β Pwned! The home security system that can be hacked with your email address β
π Read
via "Naked Security".
The alarm system that can be turned off with your email address.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Friday Five 9/3 π
π Read
via "".
How not to get hacked, a $9 million ransomware attack, and the FTC cracks down on a spyware app - catch up on the infosec news of the week with the Friday Five!π Read
via "".
Digital Guardian
Friday Five 9/3
How not to get hacked, a $9 million ransomware attack, and the FTC cracks down on a spyware app - catch up on the infosec news of the week with the Friday Five!
π Clam AntiVirus Toolkit 0.104.0 π
π Read
via "Packet Storm Security".
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.π Read
via "Packet Storm Security".
Packetstormsecurity
Clam AntiVirus Toolkit 0.104.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π SQLMAP - Automatic SQL Injection Tool 1.5.9 π
π Read
via "Packet Storm Security".
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.π Read
via "Packet Storm Security".
Packetstormsecurity
SQLMAP - Automatic SQL Injection Tool 1.5.9 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π nfstream 6.3.4 π
π Read
via "Packet Storm Security".
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.π Read
via "Packet Storm Security".
Packetstormsecurity
nfstream 6.3.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β The State of Incident Response: Measuring Risk and Evaluating Your Preparedness β
π Read
via "Threat Post".
Grant Oviatt, director of incident-response engagements at Red Canary, provides advice and best practices on how to get there faster.π Read
via "Threat Post".
Threat Post
The State of Incident Response: Measuring Risk and Evaluating Your Preparedness
Grant Oviatt, director of incident-response engagements at Red Canary, provides advice and best practices on how to get there faster.
β FIN7 Capitalizes on Windows 11 Release in Latest Gambit β
π Read
via "Threat Post".
The financially motivated group looked to steal payment-card data from a California-based point-of-sale service provider.π Read
via "Threat Post".
Threat Post
FIN7 Capitalizes on Windows 11 Release in Latest Gambit
The financially motivated group looked to steal payment-card data from a California-based point-of-sale service provider.
βΌ CVE-2021-39192 βΌ
π Read
via "National Vulnerability Database".
Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability. This issue is patched in Ghost version 4.10.0. As a workaround, disable all non-Administrator accounts to prevent API access. It is highly recommended to regenerate all API keys after patching or applying the workaround.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39191 βΌ
π Read
via "National Vulnerability Database".
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9.4, the 3rd-party init SSO functionality of mod_auth_openidc was reported to be vulnerable to an open redirect attack by supplying a crafted URL in the `target_link_uri` parameter. A patch in version 2.4.9.4 made it so that the `OIDCRedirectURLsAllowed` setting must be applied to the `target_link_uri` parameter. There are no known workarounds aside from upgrading to a patched version.π Read
via "National Vulnerability Database".
π¦Ώ How to install fail2ban on Rocky Linux and AlmaLinux π¦Ώ
π Read
via "Tech Republic".
Fail2ban should be on every one of your Linux servers. If you've yet to install it on either Rocky Linux or AlmaLinux, Jack Wallen is here to help you out with that.π Read
via "Tech Republic".
TechRepublic
How to install fail2ban on Rocky Linux and AlmaLinux
Fail2ban should be on every one of your Linux servers. If you've yet to install it on either Rocky Linux or AlmaLinux, Jack Wallen is here to help you out with that.
βΌ CVE-2021-23437 βΌ
π Read
via "National Vulnerability Database".
The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40492 βΌ
π Read
via "National Vulnerability Database".
A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php).π Read
via "National Vulnerability Database".
βΌ CVE-2021-23439 βΌ
π Read
via "National Vulnerability Database".
This affects the package file-upload-with-preview before 4.2.0. A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file).π Read
via "National Vulnerability Database".
βΌ CVE-2021-40524 βΌ
π Read
via "National Vulnerability Database".
In Pure-FTPd 1.0.49, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initial -1 value.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40516 βΌ
π Read
via "National Vulnerability Database".
WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40523 βΌ
π Read
via "National Vulnerability Database".
In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fail to give the WILL/WONT or DO/DONT response for DO and WILL commands because of improper handling of exception condition, which leads to property violations and denial of service. Specifically, a server sometimes sends no response, because a fixed buffer space is available for all responses and that space may have been exhausted.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24588 βΌ
π Read
via "National Vulnerability Database".
The SMS Alert Order Notifications WordPress plugin before 3.4.7 is affected by a cross site scripting (XSS) vulnerability in the plugin's setting page.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24590 βΌ
π Read
via "National Vulnerability Database".
The Cookie Notice & Consent Banner forΓβΓ GDPR & CCPA Compliance WordPress plugin before 1.7.2 does not properly sanitize inputs to prevent injection of arbitrary HTML within the plugin's design customization options.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24303 βΌ
π Read
via "National Vulnerability Database".
The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issuesπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24394 βΌ
π Read
via "National Vulnerability Database".
An id GET parameter of the Easy Testimonial Manager WordPress plugin through 1.2.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injectionπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24603 βΌ
π Read
via "National Vulnerability Database".
The Site Reviews WordPress plugin before 5.13.1 does not sanitise some of its Review Details when adding a review as an admin, which could allow them to perform Cross-Site Scripting attacks when the unfiltered_html is disallowedπ Read
via "National Vulnerability Database".