π¦Ώ Dark Web: Many cybercrime services sell for less than $500 π¦Ώ
π Read
via "Tech Republic".
A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN.π Read
via "Tech Republic".
TechRepublic
Dark Web: Many cybercrime services sell for less than $500
A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN.
β Apple quietly patches yet another iPhone 0-day β check you have 15.0.2 β
π Read
via "Naked Security".
Oops!... They did it again.π Read
via "Naked Security".
Naked Security
Apple quietly patches yet another iPhone 0-day β check you have 15.0.2
Oops!β¦ They did it again.
β Romance scams with a cryptocurrency twist β new research from SophosLabs β
π Read
via "Naked Security".
Romance scams and dating site treachery with a new twist - "there's an app for that!"π Read
via "Naked Security".
Naked Security
Romance scams with a cryptocurrency twist β new research from SophosLabs
Romance scams and dating site treachery with a new twist β βthereβs an app for that!β
βΌ CVE-2021-22036 βΌ
π Read
via "National Vulnerability Database".
VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive information disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22035 βΌ
π Read
via "National Vulnerability Database".
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user's environment.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22033 βΌ
π Read
via "National Vulnerability Database".
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20125 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek VigorConnect 1.6.0-B3. An unauthenticated attacker could leverage this vulnerability to upload files to any location on the target operating system with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40732 βΌ
π Read
via "National Vulnerability Database".
XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interaction is required to exploit this vulnerability in that the victim will need to open a specially crafted MXF file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20124 βΌ
π Read
via "National Vulnerability Database".
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3057 βΌ
π Read
via "National Vulnerability Database".
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20126 βΌ
π Read
via "National Vulnerability Database".
Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20127 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete files in any location on the target operating system with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35498 βΌ
π Read
via "National Vulnerability Database".
The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, and TIBCO Product and Service Catalog powered by TIBCO EBX contains a vulnerability that under certain specific conditions allows an attacker to enter a password other than the legitimate password and it will be accepted as valid. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.123 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, and 5.9.14, TIBCO EBX: versions 6.0.0 and 6.0.1, and TIBCO Product and Service Catalog powered by TIBCO EBX: version 1.0.0.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20129 βΌ
π Read
via "National Vulnerability Database".
An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20128 βΌ
π Read
via "National Vulnerability Database".
The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to stored XSS, as user input is not properly sanitized.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41138 βΌ
π Read
via "National Vulnerability Database".
Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for `pallet-ethereum`, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of this to put invalid transactions into a block. The attack is limited in that the signature is always validated, and the majority of the validation is done again in the subsequent `pallet-evm` execution logic. However, do note that a chain ID replay attack was possible. In addition, spamming attacks are of main concerns, while they are limited by Substrate block size limits and other factors. The issue is patched in commit `146bb48849e5393004be5c88beefe76fdf009aba`.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41139 βΌ
π Read
via "National Vulnerability Database".
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. When a logged on user selects a date in Time Tracker, it is being passed on via the date parameter in URI. Because of not checking this parameter for sanity in versions prior to 1.19.30.5600, it was possible to craft the URI with malicious JavaScript, use social engineering to convince logged on user to click on such link, and have the attacker-supplied JavaScript to be executed in user's browser. This issue is patched in version 1.19.30.5600. As a workaround, one may introduce `ttValidDbDateFormatDate` function as in the latest version and add a call to it within the access checks block in time.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20123 βΌ
π Read
via "National Vulnerability Database".
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.π Read
via "National Vulnerability Database".
π Microsoft Fends Off 2.4 Tbps DDoS Attack π
π Read
via "".
The attack was reportedly 140 percent higher than a 1 Tbps attack it saw in 2020 and higher than any network volumetric event the company previously detected.π Read
via "".
Digital Guardian
Microsoft Fends Off 2.4 Tbps DDoS Attack
The attack was reportedly 140 percent higher than a 1 Tbps attack it saw in 2020 and higher than any network volumetric event the company previously detected.
π΄ Are You Ready for the Privacy Laws Tsunami? π΄
π Read
via "Dark Reading".
Think PCI, HIPAA, and GDPR compliance is tough? There's a tsunami of similar laws on the way. Prepare your business for success with privacy by design.π Read
via "Dark Reading".
Dark Reading
Are You Ready for the Privacy Laws Tsunami?
Think PCI, HIPAA, and GDPR compliance is tough? There's a tsunami of similar laws on the way. Prepare your business for success with privacy by design.
β FreakOut Botnet Turns DVRs Into Monero Cryptominers β
π Read
via "Threat Post".
The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems.π Read
via "Threat Post".
Threat Post
FreakOut Botnet Turns DVRs Into Monero Cryptominers
The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems.