βοΈ How Coinbase Phishers Steal One-Time Passwords βοΈ
π Read
via "Krebs on Security".
A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millions as part of an effort to identify email addresses that are already associated with active accounts.π Read
via "Krebs on Security".
Krebs on Security
How Coinbase Phishers Steal One-Time Passwords
A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millionsβ¦
π¦Ώ Securing Microsoft 365 with app governance π¦Ώ
π Read
via "Tech Republic".
How can you protect your network and data from consent phishing attacks? Microsoft's new app compliance program can help.π Read
via "Tech Republic".
π΄ Corelight Unveils Corelight Labs, a Hub for Research and Innovation π΄
π Read
via "Dark Reading".
Company expands its research expertise with addition of AI and security operations experts from its PatternEx acquisition to the Labs team.π Read
via "Dark Reading".
Dark Reading
Corelight Unveils Corelight Labs, a Hub for Research and Innovation
Company expands its research expertise with addition of AI and security operations experts from its PatternEx acquisition to the Labs team.
ποΈ Unresolved GitHub Actions flaw allows code to be approved without review ποΈ
π Read
via "The Daily Swig".
Mitigations are available for yet-to-be-fixed vulnerabilityπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Unresolved GitHub Actions flaw allows code to be approved without review
Mitigations are available for yet-to-be-fixed vulnerability
β Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers β
π Read
via "Threat Post".
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc.π Read
via "Threat Post".
Threat Post
Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc.
βΌ CVE-2021-34814 βΌ
π Read
via "National Vulnerability Database".
Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41137 βΌ
π Read
via "National Vulnerability Database".
Minio is a Kubernetes native application for cloud storage. All users on release `RELEASE.2021-10-10T16-53-30Z` are affected by a vulnerability that involves bypassing policy restrictions on regular users. Normally, checkKeyValid() should return owner true for rootCreds. In the affected version, policy restriction did not work properly for users who did not have service (svc) or security token service (STS) accounts. This issue is fixed in `RELEASE.2021-10-13T00-23-17Z`. A downgrade back to release `RELEASE.2021-10-08T23-58-24Z` is available as a workaround.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39304 βΌ
π Read
via "National Vulnerability Database".
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass.π Read
via "National Vulnerability Database".
π¦Ώ Dark Web: Many cybercrime services sell for less than $500 π¦Ώ
π Read
via "Tech Republic".
A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN.π Read
via "Tech Republic".
TechRepublic
Dark Web: Many cybercrime services sell for less than $500
A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN.
β Apple quietly patches yet another iPhone 0-day β check you have 15.0.2 β
π Read
via "Naked Security".
Oops!... They did it again.π Read
via "Naked Security".
Naked Security
Apple quietly patches yet another iPhone 0-day β check you have 15.0.2
Oops!β¦ They did it again.
β Romance scams with a cryptocurrency twist β new research from SophosLabs β
π Read
via "Naked Security".
Romance scams and dating site treachery with a new twist - "there's an app for that!"π Read
via "Naked Security".
Naked Security
Romance scams with a cryptocurrency twist β new research from SophosLabs
Romance scams and dating site treachery with a new twist β βthereβs an app for that!β
βΌ CVE-2021-22036 βΌ
π Read
via "National Vulnerability Database".
VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive information disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22035 βΌ
π Read
via "National Vulnerability Database".
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user's environment.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22033 βΌ
π Read
via "National Vulnerability Database".
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20125 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek VigorConnect 1.6.0-B3. An unauthenticated attacker could leverage this vulnerability to upload files to any location on the target operating system with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40732 βΌ
π Read
via "National Vulnerability Database".
XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interaction is required to exploit this vulnerability in that the victim will need to open a specially crafted MXF file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20124 βΌ
π Read
via "National Vulnerability Database".
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3057 βΌ
π Read
via "National Vulnerability Database".
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20126 βΌ
π Read
via "National Vulnerability Database".
Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20127 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete files in any location on the target operating system with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35498 βΌ
π Read
via "National Vulnerability Database".
The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, and TIBCO Product and Service Catalog powered by TIBCO EBX contains a vulnerability that under certain specific conditions allows an attacker to enter a password other than the legitimate password and it will be accepted as valid. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.123 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, and 5.9.14, TIBCO EBX: versions 6.0.0 and 6.0.1, and TIBCO Product and Service Catalog powered by TIBCO EBX: version 1.0.0.π Read
via "National Vulnerability Database".