βΌ CVE-2021-38432 βΌ
π Read
via "National Vulnerability Database".
FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40990 βΌ
π Read
via "National Vulnerability Database".
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40724 βΌ
π Read
via "National Vulnerability Database".
Acrobat Reader for Android versions 21.8.0 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3875 βΌ
π Read
via "National Vulnerability Database".
vim is vulnerable to Heap-based Buffer Overflowπ Read
via "National Vulnerability Database".
βΌ CVE-2021-3881 βΌ
π Read
via "National Vulnerability Database".
libmobi is vulnerable to Out-of-bounds Readπ Read
via "National Vulnerability Database".
βΌ CVE-2021-40991 βΌ
π Read
via "National Vulnerability Database".
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40989 βΌ
π Read
via "National Vulnerability Database".
A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.π Read
via "National Vulnerability Database".
π΄ 'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks π΄
π Read
via "Dark Reading".
Discovered during a recent incident response engagement, the malware avoids Russian computers and uses a single symmetric key for encrypting every compromised system.π Read
via "Dark Reading".
Dark Reading
'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks
Discovered during a recent incident response engagement, the malware avoids Russian computers and uses a single symmetric key for encrypting every compromised system.
β S3 Ep54: Another 0-day, double Apache patch, and Fight The Phish [Podcast] β
π Read
via "Naked Security".
Latest episode - listen now!π Read
via "Naked Security".
Naked Security
S3 Ep54: Another 0-day, double Apache patch, and Fight The Phish [Podcast]
Latest episode β listen now!
β LANtenna hack spies on your data from across the room! (Sort of) β
π Read
via "Naked Security".
Are your network cables acting as undercover wireless transmitters? What can you do if they are?π Read
via "Naked Security".
Naked Security
LANtenna hack spies on your data from across the room! (Sort of)
Are your network cables acting as undercover wireless transmitters? What can you do if they are?
β Missouri Vows to Prosecute βHackerβ Who Disclosed Data Leak β
π Read
via "Threat Post".
Missouri Gov. Mike Parson launched a criminal investigation of a reporter who flagged a state website that exposed 100K+ Social-Security numbers for teachers and other state employees.π Read
via "Threat Post".
π¦Ώ Data center admins: Learn how to run a basic vulnerability scan on your Linux servers with Nessus π¦Ώ
π Read
via "Tech Republic".
Make sure the Linux servers in your data center are free from vulnerabilities by scanning them immediately using Nessus.π Read
via "Tech Republic".
TechRepublic
How to run a basic vulnerability scan on your data center Linux servers with Nessus
Are you certain your Linux servers in your data center are free from vulnerabilities? If not, you need to scan them immediately. Jack Wallen shows you how with Nessus.
π¦Ώ The White House holds an international summit on ransomware: What you should know π¦Ώ
π Read
via "Tech Republic".
This week the White House held a summit with various nations to address the threat of ransomware. Learn some of the takeaways and why certain nations were excluded.π Read
via "Tech Republic".
TechRepublic
The White House's international summit on ransomware: Biggest cybersecurity takeaways
This week the White House held a summit with various nations to address the threat of ransomware. Experts weigh in on the important security takeaways and why certain nations were excluded.
π΄ How Attackers Hack Humans π΄
π Read
via "Dark Reading".
Inside their motivations, how they go about it -- and what businesses can do about it, according to Counterintelligence Institute founder Peter Warmka.π Read
via "Dark Reading".
Dark Reading
How Attackers Hack Humans
Inside their motivations, how they go about it -- and what businesses can do about it, according to Counterintelligence Institute founder Peter Warmka.
β TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates β
π Read
via "Threat Post".
The group β which also created BazarLoader and the Conti ransomware β has juiced its distribution tactics to threaten enterprises more than ever.π Read
via "Threat Post".
Threat Post
TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates
The group β which also created BazarLoader and the Conti ransomware β has juiced its distribution tactics to threaten enterprises more than ever.
βΌ CVE-2021-28021 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29745 βΌ
π Read
via "National Vulnerability Database".
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge escalation where a lower evel user could have access to the 'New Job' page to which they should not have access to. IBM X-Force ID: 201695.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29679 βΌ
π Read
via "National Vulnerability Database".
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive. IBM X-Force ID: 199915.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41320 βΌ
π Read
via "National Vulnerability Database".
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with higher privilege than the average authenticated user.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4951 βΌ
π Read
via "National Vulnerability Database".
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.π Read
via "National Vulnerability Database".
π¦Ώ How to use DocSecrets to encrypt sections of your Google Docs π¦Ώ
π Read
via "Tech Republic".
If you need to hide sections of text in Google Documents, give the handy DocSecrets add-on a try.π Read
via "Tech Republic".
TechRepublic
How to use DocSecrets to encrypt sections of your Google Docs - TechRepublic
If you need to hide sections of text in Google Documents, give the handy DocSecrets add-on a try.