🕴 High-Profile Breaches Are Shifting Enterprise Security Strategy 🕴
📖 Read
via "Dark Reading".
Increased media attention is driving changes in enterprise security strategy -- some positive, some negative.📖 Read
via "Dark Reading".
Dark Reading
High-Profile Breaches Are Shifting Enterprise Security Strategy
Increased media attention is driving changes in enterprise security strategy -- some positive, some negative.
❌ Microsoft Kills Bug Being Exploited in MysterySnail Espionage Campaign ❌
📖 Read
via "Threat Post".
Microsoft's October 2021 Patch Tuesday included security fixes for 74 vulnerabilities, one of which is a zero-day being used to deliver the MysterySnail RAT to Windows servers.📖 Read
via "Threat Post".
Threat Post
Microsoft Oct. Patch Tuesday Squashes 4 Zero-Day Bugs
Microsoft put out security fixes for 74 vulnerabilities, one of which is being actively exploited to deliver the new MysterySnail RAT to Windows servers.
‼ CVE-2020-22679 ‼
📖 Read
via "National Vulnerability Database".
Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42325 ‼
📖 Read
via "National Vulnerability Database".
Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-22678 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-22674 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-22673 ‼
📖 Read
via "National Vulnerability Database".
Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-22677 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-22675 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.📖 Read
via "National Vulnerability Database".
🕴 Former Director of IT and Cybersecurity for Warren Presidential Campaign Launches Personified 🕴
📖 Read
via "Dark Reading".
Founder and CEO Mike Marotti will lead experts in campaign security to help progressive politicians and organizations with cybersecurity and IT needs.📖 Read
via "Dark Reading".
Dark Reading
Former Director of IT and Cybersecurity for Warren Presidential Campaign Launches Personified
Founder and CEO Mike Marotti will lead experts in campaign security to help progressive politicians and organizations with cybersecurity and IT needs.
🕴 Microsoft Fixes Zero-Day Flaw in Win32 Driver 🕴
📖 Read
via "Dark Reading".
A previously known threat actor is using the flaw in a broad cyber-espionage campaign, security vendor warns.📖 Read
via "Dark Reading".
Dark Reading
Microsoft Fixes Zero-Day Flaw in Win32 Driver
A previously known threat actor is using the flaw in a broad cyber-espionage campaign, security vendor warns.
‼ CVE-2021-20031 ‼
📖 Read
via "National Vulnerability Database".
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3322 ‼
📖 Read
via "National Vulnerability Database".
Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. Zephyr versions >= >=2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p86r-gc4r-4mq3📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3330 ‼
📖 Read
via "National Vulnerability Database".
RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr. Zephyr versions >= >=2.4.0 contain Out-of-bounds Write (CWE-787). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fj4r-373f-9456📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3321 ‼
📖 Read
via "National Vulnerability Database".
Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal. Zephyr versions >= >=2.4.0 contain Integer Overflow to Buffer Overflow (CWE-680). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-w44j-66g7-xw99📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3323 ‼
📖 Read
via "National Vulnerability Database".
Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Zephyr versions >= >=2.4.0 contain Integer Underflow (Wrap or Wraparound) (CWE-191). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j6-qpxf-pfpc📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41337 ‼
📖 Read
via "National Vulnerability Database".
Active Directory Security Feature Bypass Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41339 ‼
📖 Read
via "National Vulnerability Database".
Microsoft DWM Core Library Elevation of Privilege Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41334 ‼
📖 Read
via "National Vulnerability Database".
Windows Desktop Bridge Elevation of Privilege Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40464 ‼
📖 Read
via "National Vulnerability Database".
Windows Nearby Sharing Elevation of Privilege Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41343 ‼
📖 Read
via "National Vulnerability Database".
Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662.📖 Read
via "National Vulnerability Database".