π¦Ώ Ransomware now accounts for 69% of all attacks that use malware π¦Ώ
π Read
via "Tech Republic".
The most common targets of ransomware in the second quarter of 2021 were governmental, medical and industrial companies along with scientific and educational institutions, says Positive Technologies.π Read
via "Tech Republic".
TechRepublic
Ransomware now accounts for 69% of all attacks that use malware
The most common targets of ransomware in the second quarter of 2021 were governmental, medical and industrial companies along with scientific and educational institutions, says Positive Technologies.
π¦Ώ How to secure SSH logins with port knocking π¦Ώ
π Read
via "Tech Republic".
Knock, knock ... who's there? SSH. SSH who? You need to lock down your servers so that only you have access via SSH. One way to help that is with knockd. Jack Wallen shows you how.π Read
via "Tech Republic".
ποΈ Fake WhatsApp backup message delivers malware to Spanish speakersβ devices ποΈ
π Read
via "The Daily Swig".
The trojan horse in Spain is nothing but a painπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Fake WhatsApp backup message delivers malware to Spanish speakersβ devices
The trojan horse in Spain is nothing but a pain
π Zeek 4.0.4 π
π Read
via "Packet Storm Security".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Zeek 4.0.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π¦Ώ How phishing-as-a-service operations pose a threat to organizations π¦Ώ
π Read
via "Tech Republic".
Attackers can easily buy, deploy and scale phishing campaigns to steal credentials and other sensitive data, says Microsoft.π Read
via "Tech Republic".
π¦Ώ Ransomware detections dropped by almost half, but the threat is only getting worse, says Trend Micro π¦Ώ
π Read
via "Tech Republic".
Rather than indicating ransomware was a passing fad, the decrease in attack volume shows that attackers are starting to become more opportunistic and smarter about picking targets.π Read
via "Tech Republic".
TechRepublic
Ransomware detections dropped by almost half, but the threat is only getting worse, says Trend Micro
Rather than indicating ransomware was a passing fad, the decrease in attack volume shows that attackers are starting to become more opportunistic and smarter about picking targets.
βΌ CVE-2021-32963 βΌ
π Read
via "National Vulnerability Database".
Null pointer dereference in SuiteLink server while processing commands 0x03/0x10π Read
via "National Vulnerability Database".
βΌ CVE-2021-32959 βΌ
π Read
via "National Vulnerability Database".
Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06π Read
via "National Vulnerability Database".
βΌ CVE-2021-32979 βΌ
π Read
via "National Vulnerability Database".
Null pointer dereference in SuiteLink server while processing commands 0x04/0x0aπ Read
via "National Vulnerability Database".
βΌ CVE-2021-41381 βΌ
π Read
via "National Vulnerability Database".
Payara Micro Community 5.2021.6 and below allows Directory Traversal.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26750 βΌ
π Read
via "National Vulnerability Database".
DLL hijacking in Panda Agent <=1.16.11 in Panda Security, S.L.U. Panda Adaptive Defense 360 <= 8.0.17 allows attacker to escalate privileges via maliciously crafted DLL file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32999 βΌ
π Read
via "National Vulnerability Database".
Improper handling of exceptional conditions in SuiteLink server while processing command 0x01π Read
via "National Vulnerability Database".
βΌ CVE-2021-41428 βΌ
π Read
via "National Vulnerability Database".
Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= 12.5.1001.5 in DATEV programs v14.1 allows attacker to escalate privileges via insufficient configuration of service components.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21913 βΌ
π Read
via "National Vulnerability Database".
An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. A specially-crafted network request can lead to command execution. An attacker can connect to the MQTT service to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32987 βΌ
π Read
via "National Vulnerability Database".
Null pointer dereference in SuiteLink server while processing command 0x0bπ Read
via "National Vulnerability Database".
βΌ CVE-2021-36872 βΌ
π Read
via "National Vulnerability Database".
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress Popular Posts plugin (versions <= 5.3.3). Vulnerable at &widget-wpp[2][post_type].π Read
via "National Vulnerability Database".
βΌ CVE-2021-32971 βΌ
π Read
via "National Vulnerability Database".
Null pointer dereference in SuiteLink server while processing command 0x07π Read
via "National Vulnerability Database".
βΌ CVE-2021-3824 βΌ
π Read
via "National Vulnerability Database".
OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL.π Read
via "National Vulnerability Database".
β How Outlook βautodiscoverβ could leak your passwords β and how to stop it β
π Read
via "Naked Security".
The Microsoft Autodiscover "Great Leak" explained - and how to prevent itπ Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β VMware patch bulletin warns: βThis needs your immediate attention.β β
π Read
via "Naked Security".
"It is a matter of time before working exploits are available," warns VMware.π Read
via "Naked Security".
Naked Security
VMware patch bulletin warns: βThis needs your immediate attention.β
βIt is a matter of time before working exploits are available,β warns VMware.
π¦Ώ How phishing-as-a-service operations pose a threat to organizations π¦Ώ
π Read
via "Tech Republic".
Attackers can easily buy, deploy and scale phishing campaigns to steal credentials and other sensitive data, says Microsoft.π Read
via "Tech Republic".