π΄ 4.6M Neiman Marcus Online Customers Alerted to Data Breach π΄
π Read
via "Dark Reading".
The breach occurred in May 2020.π Read
via "Dark Reading".
Dark Reading
4.6M Neiman Marcus Online Customers Alerted to Data Breach
The breach occurred in May 2020.
π¦Ώ Lawsuit claims ransomware attack caused fatal injury to infant at Alabama hospital π¦Ώ
π Read
via "Tech Republic".
Fetal heartbeat monitors were down in the labor and delivery wards, which the lawsuit claims resulted in a baby being born with brain damage.π Read
via "Tech Republic".
TechRepublic
Lawsuit claims ransomware attack caused fatal injury to infant at Alabama hospital
Fetal heartbeat monitors were down in the labor and delivery wards, which the lawsuit claims resulted in a baby being born with brain damage.
π΄ Why Windows Print Spooler Remains a Big Attack Target π΄
π Read
via "Dark Reading".
Despite countless vulnerabilities and exploits, the legacy Windows printing process service continues to be an attack surface in constant need of repair and maintenance, security experts say.π Read
via "Dark Reading".
Dark Reading
Why Windows Print Spooler Remains a Big Attack Target
Despite countless vulnerabilities and exploits, the legacy Windows printing process service continues to be an attack surface in constant need of repair and maintenance, security experts say.
π΄ Companies Face Issues as Let's Encrypt Root Certificate Expires π΄
π Read
via "Dark Reading".
Experts warn devices will be affected after major HTTPS certificate provider Let's Encrypt saw its root certificate expire this week.π Read
via "Dark Reading".
Dark Reading
Companies Face Issues as Let's Encrypt Root Certificate Expires
Experts warn devices will be affected after major HTTPS certificate provider Let's Encrypt saw its root certificate expire this week.
β MFA Glitch Leads to 6K+ Coinbase Customers Getting Robbed β
π Read
via "Threat Post".
Coinbase suspects phishing led to attackers getting personal details needed to access wallets but also blamed a flaw in its SMS-based 2FA.π Read
via "Threat Post".
Threat Post
MFA Glitch Leads to 6K+ Coinbase Customers Getting Robbed
Coinbase suspects phishing led to attackers getting personal details needed to access wallets but also blamed a flaw in its SMS-based 2FA.
βΌ CVE-2021-38097 βΌ
π Read
via "National Vulnerability Database".
Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38104 βΌ
π Read
via "National Vulnerability Database".
IPPP72.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PPT file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-21014 βΌ
π Read
via "National Vulnerability Database".
emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38099 βΌ
π Read
via "National Vulnerability Database".
CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious CPT file. This is different from CVE-2021-38101.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38096 βΌ
π Read
via "National Vulnerability Database".
Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-21012 βΌ
π Read
via "National Vulnerability Database".
Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38103 βΌ
π Read
via "National Vulnerability Database".
IBJPG2.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PPT file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41845 βΌ
π Read
via "National Vulnerability Database".
A SQL injection issue was discovered in ThycoticCentrify Secret Server before 11.0.000007.π Read
via "National Vulnerability Database".
βΌ CVE-2020-21013 βΌ
π Read
via "National Vulnerability Database".
emlog v6.0.0 contains a SQL injection via /admin/comment.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36298 βΌ
π Read
via "National Vulnerability Database".
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete control of InsightIQ to affect services provided by SSH; so Dell recommends customers to upgrade at the earliest opportunity.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36309 βΌ
π Read
via "National Vulnerability Database".
Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2020-21228 βΌ
π Read
via "National Vulnerability Database".
JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in the component /user/release.html, which allows attackers to arbitrarily add an administrator cookie.π Read
via "National Vulnerability Database".
ποΈ βProlificβ ransomware operators arrested in Ukraine β Europol ποΈ
π Read
via "The Daily Swig".
Assets also frozen over βstring of targeted attacksβ against US and European targetsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
βProlificβ ransomware operators arrested in Ukraine β Europol
Assets also frozen over βstring of targeted attacksβ against US and European targets
βΌ CVE-2021-22557 βΌ
π Read
via "National Vulnerability Database".
SLO generator allows for loading of YAML files that if crafted in a specific format can allow for code execution within the context of the SLO Generator. We recommend upgrading SLO Generator past https://github.com/google/slo-generator/pull/173π Read
via "National Vulnerability Database".
β Gift card fraud: four suspects hit with money laundering charges β
π Read
via "Naked Security".
Gift card fraud may sound like small beer against ransomware - but it's personal, it hurts, and it's still a multi-million dollar problem.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Cybersecurity Awareness Month: #BeCyberSmart β
π Read
via "Naked Security".
#BeCyberSmart - during CyberSecurity Awareness Month and beyondπ Read
via "Naked Security".
Naked Security
Cybersecurity Awareness Month: #BeCyberSmart
#BeCyberSmart β during CyberSecurity Awareness Month and beyond