ποΈ New iCloud Private Relay service leaks usersβ true IP addresses, researcher claims ποΈ
π Read
via "The Daily Swig".
De-anonymizing users of VPN-like service, launched with iOS 15 yesterday, is βeasily accomplishedβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
New iCloud Private Relay service leaks usersβ true IP addresses, researcher claims
De-anonymizing users of VPN-like service, launched with iOS 15 yesterday, is βeasily accomplishedβ
βΌ CVE-2021-39339 βΌ
π Read
via "National Vulnerability Database".
The Telefication WordPress plugin is vulnerable to Open Proxy and Server-Side Request Forgery via the ~/bypass.php file due to a user-supplied URL request value that gets called by a curl requests. This affects versions up to, and including, 1.8.0.π Read
via "National Vulnerability Database".
β VMware patch bulletin warns: βThis needs your immediate attention.β β
π Read
via "Naked Security".
"It is a matter of time before working exploits are available," warns VMware.π Read
via "Naked Security".
Naked Security
VMware patch bulletin warns: βThis needs your immediate attention.β
βIt is a matter of time before working exploits are available,β warns VMware.
ποΈ APT focus: βNoisyβ Russian hacking crews are among the worldβs most sophisticated ποΈ
π Read
via "The Daily Swig".
Unpacking the Matryoshka dolls behind Kremlin-backed cybercrime campaignsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
APT focus: βNoisyβ Russian hacking crews are among the worldβs most sophisticated
Unpacking the Matryoshka dolls behind Kremlin-backed cybercrime campaigns
π¦Ώ Study to become a CompTIA security infrastructure expert π¦Ώ
π Read
via "Tech Republic".
IT professionals who want to move up into elite cybersecurity positions can now boost their career trajectories instead of taking years to advance up the hierarchy.π Read
via "Tech Republic".
TechRepublic
Study to become a CompTIA security infrastructure expert
IT professionals who want to move up into elite cybersecurity positions can now boost their career trajectories instead of taking years to advance up the hierarchy.
ποΈ VMware security warning: Multiple vulnerabilities in vCenter Server could allow remote network access ποΈ
π Read
via "The Daily Swig".
Several issues including one critical bug have been remedied in latest patch cycleπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
VMware security warning: Multiple vulnerabilities in vCenter Server could allow remote network access
Several issues including one critical bug have been remedied in latest patch cycle
βΌ CVE-2021-3583 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36260 βΌ
π Read
via "National Vulnerability Database".
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39404 βΌ
π Read
via "National Vulnerability Database".
MaianAffiliate v1.0 allows an authenticated administrative user to save an XSS to the database.π Read
via "National Vulnerability Database".
β Feds Sanctions SUEX Cryptocurrency Exchange for Laundering Ransomware Payouts β
π Read
via "Threat Post".
The action is the first of its kind in the U.S., as the government increases efforts to get a handle on cybercrime.π Read
via "Threat Post".
Threat Post
Feds Sanctions SUEX Cryptocurrency Exchange for Laundering Ransomware Payouts
The action is the first of its kind in the U.S., as the government increases efforts to get a handle on cybercrime.
β TikTok, GitHub, Facebook Join Open-Source Bug Bounty β
π Read
via "Threat Post".
The initiative, run by HackerOne, aims to uncover dangerous code repository bugs that end up going viral across the application supply-chain.π Read
via "Threat Post".
Threat Post
TikTok, GitHub, Facebook Join Open-Source Bug Bounty
The initiative, run by HackerOne, aims to uncover dangerous code repository bugs that end up going viral across the application supply-chain.
ποΈ Device βbreakageβ concerns surface days before Letβs Encrypt root cert expiry ποΈ
π Read
via "The Daily Swig".
Many devices and systems may not be ready for the switchoverπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Device βbreakageβ concerns persist days before Letβs Encrypt root cert expiry
Many devices and systems may not be ready for the switchover
βΌ CVE-2021-41011 βΌ
π Read
via "National Vulnerability Database".
LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40875 βΌ
π Read
via "National Vulnerability Database".
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths. The corresponding file paths can be tested, and in some cases, result in the disclosure of hardcoded credentials, API keys, or other sensitive data.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37927 βΌ
π Read
via "National Vulnerability Database".
Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37925 βΌ
π Read
via "National Vulnerability Database".
Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Auth OS command injection vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31836 βΌ
π Read
via "National Vulnerability Database".
Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31847 βΌ
π Read
via "National Vulnerability Database".
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31841 βΌ
π Read
via "National Vulnerability Database".
A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute arbitrary code as the system user, through not checking the DLL signature.π Read
via "National Vulnerability Database".
β VMware Warns of Ransomware-Friendly Bug in vCenter Server β
π Read
via "Threat Post".
VMware urged immediate patching of the max-severity, arbitrary file upload flaw in Analytics service, which affects all appliances running default 6.5, 6.7 and 7.0 installs.π Read
via "Threat Post".
Threat Post
VMware Warns of Ransomware-Friendly Bug in vCenter Server
UPDATE: Malicious actors are already scanning honeypots, looking for servers vulnerable to the critical arbitrary file upload flaw in vCenter servers' Analytics service.
β How REvil May Have Ripped Off Its Own Affiliates β
π Read
via "Threat Post".
A newly discovered backdoor and double chats could have enabled REvil ransomware-as-a-service operators to hijack victim cases and snatch affiliatesβ cuts of ransom payments.π Read
via "Threat Post".
Threat Post
How REvil May Have Ripped Off Its Own Affiliates
A newly discovered backdoor and double chats could have enabled REvil ransomware-as-a-service operators to hijack victim cases and snatch affiliatesβ cuts of ransom payments.