‼ CVE-2021-34781 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40116 ‼
📖 Read
via "National Vulnerability Database".
Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34755 ‼
📖 Read
via "National Vulnerability Database".
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34761 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the device. This vulnerability is due to incomplete validation of user input for a specific CLI command. An attacker could exploit this vulnerability by authenticating to the device with administrative privileges and issuing a CLI command with crafted user parameters. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40114 ‼
📖 Read
via "National Vulnerability Database".
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40118 ‼
📖 Read
via "National Vulnerability Database".
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. These vulnerabilities are due to improper input validation when parsing HTTPS requests. An attacker could exploit these vulnerabilities by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34783 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL/TLS decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: Datagram TLS (DTLS) messages cannot be used to exploit this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3900 ‼
📖 Read
via "National Vulnerability Database".
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34794 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34791 ‼
📖 Read
via "National Vulnerability Database".
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.📖 Read
via "National Vulnerability Database".
❌ Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam ❌
📖 Read
via "Threat Post".
The kid was busted after abusing Google Ads to lure users to his fake gift card site. 📖 Read
via "Threat Post".
Threat Post
Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam
The kid was busted after abusing Google Ads to lure users to his fake gift card site.
❌ Ransomware Attacks Are Evolving. Your Security Strategy Should, Too ❌
📖 Read
via "Threat Post".
Defending against ransomware will take a move to zero-trust, argues Daniel Spicer, CSO, Ivanti.📖 Read
via "Threat Post".
Threat Post
Ransomware Attacks Are Evolving. Your Security Strategy Should, Too
Defending against ransomware will take a move to zero-trust, argues Daniel Spicer, CSO, Ivanti.
🕴 QR Codes Help Attackers Sneak Emails Past Security Controls 🕴
📖 Read
via "Dark Reading".
A recently discovered campaign shows how attackers are constantly developing new techniques to deceive phishing victims.📖 Read
via "Dark Reading".
Dark Reading
QR Codes Help Attackers Sneak Emails Past Security Controls
A recently discovered campaign shows how attackers are constantly developing new techniques to deceive phishing victims.
❤1
❌ WordPress Plugin Bug Lets Subscribers Wipe Sites ❌
📖 Read
via "Threat Post".
The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable site, deleting nearly all database content and uploaded media.📖 Read
via "Threat Post".
Threat Post
WordPress Plugin Bug Lets Subscribers Wipe Sites
The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.
🕴 Defenders Worry Orgs Are More Vulnerable Than Last Year 🕴
📖 Read
via "Dark Reading".
Most IT and security leaders are confident their cybersecurity strategy is on the right track, but they still believe their organizations are as vulnerable as they were a year ago.📖 Read
via "Dark Reading".
Dark Reading
Defenders Worry Orgs Are More Vulnerable Than Last Year
Most IT and security leaders are confident their cybersecurity strategies are on the right track, but they still believe their organizations are as vulnerable as they were a year ago.
‼ CVE-2021-25219 ‼
📖 Read
via "National Vulnerability Database".
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1117 ‼
📖 Read
via "National Vulnerability Database".
Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3901 ‼
📖 Read
via "National Vulnerability Database".
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1115 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial of service in a component beyond the vulnerable component.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41191 ‼
📖 Read
via "National Vulnerability Database".
Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. A security risk in versions 1.0.1 and prior allowed people who have someone's API URL to get product files without an API key. This issue is fixed in version 1.0.2. As a workaround, add `@require_apikey` in `BOT/lib/cogs/website.py` under the route for `/v1/products`.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1116 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.📖 Read
via "National Vulnerability Database".