βΌ CVE-2021-3704 βΌ
π Read
via "National Vulnerability Database".
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38847 βΌ
π Read
via "National Vulnerability Database".
S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted IMG file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3440 βΌ
π Read
via "National Vulnerability Database".
HP Print and Scan Doctor, an application within the HP Smart App for Windows, is potentially vulnerable to local elevation of privilege.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27005 βΌ
π Read
via "National Vulnerability Database".
Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29212 βΌ
π Read
via "National Vulnerability Database".
A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality, integrity, and availability of the iLO Amplifier Pack appliance.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3705 βΌ
π Read
via "National Vulnerability Database".
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29213 βΌ
π Read
via "National Vulnerability Database".
A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitive information, denial of service (DoS), and/or compromise system integrity.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28702 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information.π Read
via "National Vulnerability Database".
β βTrojan Sourceβ Hides Invisible Bugs in Source Code β
π Read
via "Threat Post".
The old RLO trick of exploiting how Unicode handles script ordering and a related homoglyph attack can imperceptibly switch the real name of malware.π Read
via "Threat Post".
Threat Post
βTrojan Sourceβ Hides Invisible Bugs in Source Code
The old RLO trick of exploiting how Unicode handles script ordering and a related homoglyph attack can imperceptibly switch the real name of malware.
ποΈ Multiple flaws in telecoms stack software FreeSwitch uncovered ποΈ
π Read
via "The Daily Swig".
Authentication and denial of service risks for DIY PBX tech patchedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Multiple flaws in telecoms stack software FreeSwitch uncovered
Authentication and denial of service risks for DIY PBX tech patched
π΄ Name That Edge Toon: Parting Thoughts π΄
π Read
via "Dark Reading".
Feeling creative? Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading".
Dark Reading
Name That Edge Toon: Parting Thoughts
Feeling creative? Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
βΌ CVE-2021-26740 βΌ
π Read
via "National Vulnerability Database".
Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26739 βΌ
π Read
via "National Vulnerability Database".
SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter.π Read
via "National Vulnerability Database".
π Virtual Conferencing Software Must Improve Data Protection, Regulators Warn π
π Read
via "".
Following an investigation, six countries and four companies outlined best practices for mitigating privacy risks in video conferencing apps.π Read
via "".
Digital Guardian
Virtual Conferencing Software Must Improve Data Protection, Regulators Warn
Following an investigation, six countries and four companies outlined best practices for mitigating privacy risks in video conferencing apps.
βΌ CVE-2021-42917 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow vulnerability in Kodi xbmc up to 19.0, allows attackers to cause a denial of service due to improper length of values passed to istream.π Read
via "National Vulnerability Database".
β Pirate Sports Streamer Gets Busted, Pivots to MLB Extortion β
π Read
via "Threat Post".
An alleged sports content pirate is accused of not only hijacking leagues' streams but also threatening to tell reporters how he accessed their systems.π Read
via "Threat Post".
Threat Post
Pirate Sports Streamer Gets Busted, Pivots to MLB Extortion
An alleged sports content pirate is accused of not only hijacking leagues' streams but also threatening to tell reporters how he accessed their systems.
π΄ Free Tool Scans Web Servers for Vulnerability to HTTP Header-Smuggling Attacks π΄
π Read
via "Dark Reading".
A researcher will release an open source tool at Black Hat Europe next week that roots out server weaknesses to a sneaky type of attack.π Read
via "Dark Reading".
Dark Reading
Free Tool Scans Web Servers for Vulnerability to HTTP Header-Smuggling Attacks
A researcher will release an open source tool at Black Hat Europe next week that roots out server weaknesses to a sneaky type of attack.
π΄ SonicWall: 'The Year of Ransomware' Continues with Unprecedented Late-Summer Surge π΄
π Read
via "Dark Reading".
2021 will be the most costly and dangerous year on record.π Read
via "Dark Reading".
Dark Reading
SonicWall: 'The Year of Ransomware' Continues with Unprecedented Late-Summer Surge
2021 will be the most costly and dangerous year on record.
π΄ New 'Trojan Source' Method Lets Attackers Hide Vulns in Source Code π΄
π Read
via "Dark Reading".
Researchers discover a new technique attackers could use to encode vulnerabilities into software while evading detection.π Read
via "Dark Reading".
Dark Reading
New 'Trojan Source' Method Lets Attackers Hide Vulns in Source Code
Researchers discover a new technique attackers could use to encode vulnerabilities into software while evading detection.
π΄ Zscalerβs 2021 Encrypted Attacks Report Reveals 314% Spike in HTTPS Threats π΄
π Read
via "Dark Reading".
Massive increase in cyberattacks targeting technology and retail industries confirms immediate need for zero-trust securityπ Read
via "Dark Reading".
Dark Reading
Zscalerβs 2021 Encrypted Attacks Report Reveals 314% Spike in HTTPS Threats
Massive increase in cyberattacks targeting technology and retail industries confirms immediate need for zero-trust security
π΄ CISA and Partners Coordinate on Security, Combatting Misinformation for Election Day π΄
π Read
via "Dark Reading".
CISA will host an election situational awareness room to coordinate with federal partners, state and local election officials, private sector election partners, and political organizations to share real-time information and provide support as needed.π Read
via "Dark Reading".
Dark Reading
CISA and Partners Coordinate on Security, Combatting Misinformation for Election Day
CISA will host an election situational awareness room to coordinate with federal partners, state and local election officials, private sector election partners, and political organizations to share real-time information and provide support as needed.