🦿 The different types of sudo and su in Linux 🦿
📖 Read
via "Tech Republic".
Jack Wallen demystifies these two Linux admin tools because knowing which sudo or su command to run is important.📖 Read
via "Tech Republic".
TechRepublic
The different types of sudo and su in Linux
Jack Wallen demystifies these two Linux admin tools because knowing which sudo or su command to run is important.
🦿 What it costs to hire a hacker on the Dark Web 🦿
📖 Read
via "Tech Republic".
Though the final price for a cybercriminal's services is usually negotiated, personal attacks are the most expensive, says Comparitech.📖 Read
via "Tech Republic".
TechRepublic
What It Costs to Hire a Hacker on the Dark Web
The cost to hire a hacker can be incredibly cheap. Use this cybersecurity guide to learn about the major activities of hackers.
🕴 Why Choke-Point Analysis Is Essential in Active Directory Security 🕴
📖 Read
via "Dark Reading".
Defense should focus on high-value choke points first to ensure that their most critical assets are protected, before moving on to deal with other attack paths.📖 Read
via "Dark Reading".
Dark Reading
Why Choke-Point Analysis Is Essential in Active Directory Security
Defense should focus on high-value choke points first to ensure that their most critical assets are protected, before moving on to deal with other attack paths.
❌ Office 365 Spy Campaign Targets US Military Defense ❌
📖 Read
via "Threat Post".
An Iran-linked group is taking aim at makers of drones and satellites, Persian Gulf ports and maritime shipping companies, among others.📖 Read
via "Threat Post".
Threat Post
Office 365 Spy Campaign Targets US Military Defense
An Iran-linked group is taking aim at makers of drones and satellites, Persian Gulf ports and maritime shipping companies, among others.
‼ CVE-2021-37732 ‼
📖 Read
via "National Vulnerability Database".
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.11 and below; Aruba Instant 8.6.x.x: 8.6.0.6 and below; Aruba Instant 8.7.x.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41797 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41071 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37734 ‼
📖 Read
via "National Vulnerability Database".
A remote unauthorized read access to files vulnerability was discovered in Aruba Instant version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.19 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below; Aruba Instant 8.8.x.x: 8.8.0.0 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37735 ‼
📖 Read
via "National Vulnerability Database".
A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.10 and below; Aruba Instant 8.6.x.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41136 ‼
📖 Read
via "National Vulnerability Database".
Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. The only proxy which has this behavior, as far as the Puma team is aware of, is Apache Traffic Server. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This vulnerability was patched in Puma 5.5.1 and 4.3.9. As a workaround, do not use Apache Traffic Server with `puma`.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41796 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35214 ‼
📖 Read
via "National Vulnerability Database".
The vulnerability can be described as a failure to invalidate user session upon password change. When running multiple active sessions in separate browser windows, it was observed a password or email address change could be changed without terminating the user session.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41070 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none📖 Read
via "National Vulnerability Database".
❌ Windows Zero-Day Actively Exploited in Widespread Espionage Campaign ❌
📖 Read
via "Threat Post".
The cyberattacks, linked to a Chinese-speaking APT, deliver the new MysterySnail RAT malware to Windows servers.📖 Read
via "Threat Post".
Threat Post
Windows Zero-Day Actively Exploited in Widespread Espionage Campaign
The cyberattacks, linked to a Chinese-speaking APT, deliver the new MysterySnail RAT malware to Windows servers.
‼ CVE-2021-29644 ‼
📖 Read
via "National Vulnerability Database".
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit this issue to execute code with unrestricted privileges on the underlying OS.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-29645 ‼
📖 Read
via "National Vulnerability Database".
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 calls the SendMessageTimeoutW API with arbitrary arguments via a local pipe, leading to a local privilege escalation vulnerability. An attacker who exploits this issue could execute arbitrary code on the local system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27003 ‼
📖 Read
via "National Vulnerability Database".
Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40292 ‼
📖 Read
via "National Vulnerability Database".
A Stored Cross Site Sripting (XSS) vulnerability exists in DzzOffice 2.02.1 via the settingnew parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42326 ‼
📖 Read
via "National Vulnerability Database".
Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40618 ‼
📖 Read
via "National Vulnerability Database".
An SQL Injection vulnerability exists in openSIS Classic 8.0 via the 1) ADDR_CONT_USRN, 2) ADDR_CONT_PSWD, 3) SECN_CONT_USRN or 4) SECN_CONT_PSWD parameters in HoldAddressFields.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35494 ‼
📖 Read
via "National Vulnerability Database".
The Rest API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft Azure contain a race condition that allows a low privileged authenticated attacker via the REST API to obtain read access to temporary objects created by other users on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions 7.2.1 and below, TIBCO JasperReports Server: versions 7.5.0 and 7.5.1, TIBCO JasperReports Server: version 7.8.0, TIBCO JasperReports Server: version 7.9.0, TIBCO JasperReports Server - Community Edition: versions 7.8.0 and below, TIBCO JasperReports Server - Developer Edition: versions 7.9.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 7.9.0 and below, TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.9.0 and below, and TIBCO JasperReports Server for Microsoft Azure: version 7.8.0.📖 Read
via "National Vulnerability Database".