β Zoho Password Manager Flaw Torched by Godzilla Webshell β
π Read
via "Threat Post".
A new campaign is prying apart a known security vulnerability in the Zoho ManageEngine ADSelfService Plus password manager, researchers warned over the weekend. The threat actors have managed to exploit the Zoho weakness in at least nine global entities across critical sectors so far (technology, defense, healthcare, energy and education), deploying the Godzilla webshell and [β¦]π Read
via "Threat Post".
Threat Post
Zohoβs ManageEngine Password Manager Flaw Torched by Godzilla Webshell
Researchers have spotted a second, worldwide campaign exploiting the ManagedEngine SelfServiceAD Plus zero-day: one thatβs breached defense, energy and healthcare organizations.
π΄ Arctic Wolf Security Operations Cloud Reaches Massive Scale and a Global Footprint π΄
π Read
via "Dark Reading".
Global business momentum and technical advancements position the Arctic Wolf platform as a category-defining Security Operations solutionπ Read
via "Dark Reading".
Dark Reading
Arctic Wolf Security Operations Cloud Reaches Massive Scale and a Global Footprint
Global business momentum and technical advancements position the Arctic Wolf platform as a category-defining Security Operations solution
π΄ Kaspersky Finds DDoS Attacks in Q3 Grow by 24%, Become More Sophisticated π΄
π Read
via "Dark Reading".
The total number of smart attacks (advanced DDoS attacks that are often targeted) increased by 31% when compared to the same period last year.π Read
via "Dark Reading".
Dark Reading
Kaspersky Finds DDoS Attacks in Q3 Grow by 24%, Become More Sophisticated
The total number of smart attacks (advanced DDoS attacks that are often targeted) increased by 31% when compared to the same period last year.
π΄ Banking Malware Threats Surging as Mobile Banking Increases β Nokia Threat Intelligence Report π΄
π Read
via "Dark Reading".
The Nokia 2021 Threat Intelligence Report announced today shows that banking malware threats are sharply increasing as cyber criminals target the rising popularity of mobile banking on smartphones, with plots aimed at stealing personal banking credentials and credit card information.π Read
via "Dark Reading".
Dark Reading
Banking Malware Threats Surging as Mobile Banking Increases β Nokia Threat Intelligence Report
The Nokia 2021 Threat Intelligence Report announced today shows that banking malware threats are sharply increasing as cyber criminals target the rising popularity of mobile banking on smartphones, with plots aimed at stealing personal banking credentialsβ¦
βΌ CVE-2021-41733 βΌ
π Read
via "National Vulnerability Database".
Oppia 3.1.4 does not verify that certain URLs are valid before navigating to them.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28023 βΌ
π Read
via "National Vulnerability Database".
Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28024 βΌ
π Read
via "National Vulnerability Database".
Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows attacker to login without using a password.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25979 βΌ
π Read
via "National Vulnerability Database".
Apostrophe CMS versions between 2.63.0 to 3.3.1 affected by an insufficient session expiration vulnerability, which allows unauthenticated remote attackers to hijack recently logged-in users' sessions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42770 βΌ
π Read
via "National Vulnerability Database".
A Cross-site scripting (XSS) vulnerability was discovered in OPNsense before 21.7.4 via the LDAP attribute return in the authentication tester.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28022 βΌ
π Read
via "National Vulnerability Database".
Blind SQL injection in the login form in ServiceTonic Helpdesk software < 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39182 βΌ
π Read
via "National Vulnerability Database".
EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hashing algorithm. The vulnerability is patched in v1.1.4 of the product. As a workaround, users can remove the `MD5` hashing function from the file `hashing.py`.π Read
via "National Vulnerability Database".
ποΈ Pwn2Own Austin 2021: Synacktiv crowned Masters of Pwn after Sonos One, WD NAS exploits ποΈ
π Read
via "The Daily Swig".
French team takes home nearly $200k in winnings as event uncovers 61 zero daysπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Pwn2Own Austin 2021: Synacktiv crowned Masters of Pwn after Sonos One, WD NAS exploits
French team takes home nearly $200k in winnings as event uncovers 61 zero days
βΌ CVE-2021-24706 βΌ
π Read
via "National Vulnerability Database".
The Qwizcards ΓΒ’Γ’β¬Òβ¬Ε online quizzes and flashcards WordPress plugin before 3.62 does not properly sanitize and escape some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29843 βΌ
π Read
via "National Vulnerability Database".
IBM MQ 9.1 LTS, 9.1 CD, 9.2 LTS, and 9.2CD is vulnerable to a denial of service attack caused by an issue processing message properties. IBM X-Force ID: 205203.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24627 βΌ
π Read
via "National Vulnerability Database".
The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injectionπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24816 βΌ
π Read
via "National Vulnerability Database".
The Phoenix Media Rename WordPress plugin before 3.4.4 does not have capability checks in its phoenix_media_rename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not own.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24791 βΌ
π Read
via "National Vulnerability Database".
The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injectionsπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24537 βΌ
π Read
via "National Vulnerability Database".
The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment (ie with DISALLOW_FILE_EDIT, DISALLOW_FILE_MODS and DISALLOW_UNFILTERED_HTML set to true) via the 'widget_rrm_similar_posts_condition' widget setting of the plugin.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24806 βΌ
π Read
via "National Vulnerability Database".
The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary comment, or the user who made the comment to edit it via a CSRF attack. Attackers could also make logged in users post arbitrary comment.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24832 βΌ
π Read
via "National Vulnerability Database".
The WP SEO Redirect 301 WordPress plugin before 2.3.2 does not have CSRF in place when deleting redirects, which could allow attackers to make a logged in admin delete them via a CSRF attackπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24625 βΌ
π Read
via "National Vulnerability Database".
The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a categoryπ Read
via "National Vulnerability Database".