β 30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware β
π Read
via "Threat Post".
The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza.π Read
via "Threat Post".
Threat Post
30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware
The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza.
βΌ CVE-2021-33609 βΌ
π Read
via "National Vulnerability Database".
Missing check in DataCommunicator class in com.vaadin:vaadin-server versions 8.0.0 through 8.14.0 (Vaadin 8.0.0 through 8.14.0) allows authenticated network attacker to cause heap exhaustion by requesting too many rows of data.π Read
via "National Vulnerability Database".
β OpenSea βFree Giftβ NFTs Drain Cryptowallet Balances β
π Read
via "Threat Post".
Cybercriminals exploited bugs in the world's largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users.π Read
via "Threat Post".
Threat Post
OpenSea βFree Giftβ NFTs Drain Cryptowallet Balances
Cybercriminals exploited bugs in the world's largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users.
ποΈ Nagios XI updated to address trio of security vulnerabilities ποΈ
π Read
via "The Daily Swig".
Post-auth flaws could give attackers a platform from which to pivot to other parts of the networkπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Nagios XI updated to address trio of security vulnerabilities
Post-auth flaws could give attackers a platform from which to pivot to other parts of the network
β Mandating a Zero-Trust Approach for Software Supply Chains β
π Read
via "Threat Post".
Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains.π Read
via "Threat Post".
Threat Post
Mandating a Zero-Trust Approach for Software Supply Chains
Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains.
ποΈ βFind out what sparks joyβ β YouTube educator and security expert Katie Paxton-Fear on carving out a successful infosec career ποΈ
π Read
via "The Daily Swig".
βNever stop learningβ, Swig readers told during Q&A sessionπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
βFind out what sparks joyβ β YouTube educator and security expert Katie Paxton-Fear on carving out a successful infosec career
βNever stop learningβ, Swig readers told during Q&A session
π΄ A Close Look at Russia's Ghostwriter Campaign π΄
π Read
via "Dark Reading".
The group, which conducts espionage and sows disinformation, is larger than previously thought and has shifted tactics.π Read
via "Dark Reading".
Dark Reading
A Close Look at Russia's Ghostwriter Campaign
The group, which conducts espionage and sows disinformation, is larger than previously thought and has shifted tactics.
βοΈ How Coinbase Phishers Steal One-Time Passwords βοΈ
π Read
via "Krebs on Security".
A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millions as part of an effort to identify email addresses that are already associated with active accounts.π Read
via "Krebs on Security".
Krebs on Security
How Coinbase Phishers Steal One-Time Passwords
A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millionsβ¦
π¦Ώ Securing Microsoft 365 with app governance π¦Ώ
π Read
via "Tech Republic".
How can you protect your network and data from consent phishing attacks? Microsoft's new app compliance program can help.π Read
via "Tech Republic".
π΄ Corelight Unveils Corelight Labs, a Hub for Research and Innovation π΄
π Read
via "Dark Reading".
Company expands its research expertise with addition of AI and security operations experts from its PatternEx acquisition to the Labs team.π Read
via "Dark Reading".
Dark Reading
Corelight Unveils Corelight Labs, a Hub for Research and Innovation
Company expands its research expertise with addition of AI and security operations experts from its PatternEx acquisition to the Labs team.
ποΈ Unresolved GitHub Actions flaw allows code to be approved without review ποΈ
π Read
via "The Daily Swig".
Mitigations are available for yet-to-be-fixed vulnerabilityπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Unresolved GitHub Actions flaw allows code to be approved without review
Mitigations are available for yet-to-be-fixed vulnerability
β Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers β
π Read
via "Threat Post".
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc.π Read
via "Threat Post".
Threat Post
Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc.
βΌ CVE-2021-34814 βΌ
π Read
via "National Vulnerability Database".
Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41137 βΌ
π Read
via "National Vulnerability Database".
Minio is a Kubernetes native application for cloud storage. All users on release `RELEASE.2021-10-10T16-53-30Z` are affected by a vulnerability that involves bypassing policy restrictions on regular users. Normally, checkKeyValid() should return owner true for rootCreds. In the affected version, policy restriction did not work properly for users who did not have service (svc) or security token service (STS) accounts. This issue is fixed in `RELEASE.2021-10-13T00-23-17Z`. A downgrade back to release `RELEASE.2021-10-08T23-58-24Z` is available as a workaround.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39304 βΌ
π Read
via "National Vulnerability Database".
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass.π Read
via "National Vulnerability Database".
π¦Ώ Dark Web: Many cybercrime services sell for less than $500 π¦Ώ
π Read
via "Tech Republic".
A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN.π Read
via "Tech Republic".
TechRepublic
Dark Web: Many cybercrime services sell for less than $500
A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN.
β Apple quietly patches yet another iPhone 0-day β check you have 15.0.2 β
π Read
via "Naked Security".
Oops!... They did it again.π Read
via "Naked Security".
Naked Security
Apple quietly patches yet another iPhone 0-day β check you have 15.0.2
Oops!β¦ They did it again.
β Romance scams with a cryptocurrency twist β new research from SophosLabs β
π Read
via "Naked Security".
Romance scams and dating site treachery with a new twist - "there's an app for that!"π Read
via "Naked Security".
Naked Security
Romance scams with a cryptocurrency twist β new research from SophosLabs
Romance scams and dating site treachery with a new twist β βthereβs an app for that!β
βΌ CVE-2021-22036 βΌ
π Read
via "National Vulnerability Database".
VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive information disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22035 βΌ
π Read
via "National Vulnerability Database".
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user's environment.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22033 βΌ
π Read
via "National Vulnerability Database".
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.π Read
via "National Vulnerability Database".