β Mandating a Zero-Trust Approach for Software Supply Chains β
π Read
via "Threat Post".
Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains.π Read
via "Threat Post".
Threat Post
Mandating a Zero-Trust Approach for Software Supply Chains
Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains.
ποΈ βFind out what sparks joyβ β YouTube educator and security expert Katie Paxton-Fear on carving out a successful infosec career ποΈ
π Read
via "The Daily Swig".
βNever stop learningβ, Swig readers told during Q&A sessionπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
βFind out what sparks joyβ β YouTube educator and security expert Katie Paxton-Fear on carving out a successful infosec career
βNever stop learningβ, Swig readers told during Q&A session
π΄ A Close Look at Russia's Ghostwriter Campaign π΄
π Read
via "Dark Reading".
The group, which conducts espionage and sows disinformation, is larger than previously thought and has shifted tactics.π Read
via "Dark Reading".
Dark Reading
A Close Look at Russia's Ghostwriter Campaign
The group, which conducts espionage and sows disinformation, is larger than previously thought and has shifted tactics.
βοΈ How Coinbase Phishers Steal One-Time Passwords βοΈ
π Read
via "Krebs on Security".
A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millions as part of an effort to identify email addresses that are already associated with active accounts.π Read
via "Krebs on Security".
Krebs on Security
How Coinbase Phishers Steal One-Time Passwords
A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millionsβ¦
π¦Ώ Securing Microsoft 365 with app governance π¦Ώ
π Read
via "Tech Republic".
How can you protect your network and data from consent phishing attacks? Microsoft's new app compliance program can help.π Read
via "Tech Republic".
π΄ Corelight Unveils Corelight Labs, a Hub for Research and Innovation π΄
π Read
via "Dark Reading".
Company expands its research expertise with addition of AI and security operations experts from its PatternEx acquisition to the Labs team.π Read
via "Dark Reading".
Dark Reading
Corelight Unveils Corelight Labs, a Hub for Research and Innovation
Company expands its research expertise with addition of AI and security operations experts from its PatternEx acquisition to the Labs team.
ποΈ Unresolved GitHub Actions flaw allows code to be approved without review ποΈ
π Read
via "The Daily Swig".
Mitigations are available for yet-to-be-fixed vulnerabilityπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Unresolved GitHub Actions flaw allows code to be approved without review
Mitigations are available for yet-to-be-fixed vulnerability
β Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers β
π Read
via "Threat Post".
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc.π Read
via "Threat Post".
Threat Post
Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc.
βΌ CVE-2021-34814 βΌ
π Read
via "National Vulnerability Database".
Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41137 βΌ
π Read
via "National Vulnerability Database".
Minio is a Kubernetes native application for cloud storage. All users on release `RELEASE.2021-10-10T16-53-30Z` are affected by a vulnerability that involves bypassing policy restrictions on regular users. Normally, checkKeyValid() should return owner true for rootCreds. In the affected version, policy restriction did not work properly for users who did not have service (svc) or security token service (STS) accounts. This issue is fixed in `RELEASE.2021-10-13T00-23-17Z`. A downgrade back to release `RELEASE.2021-10-08T23-58-24Z` is available as a workaround.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39304 βΌ
π Read
via "National Vulnerability Database".
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass.π Read
via "National Vulnerability Database".
π¦Ώ Dark Web: Many cybercrime services sell for less than $500 π¦Ώ
π Read
via "Tech Republic".
A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN.π Read
via "Tech Republic".
TechRepublic
Dark Web: Many cybercrime services sell for less than $500
A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN.
β Apple quietly patches yet another iPhone 0-day β check you have 15.0.2 β
π Read
via "Naked Security".
Oops!... They did it again.π Read
via "Naked Security".
Naked Security
Apple quietly patches yet another iPhone 0-day β check you have 15.0.2
Oops!β¦ They did it again.
β Romance scams with a cryptocurrency twist β new research from SophosLabs β
π Read
via "Naked Security".
Romance scams and dating site treachery with a new twist - "there's an app for that!"π Read
via "Naked Security".
Naked Security
Romance scams with a cryptocurrency twist β new research from SophosLabs
Romance scams and dating site treachery with a new twist β βthereβs an app for that!β
βΌ CVE-2021-22036 βΌ
π Read
via "National Vulnerability Database".
VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive information disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22035 βΌ
π Read
via "National Vulnerability Database".
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user's environment.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22033 βΌ
π Read
via "National Vulnerability Database".
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20125 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek VigorConnect 1.6.0-B3. An unauthenticated attacker could leverage this vulnerability to upload files to any location on the target operating system with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40732 βΌ
π Read
via "National Vulnerability Database".
XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interaction is required to exploit this vulnerability in that the victim will need to open a specially crafted MXF file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20124 βΌ
π Read
via "National Vulnerability Database".
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3057 βΌ
π Read
via "National Vulnerability Database".
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux.π Read
via "National Vulnerability Database".