βΌ CVE-2021-36548 βΌ
π Read
via "National Vulnerability Database".
A remote code execution (RCE) vulnerability in the component /admin/index.php?id=themes&action=edit_template&filename=blog of Monstra v3.0.4 allows attackers to execute arbitrary commands via a crafted PHP file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41194 βΌ
π Read
via "National Vulnerability Database".
FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. When JupyterHub is used with FirstUseAuthenticator, a vulnerability in versions prior to 1.0.0 allows unauthorized access to any user's account if `create_users=True` and the username is known or guessed. One may upgrade to version 1.0.0 or apply a patch manually to mitigate the vulnerability. For those who cannot upgrade, there is no complete workaround, but a partial mitigation exists. One can disable user creation with `c.FirstUseAuthenticator.create_users = False`, which will only allow login with fully normalized usernames for already existing users prior to jupyterhub-firstuserauthenticator 1.0.0. If any users have never logged in with their normalized username (i.e. lowercase), they will still be vulnerable until a patch or upgrade occurs.π Read
via "National Vulnerability Database".
β Microsoft Edge finally arrives on Linux β βOfficialβ build lands in repos β
π Read
via "Naked Security".
Microsoft Edge for Linux makes an Official landing.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ 6 Ways to Rewrite the Impossible Job Description π΄
π Read
via "Dark Reading".
It's hard enough to fill a cybersecurity position given the talent shortage. But you may be making it harder with a poor job description that turns off would-be candidates.π Read
via "Dark Reading".
Dark Reading
6 Ways to Rewrite the Impossible Job Description
It's hard enough to fill a cybersecurity position given the talent shortage. But you may be making it harder with a poor job description that turns off would-be candidates.
βΌ CVE-2020-23549 βΌ
π Read
via "National Vulnerability Database".
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6".π Read
via "National Vulnerability Database".
βΌ CVE-2020-23546 βΌ
π Read
via "National Vulnerability Database".
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981.π Read
via "National Vulnerability Database".
ποΈ βInaction isnβt an optionβ β US lawmakers back mandatory standards for transport and logistics cybersecurity ποΈ
π Read
via "The Daily Swig".
House Committee on Homeland Security hearing pulls focus on securing βplanes, trains, and pipelinesβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
βInaction isnβt an optionβ β US lawmakers back mandatory standards for transport and logistics cybersecurity
House Committee on Homeland Security hearing pulls focus on securing βplanes, trains, and pipelinesβ
βΌ CVE-2021-31624 βΌ
π Read
via "National Vulnerability Database".
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2020-22079 βΌ
π Read
via "National Vulnerability Database".
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31862 βΌ
π Read
via "National Vulnerability Database".
SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31627 βΌ
π Read
via "National Vulnerability Database".
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter.π Read
via "National Vulnerability Database".
ποΈ Google, Salesforce, others team up to launch MVSP security baseline project ποΈ
π Read
via "The Daily Swig".
The collaboration is focused on creating a vendor-neutral security standardπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Google, Salesforce, others team up to launch MVSP security baseline project
The collaboration is focused on creating a vendor-neutral security standard
β Microsoft documents βSHROOTLESSβ hack patched in latest Apple updates β
π Read
via "Naked Security".
We'd have called this bug "SHROOTMORE", but naming it wasn't our call.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
ποΈ Trickbot arrest: Russian national extradited to US for alleged role in developing notorious banking trojan ποΈ
π Read
via "The Daily Swig".
Vladimir Dunaev made his first appearance in federal court this weekπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Trickbot arrest: Russian national extradited to US for alleged role in developing notorious banking trojan
Vladimir Dunaev made his first appearance in federal court this week
π΄ Finding the Right Approach to Cloud Security Posture Management (CSPM) π΄
π Read
via "Dark Reading".
Cloud security is maturing β it has to. New strategies are surfacing to respond to new problems. Dr. Mike Lloyd, RedSeal's CTO, reviews one of the latest: CSPM.π Read
via "Dark Reading".
Dark Reading
Finding the Right Approach to Cloud Security Posture Management (CSPM)
Cloud security is maturing β it has to. New strategies are surfacing to respond to new problems. Dr. Mike Lloyd, RedSeal's CTO, reviews one of the latest: CSPM.
βΌ CVE-2021-3441 βΌ
π Read
via "National Vulnerability Database".
A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross-Site Scripting (XSS).π Read
via "National Vulnerability Database".
βΌ CVE-2021-3662 βΌ
π Read
via "National Vulnerability Database".
Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting (XSS).π Read
via "National Vulnerability Database".
βΌ CVE-2021-22037 βΌ
π Read
via "National Vulnerability Database".
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path Interception by Search Order Hijacking, potentially allowing an attacker to plant a malicious reg.exe command so it takes precedence over the system command. The vulnerability only affects Windows installers.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22038 βΌ
π Read
via "National Vulnerability Database".
On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). This temporary location is not randomized and does not restrict access to Administrators only so a potential attacker could plant a binary to replace the copied binary right before it gets called, thus gaining Administrator privileges (if the original uninstaller was executed as Administrator). The vulnerability only affects Windows installers.π Read
via "National Vulnerability Database".
π΄ A Treehouse of Security Horrors π΄
π Read
via "Dark Reading".
True-life horrors from conversations with software engineers and developers. D'oh!π Read
via "Dark Reading".
Dark Reading
A Treehouse of Security Horrors
True-life horrors from conversations with software engineers and developers. <i>D'oh! </i>
β Google Chrome is Abused to Deliver Malware as βLegitβ Win 10 App β
π Read
via "Threat Post".
Malware delivered via a compromised website on Chrome browsers can bypass User Account Controls to infect systems and steal sensitive data, such as credentials and cryptocurrency.π Read
via "Threat Post".
Threat Post
Google Chrome is Abused to Deliver Malware as βLegitβ Win 10 App
Malware delivered via a compromised website on Chrome browsers can bypass User Account Controls to infect systems and steal sensitive data, such as credentials and cryptocurrency.