βΌ CVE-2021-42327 βΌ
π Read
via "National Vulnerability Database".
dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer.π Read
via "National Vulnerability Database".
π US Treasury Outlines Compliance Best Practices for Cryptocurrency Companies π
π Read
via "".
The newly released guide is designed to emphasize sanctions compliance requirements amid the US governmentβs efforts to combat ransomware.π Read
via "".
Digital Guardian
US Treasury Outlines Compliance Best Practices for Cryptocurrency Companies
The newly released guide is designed to emphasize sanctions compliance requirements amid the US governmentβs efforts to combat ransomware.
π΄ Why Should My Organization Consider XDR? π΄
π Read
via "Dark Reading".
XDR is a newish industry term addressing a very old problem: security products that don't work together to detect threats.π Read
via "Dark Reading".
Dark Reading
Why Should My Organization Consider XDR?
XDR is a newish industry term addressing a very old problem: security products that don't work together to detect threats.
β TA551 Shifts Tactics to Install Sliver Red-Teaming Tool β
π Read
via "Threat Post".
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.π Read
via "Threat Post".
Threat Post
TA551 Shifts Tactics to Install Sliver Red-Teaming Tool
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.
β U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn β
π Read
via "Threat Post".
Meanwhile, Zerodium's quest to buy VPN exploits is problematic, researchers said.π Read
via "Threat Post".
Threat Post
U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn
Meanwhile, Zerodiumβs quest to buy VPN exploits is problematic, researchers said.
π΄ Plurilock to Acquire Assets of CloudCodes Software π΄
π Read
via "Dark Reading".
Transaction marks Plurilockβs second acquisition in 2021.π Read
via "Dark Reading".
Dark Reading
Plurilock to Acquire Assets of CloudCodes Software
Transaction marks Plurilockβs second acquisition in 2021.
π΄ Invicti Security Announces $625 Million Growth Investment Led by Summit Partners π΄
π Read
via "Dark Reading".
Web application security provider plans to leverage new investment to continue product expansion and support global growth.π Read
via "Dark Reading".
Dark Reading
Invicti Security Announces $625 Million Growth Investment Led by Summit Partners
Web application security provider plans to leverage new investment to continue product expansion and support global growth.
π΄ Nearly Three-Quarters of Organizations Victimized by DNS Attacks in Past 12 Months π΄
π Read
via "Dark Reading".
Response and recovery have significant impact on 58% of targeted businesses.π Read
via "Dark Reading".
Dark Reading
Nearly Three-Quarters of Organizations Victimized by DNS Attacks in Past 12 Months
Response and recovery have significant impact on 58% of targeted businesses.
π΄ Cohesity Announces Disaster Recovery as a Service, Providing Automated Disaster Recovery π΄
π Read
via "Dark Reading".
New Offering Can Help Businesses Quickly Recover from Ransomware Attacks, Speed Data Recovery, and Advance Business Continuityπ Read
via "Dark Reading".
Dark Reading
Even 'Perfect' APIs Can be Abused
Broad-scale API abuse is occurring every day as businesses make their data available to trading partners β and even the public.
βΌ CVE-2021-41146 βΌ
π Read
via "National Vulnerability Database".
qutebrowser is an open source keyboard-focused browser with a minimal GUI. Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers a `qutebrowserurl:` URL handler. With certain applications, opening a specially crafted `qutebrowserurl:...` URL can lead to execution of qutebrowser commands, which in turn allows arbitrary code execution via commands such as `:spawn` or `:debug-pyeval`. Only Windows installs where qutebrowser is registered as URL handler are affected. The issue has been fixed in qutebrowser v2.4.0. The fix also adds additional hardening for potential similar issues on Linux (by adding the new --untrusted-args flag to the .desktop file), though no such vulnerabilities are known.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42716 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42715 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35225 βΌ
π Read
via "National Vulnerability Database".
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41159 βΌ
π Read
via "National Vulnerability Database".
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41160 βΌ
π Read
via "National Vulnerability Database".
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35228 βΌ
π Read
via "National Vulnerability Database".
This vulnerability occurred due to missing input sanitization for one of the output fields that is extracted from headers on specific section of page causing a reflective cross site scripting attack. An attacker would need to perform a Man in the Middle attack in order to change header for a remote victim.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35227 βΌ
π Read
via "National Vulnerability Database".
The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available.π Read
via "National Vulnerability Database".
π΄ Akamai Technologies Completes Acquisition of Guardicore to Extend Its Zero Trust Solutions to Help Stop Ransomware π΄
π Read
via "Dark Reading".
Guardicore's micro-segmentation products will be added to Akamai's portfolio of Zero Trust solutions.π Read
via "Dark Reading".
Dark Reading
Akamai Technologies Completes Acquisition of Guardicore to Extend Its Zero Trust Solutions to Help Stop Ransomware
Guardicore's micro-segmentation products will be added to Akamai's portfolio of Zero Trust solutions.
π΄ Malware Abuses Core Features of Discord π΄
π Read
via "Dark Reading".
Researchers warn that Discord's bot framework can be easily weaponized.π Read
via "Dark Reading".
Dark Reading
Malware Abuses Core Features of Discord
Researchers warn that Discord's bot framework can be easily weaponized.
π΄ Cybrary Launches New Partnership with Check Point Software to Make Cybersecurity Training Accessible to All π΄
π Read
via "Dark Reading".
Online cybersecurity professional development platform bolsters the Check Point Education Initiative.π Read
via "Dark Reading".
Dark Reading
Cybrary Launches New Partnership with Check Point Software to Make Cybersecurity Training Accessible to All
Online cybersecurity professional development platform bolsters the Check Point Education Initiative.
π΄ Google Buckles Down on Android Enterprise Security π΄
π Read
via "Dark Reading".
The launch of Android 12 brings several new default security features, along with new security efforts for Android Enterprise.π Read
via "Dark Reading".
Dark Reading
Google Buckles Down on Android Enterprise Security
The launch of Android 12 brings several new default security features, along with new security efforts for Android Enterprise.