β Multiple BusyBox Security Bugs Threaten Embedded Linux Devices β
π Read
via "Threat Post".
Researchers discovered 14 vulnerabilities in the βSwiss Army Knifeβ of the embedded OS used in many OT and IoT environments. They allow RCE, denial of service and data leaks.π Read
via "Threat Post".
Threat Post
Multiple BusyBox Security Bugs Threaten Embedded Linux Devices
Researchers discovered 14 vulnerabilities in the βSwiss Army Knifeβ of the embedded OS used in many OT and IoT environments. They allow RCE, denial of service and data leaks.
ποΈ Security breach at trading platform Robinhood sparks phishing fears ποΈ
π Read
via "The Daily Swig".
Social engineering attack exposes email addresses of five million investorsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Security breach at trading platform Robinhood sparks phishing fears
Social engineering attack exposes email addresses of five million investors
β Robinhood Trading Platform Data Breach Hits 7M Customers β
π Read
via "Threat Post".
The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more.π Read
via "Threat Post".
Threat Post
Robinhood Trading Platform Data Breach Hits 7M Customers
The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more.
π΄ The State of the CISO π΄
π Read
via "Dark Reading".
Dark Reading survey shows security officer influence is on the rise.π Read
via "Dark Reading".
Dark Reading
The State of the CISO
Dark Reading survey shows security officer influence is on the rise.
π΄ Building Bridges to a More Secure Hybrid Workplace π΄
π Read
via "Dark Reading".
Wherever workers chose to do their jobs, they need technology that's unobtrusive, secure by design, and intuitive to use.π Read
via "Dark Reading".
Dark Reading
Building Bridges to a More Secure Hybrid Workplace
Wherever workers choose to do their jobs, they need technology that's unobtrusive, secure by design, and intuitive to use.
βΌ CVE-2021-43519 βΌ
π Read
via "National Vulnerability Database".
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3641 βΌ
π Read
via "National Vulnerability Database".
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43114 βΌ
π Read
via "National Vulnerability Database".
FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation.π Read
via "National Vulnerability Database".
βΌ CVE-2019-18916 βΌ
π Read
via "National Vulnerability Database".
A potential security vulnerability has been identified for HP LaserJet Solution Software (for certain HP LaserJet Printers) which may lead to unauthorized elevation of privilege on the client.π Read
via "National Vulnerability Database".
π΄ SafeBreach Closes $53.5 Million Series D in New Funding to Fuel Momentum π΄
π Read
via "Dark Reading".
The new capital will fuel the company's plans to expand its market footprint to new geographies and evolve its offerings in response to client needs.π Read
via "Dark Reading".
Dark Reading
SafeBreach Closes $53.5 Million Series D in New Funding to Fuel Momentum
The new capital will fuel the company's plans to expand its market footprint to new geographies and evolve its offerings in response to client needs.
ποΈ bZx crypto heist results in reported losses of more than $55 million ποΈ
π Read
via "The Daily Swig".
BSC and Polygon funds drained β but Ethereum contracts βsafeβ β following phishing attackπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
bZx crypto heist results in reported losses of more than $55 million
BSC and Polygon funds drained β but Ethereum contracts βsafeβ β following phishing attack
β The New Frontier of Enterprise Risk: Nth Parties β
π Read
via "Threat Post".
The average number of vulnerabilities discovered in a Cyberpion scan of external Fortune 500 networks (such as cloud systems) was 296, many critical (with the top of the scale weighing in at a staggering 7,500).π Read
via "Threat Post".
Threat Post
The New Frontier of Enterprise Risk: Nth Parties
The average number of vulnerabilities discovered in a Cyberpion scan of external Fortune 500 networks (such as cloud systems) was 296, many critical (with the top of the scale weighing in at a staggering 7,500).
β Security Tool Guts: How Much Should Customers See? β
π Read
via "Threat Post".
Yaron Kassner, CTO of Silverfort, delves into the pros and cons of transparency when it comes to cybersecurity toolsβ algorithms.π Read
via "Threat Post".
Threat Post
Security Tool Guts: How Much Should Customers See?
Yaron Kassner, CTO of Silverfort, delves into the pros and cons of transparency when it comes to cybersecurity toolsβ algorithms.
π¦Ώ US amps up war on ransomware with charges against REvil attackers π¦Ώ
π Read
via "Tech Republic".
One person fingered for the July 2021 attack against Kaseya is in custody, while the other individual is still at large.π Read
via "Tech Republic".
TechRepublic
US amps up war on ransomware with charges against REvil attackers
One person fingered for the July 2021 attack against Kaseya is in custody, while the other individual is still at large.
π΄ 83% of Critical Infrastructure Organizations Suffered Breaches, 2021 Cybersecurity Research Reveals π΄
π Read
via "Dark Reading".
Supply chain and third-party risk is a major threat to operational technology.π Read
via "Dark Reading".
Dark Reading
83% of Critical Infrastructure Organizations Suffered Breaches, 2021 Cybersecurity Research Reveals
Supply chain and third-party risk is a major threat to operational technology.
βΌ CVE-2021-43193 βΌ
π Read
via "National Vulnerability Database".
In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43201 βΌ
π Read
via "National Vulnerability Database".
In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43187 βΌ
π Read
via "National Vulnerability Database".
In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43186 βΌ
π Read
via "National Vulnerability Database".
JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43183 βΌ
π Read
via "National Vulnerability Database".
In JetBrains Hub before 2021.1.13690, the authentication throttling mechanism could be bypassed.π Read
via "National Vulnerability Database".
βΌ CVE-2019-16240 βΌ
π Read
via "National Vulnerability Database".
A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.π Read
via "National Vulnerability Database".