as so many do?π Read
via "Threat Post".
Threat Post
CISAβs Top 30 Bugs: Oneβs Old Enough to Buy Beer
There are patches or remediations for all of them, but they're still being picked apart. Why should attackers stop if the flaws remain unpatched, as so many do?
π¦Ώ How to remove or update a single entry from the SSH known_hosts file π¦Ώ
π Read
via "Tech Republic".
SSH holds fingerprints of your remote machines in the known_hosts file. Sometimes you might need to remove or update one of those entries. Jack Wallen shows you how.π Read
via "Tech Republic".
TechRepublic
How to remove or update a single entry from the SSH known_hosts file
SSH holds fingerprints of your remote machines in the known_hosts file. Sometimes you might need to remove or update one of those entries. Jack Wallen shows you how.
π¦Ώ How to ensure your vendors are cybersecure to protect you from supply chain attacks π¦Ώ
π Read
via "Tech Republic".
Right now supply-chain vendors are a prime target for cybercriminals. One expert offers ways to remove the bullseye from supply vendors.π Read
via "Tech Republic".
TechRepublic
How to ensure your vendors are cybersecure to protect you from supply chain attacks
Right now supply-chain vendors are a prime target for cybercriminals. One expert offers ways to remove the bullseye from supply vendors.