βΌ CVE-2021-22020 βΌ
π Read
via "National Vulnerability Database".
The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22945 βΌ
π Read
via "National Vulnerability Database".
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22950 βΌ
π Read
via "National Vulnerability Database".
Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachments to comments in the conversation section to be deleted.Credit for discovery: "Solar Security Research Team"π Read
via "National Vulnerability Database".
βΌ CVE-2021-22948 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the cryptographically insecure uniqid() PHP function. Under some circumstances, an attacker could theoretically be able to brute force session IDs in order to take over a specific account.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22012 βΌ
π Read
via "National Vulnerability Database".
The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22005 βΌ
π Read
via "National Vulnerability Database".
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22941 βΌ
π Read
via "National Vulnerability Database".
Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21993 βΌ
π Read
via "National Vulnerability Database".
The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22008 βΌ
π Read
via "National Vulnerability Database".
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information.π Read
via "National Vulnerability Database".
β FamousSparrow APT Wings in to Spy on Hotels, Governments β
π Read
via "Threat Post".
A custom "SparrowDoor" backdoor has allowed the attackers to collect data from targets around the globe.π Read
via "Threat Post".
Threat Post
FamousSparrow APT Wings in to Spy on Hotels, Governments
A custom "SparrowDoor" backdoor has allowed the attackers to collect data from targets around the globe.
π¦Ώ Ransomware now accounts for 69% of all attacks that use malware π¦Ώ
π Read
via "Tech Republic".
The most common targets of ransomware in the second quarter of 2021 were governmental, medical and industrial companies along with scientific and educational institutions, says Positive Technologies.π Read
via "Tech Republic".
TechRepublic
Ransomware now accounts for 69% of all attacks that use malware
The most common targets of ransomware in the second quarter of 2021 were governmental, medical and industrial companies along with scientific and educational institutions, says Positive Technologies.
π¦Ώ How to secure SSH logins with port knocking π¦Ώ
π Read
via "Tech Republic".
Knock, knock ... who's there? SSH. SSH who? You need to lock down your servers so that only you have access via SSH. One way to help that is with knockd. Jack Wallen shows you how.π Read
via "Tech Republic".
ποΈ Fake WhatsApp backup message delivers malware to Spanish speakersβ devices ποΈ
π Read
via "The Daily Swig".
The trojan horse in Spain is nothing but a painπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Fake WhatsApp backup message delivers malware to Spanish speakersβ devices
The trojan horse in Spain is nothing but a pain
π Zeek 4.0.4 π
π Read
via "Packet Storm Security".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Zeek 4.0.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π¦Ώ How phishing-as-a-service operations pose a threat to organizations π¦Ώ
π Read
via "Tech Republic".
Attackers can easily buy, deploy and scale phishing campaigns to steal credentials and other sensitive data, says Microsoft.π Read
via "Tech Republic".
π¦Ώ Ransomware detections dropped by almost half, but the threat is only getting worse, says Trend Micro π¦Ώ
π Read
via "Tech Republic".
Rather than indicating ransomware was a passing fad, the decrease in attack volume shows that attackers are starting to become more opportunistic and smarter about picking targets.π Read
via "Tech Republic".
TechRepublic
Ransomware detections dropped by almost half, but the threat is only getting worse, says Trend Micro
Rather than indicating ransomware was a passing fad, the decrease in attack volume shows that attackers are starting to become more opportunistic and smarter about picking targets.
βΌ CVE-2021-32963 βΌ
π Read
via "National Vulnerability Database".
Null pointer dereference in SuiteLink server while processing commands 0x03/0x10π Read
via "National Vulnerability Database".
βΌ CVE-2021-32959 βΌ
π Read
via "National Vulnerability Database".
Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06π Read
via "National Vulnerability Database".
βΌ CVE-2021-32979 βΌ
π Read
via "National Vulnerability Database".
Null pointer dereference in SuiteLink server while processing commands 0x04/0x0aπ Read
via "National Vulnerability Database".
βΌ CVE-2021-41381 βΌ
π Read
via "National Vulnerability Database".
Payara Micro Community 5.2021.6 and below allows Directory Traversal.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26750 βΌ
π Read
via "National Vulnerability Database".
DLL hijacking in Panda Agent <=1.16.11 in Panda Security, S.L.U. Panda Adaptive Defense 360 <= 8.0.17 allows attacker to escalate privileges via maliciously crafted DLL file.π Read
via "National Vulnerability Database".