βΌ CVE-2021-38202 βΌ
π Read
via "National Vulnerability Database".
fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38203 βΌ
π Read
via "National Vulnerability Database".
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.π Read
via "National Vulnerability Database".
β Cutting Through the Noise from Daily Alerts β
π Read
via "Threat Post".
The biggest challenge for security teams today is the quality of the threat intelligence platforms and feeds. How much of the intel is garbage and unusable? Threat intelligence process itself spans and feeds into many external and internal systems and applications. Without actionable data, it is impossible to understand the relevance and potential impact of a threat. Learn how Threat Intelligence management plays a role to help prioritize and act fast.π Read
via "Threat Post".
Threat Post
Cutting Through the Noise from Daily Alerts
Learn how Palo Alto Networks Cortex XSOAR Threat Intelligence Management Helps Prioritize and Act on Threat Intelligence.
βΌ CVE-2021-34660 βΌ
π Read
via "National Vulnerability Database".
The WP Fusion Lite WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the startdate parameter found in the ~/includes/admin/logging/class-log-table-list.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.37.18.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37788 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted HTTP packets with malicious iFrame data. A successful exploit could allow the attacker to perform a clickjacking attack where the user is tricked into clicking a malicious link.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34661 βΌ
π Read
via "National Vulnerability Database".
The WP Fusion Lite WordPress plugin is vulnerable to Cross-Site Request Forgery via the `show_logs_section` function found in the ~/includes/admin/logging/class-log-handler.php file which allows attackers to drop all logs for the plugin, in versions up to and including 3.37.18.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36798 βΌ
π Read
via "National Vulnerability Database".
A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22910 βΌ
π Read
via "National Vulnerability Database".
A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37573 βΌ
π Read
via "National Vulnerability Database".
A reflected cross-site scripting (XSS) vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) <=1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error pageπ Read
via "National Vulnerability Database".
π Nmap Port Scanner 7.92 π
π Read
via "Packet Storm Security".
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.π Read
via "Packet Storm Security".
Packetstormsecurity
Nmap Port Scanner 7.92 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Android Malware βFlyTrapβ Hijacks Facebook Accounts β
π Read
via "Threat Post".
Coupon codes for Netlifx or Google AdWords? Voting for the best football team? Beware: Malicious apps offering such come-ons could inflict a new trojan.π Read
via "Threat Post".
Threat Post
Android Malware βFlyTrapβ Hijacks Facebook Accounts
Coupon codes for Netlifx or Google AdWords? Voting for the best football team? Beware: Malicious apps offering such come-ons could inflict a new trojan.
βΌ CVE-2021-33256 βΌ
π Read
via "National Vulnerability Database".
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1 Build No: 6101 can be exploited by an unauthenticated user. The j_username parameter seems to be vulnerable and a reverse shell could be obtained if a privileged user exports "User Attempts Audit Report" as CSV file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21740 βΌ
π Read
via "National Vulnerability Database".
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25954 βΌ
π Read
via "National Vulnerability Database".
In ΓΒ’Γ’βΒ¬Γ
βDolibarrΓΒ’Γ’βΒ¬? application, 2.8.1 to 13.0.4 donΓΒ’Γ’β¬ÒβΒ’t restrict or incorrectly restricts access to a resource from an unauthorized actor. A low privileged attacker can modify the Private Note which only an administrator has rights to do, the affected field is at ΓΒ’Γ’βΒ¬Γ
β/adherents/note.php?id=1ΓΒ’Γ’βΒ¬? endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29714 βΌ
π Read
via "National Vulnerability Database".
IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. IBM X-Force ID: 200968.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20349 βΌ
π Read
via "National Vulnerability Database".
IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599.π Read
via "National Vulnerability Database".
π¦Ώ Ransomware demands and payments reach new highs π¦Ώ
π Read
via "Tech Republic".
As cybercriminals have become more aggressive, the average ransom payment in the first half of 2021 jumped to $570,000, up 82% from 2020, says Palo Alto Networks' Unit 42.π Read
via "Tech Republic".
TechRepublic
Ransomware demands and payments reach new highs
As cybercriminals have become more aggressive, the average ransom payment in the first half of 2021 jumped to $570,000, up 82% from 2020, says Palo Alto Networks' Unit 42.
π Router Firmware Vulnerability Bypasses Authentication π
π Read
via "".
A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information.π Read
via "".
Digital Guardian
Router Firmware Vulnerability Bypasses Authentication
A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information.
β Auth Bypass Bug Exploited, Affecting Millions of Routers β
π Read
via "Threat Post".
A mere three days after disclosure, cyberattackers are hijacking home routers from 20 vendors & ISPs to add them to a Mirai-variant botnet used for carrying out DDoS attacks.π Read
via "Threat Post".
Threat Post
Auth Bypass Bug Exploited, Affecting Millions of Routers
Three days after disclosure, cyberattackers are taking over home routers from 20 vendors and ISPs in order to add them to a Mirai-variant botnet used for carrying out DDoS attacks.
β Black Hat: Scaling Automated Disinformation for Misery and Profit β
π Read
via "Threat Post".
Researchers demonstrated the power deep neural networks enlisted to create a bot army with the firepower to shape public opinion and spark QAnon 2.0.π Read
via "Threat Post".
Threat Post
Black Hat: Scaling Automated Disinformation for Misery and Profit
Researchers demonstrated the power deep neural networks enlisted to create a bot army with the firepower to shape public opinion and spark QAnon 2.0.
βΌ CVE-2021-36276 βΌ
π Read
via "National Vulnerability Database".
Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.π Read
via "National Vulnerability Database".