βΌ CVE-2021-39352 βΌ
π Read
via "National Vulnerability Database".
The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the ~/inc/CatchThemesDemoImport.php file, in versions up to and including 1.7, due to insufficient file type validation. This makes it possible for an attacker with administrative privileges to upload malicious files that can be used to achieve remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27746 βΌ
π Read
via "National Vulnerability Database".
"HCL Connections Security Update for Reflected Cross-Site Scripting (XSS) Vulnerability"π Read
via "National Vulnerability Database".
ποΈ EU ban on anonymous domain registration welcomed by threat intel firm ποΈ
π Read
via "The Daily Swig".
βThis raises the bar and makes it expensive for easy cyber criminality,β argues DomainToolsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
EU ban on anonymous domain registration welcomed by threat intel firm
βThis raises the bar and makes it expensive for easy cyber criminality,β argues DomainTools
ποΈ Japanese punctuation exacerbates privacy flaw that leaks one-word search terms in Google, Firefox browsers ποΈ
π Read
via "The Daily Swig".
Researcher questions efficacy of proposed remedies as debate rumbles on 18 months after disclosureπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Japanese punctuation exacerbates privacy flaw that leaks one-word search terms in Google, Firefox browsers
Researcher questions efficacy of proposed remedies as debate rumbles on 18 months after disclosure
β Threat Actors Abuse Discord to Push Malware β
π Read
via "Threat Post".
The platformβs Content Delivery Network and core features are being used to send malicious filesβincluding RATs--across its network of 150 million users, putting corporate workplaces at risk.π Read
via "Threat Post".
Threat Post
Threat Actors Abuse Discord to Push Malware
The platformβs Content Delivery Network and core features are being used to send malicious filesβincluding RATsβacross its network of 150 million users, putting corporate workplaces at risk.
βΌ CVE-2021-31835 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via a specific parameter where the administrator's entries were not correctly sanitized.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31834 βΌ
π Read
via "National Vulnerability Database".
Stored Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.π Read
via "National Vulnerability Database".
π¦Ώ What to do if your small business is a victim of a cyberattack π¦Ώ
π Read
via "Tech Republic".
Immersed in the throes of a cyberattack is not the time to figure out how to respond. An expert offers suggestions on how to create a company-specific incident-response plan.π Read
via "Tech Republic".
TechRepublic
What to do if your small business is a victim of a cyberattack
Immersed in the throes of a cyberattack is not the time to figure out how to respond. An expert offers suggestions on how to create a company-specific incident-response plan.
ποΈ Swiss exhibitions organizer MCH Group hit by cyber-attack ποΈ
π Read
via "The Daily Swig".
Investigations yet to confirm if any data was exfiltratedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Swiss exhibitions organizer MCH Group hit by cyber-attack
Investigations yet to confirm if any data was exfiltrated
β REvil ransomware gang allegedly forced offline by law enforcement counterattacks β
π Read
via "Naked Security".
One down. Lots more to go. Here's what to do...π Read
via "Naked Security".
Naked Security
REvil ransomware gang allegedly forced offline by law enforcement counterattacks
One down. Lots more to go. Hereβs what to doβ¦
π΄ What Squid Game Teaches Us About Cybersecurity π΄
π Read
via "Dark Reading".
When life inside the security operations center feels treacherous, here are some suggestions for getting out alive.π Read
via "Dark Reading".
Dark Reading
What Squid Game Teaches Us About Cybersecurity
When life inside the security operations center feels treacherous, here are some suggestions for getting out alive.
βΌ CVE-2021-38453 βΌ
π Read
via "National Vulnerability Database".
Some API functions allow interaction with the registry, which includes reading values as well as data modification.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38463 βΌ
π Read
via "National Vulnerability Database".
The affected product does not properly control the allocation of resources. A user may be able to allocate unlimited memory buffers using API functions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38451 βΌ
π Read
via "National Vulnerability Database".
The affected productΓ’β¬β’s proprietary protocol CSC allows for calling numerous function codes. In order to call those function codes, the user must supply parameters. There is no sanitation on the value of the offset, which allows the client to specify any offset and read out-of-bounds data.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38473 βΌ
π Read
via "National Vulnerability Database".
The affected productΓ’β¬β’s code base doesnΓ’β¬β’t properly control arguments for specific functions, which could lead to a stack overflow.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38459 βΌ
π Read
via "National Vulnerability Database".
The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access the needed handshake packets between admin/client connections. Using the SYSDBA permission, an attacker can change user passwords or delete the database.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38475 βΌ
π Read
via "National Vulnerability Database".
The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38465 βΌ
π Read
via "National Vulnerability Database".
The webinstaller is a Golang web server executable that enables the generation of an Auvesy image agent. Resource consumption can be achieved by generating large amounts of installations, which are then saved without limitation in the temp folder of the webinstaller executable.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38479 βΌ
π Read
via "National Vulnerability Database".
Many API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory regions. An attacker can manipulate API functions by writing arbitrary data into the resolved address of a raw pointer.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38467 βΌ
π Read
via "National Vulnerability Database".
A specific function code receives a raw pointer supplied by the user and deallocates this pointer. The user can then control what memory regions will be freed and cause use-after-free condition.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38461 βΌ
π Read
via "National Vulnerability Database".
The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key can be easily extracted from binaries.π Read
via "National Vulnerability Database".