π¦Ώ Windows 365 Business: How this new tool can help your organization π¦Ώ
π Read
via "Tech Republic".
Simon Bisson tried out the new Microsoft 365 tool, which allows you to create virtual machines for your staff working from home. Here's what he learned.π Read
via "Tech Republic".
TechRepublic
Windows 365 Business: How this new tool can help your organization
Simon Bisson tried out the new Microsoft 365 tool, which allows you to create virtual machines for your staff working from home. Here's what he learned.
π GRR 3.4.5.1 π
π Read
via "Packet Storm Security".
GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.π Read
via "Packet Storm Security".
Packetstormsecurity
GRR 3.4.5.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Faraday 3.17.1 π
π Read
via "Packet Storm Security".
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.π Read
via "Packet Storm Security".
Packetstormsecurity
Faraday 3.17.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Windows 10 Admin Rights Gobbled by Razer Devices β
π Read
via "Threat Post".
So much for Windows 10's security: a zero-day in the device installer software grants admin rights just by plugging in a mouse or other compatible device.π Read
via "Threat Post".
Threat Post
Windows 10 Admin Rights Gobbled by Razer Devices
So much for Windows 10's security: A zero-day in the device installer software grants admin rights just by plugging in a mouse or other compatible device. UPDATE: Microsoft is investigating.
π¦Ώ Photos: Windows 365 Business in action π¦Ώ
π Read
via "Tech Republic".
We took Microsoft's cloud PC platform for a spin. Here's what we found.π Read
via "Tech Republic".
TechRepublic
Photos: Windows 365 Business in action
We took Microsoft's cloud PC platform for a spin. Here's what we found.
β Whatβs *THAT* on my 3D printer? Cloud bug lets anyone print to everyone β
π Read
via "Naked Security".
That's funny. I could have sworn I didn't run a print job yesterday... but will you look at that?π Read
via "Naked Security".
Naked Security
Whatβs *THAT* on my 3D printer? Cloud bug lets anyone print to everyone
Thatβs funny. I could have sworn I didnβt run a print job yesterdayβ¦ but will you look at that?
βΌ CVE-2021-29802 βΌ
π Read
via "National Vulnerability Database".
IBM Security SOAR performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29704 βΌ
π Read
via "National Vulnerability Database".
IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.π Read
via "National Vulnerability Database".
β ProxyShell Attacks Pummel Unpatched Exchange Servers β
π Read
via "Threat Post".
CISA is warning about a surge of ProxyShell attacks, as Huntress discovered 140 webshells launched against 1,900 unpatched Microsoft Exchange servers.π Read
via "Threat Post".
Threat Post
ProxyShell Attacks Pummel Unpatched Exchange Servers
CISA is warning about a surge of ProxyShell attacks, as Huntress discovered 140 webshells launched against 1,900 unpatched Microsoft Exchange servers.
π ProxyShell Exchange Server Vulnerabilities Exploited in the Wild π
π Read
via "".
CISA is urging organizations to patch the vulnerabilities in Exchange Server as soon as possible to prevent the spread ransomware and attackers who have been dropping web shells.π Read
via "".
Digital Guardian
ProxyShell Exchange Server Vulnerabilities Exploited in the Wild
CISA is urging organizations to patch the vulnerabilities in Exchange Server as soon as possible to prevent the spread ransomware and attackers who have been dropping web shells.
βΌ CVE-2021-39149 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39148 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39147 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39144 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39154 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39141 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39139 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the version out of the box with JDK 1.7u21 or below. However, this scenario can be adjusted easily to an external Xalan that works regardless of the version of the Java runtime. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39146 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39140 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39152 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime version 14 to 8. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the [Security Framework](https://x-stream.github.io/security.html#framework), you will have to use at least version 1.4.18.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39151 βΌ
π Read
via "National Vulnerability Database".
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.π Read
via "National Vulnerability Database".