βΌ CVE-2021-42272 βΌ
π Read
via "National Vulnerability Database".
Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious GIF file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40733 βΌ
π Read
via "National Vulnerability Database".
Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .psd file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40759 βΌ
π Read
via "National Vulnerability Database".
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40760 βΌ
π Read
via "National Vulnerability Database".
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42525 βΌ
π Read
via "National Vulnerability Database".
Acrobat Animate versions 21.0.9 (and earlier)is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42269 βΌ
π Read
via "National Vulnerability Database".
Adobe Animate version 21.0.9 (and earlier) are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40755 βΌ
π Read
via "National Vulnerability Database".
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SGI file in the DoReadContinue function, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23146 βΌ
π Read
via "National Vulnerability Database".
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1454 (MR3); 8.20 versions prior to 8.20.1291 (MR5); 8.10 versions prior to 8.10.1284 (MR7); version 8.00 and prior versions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40753 βΌ
π Read
via "National Vulnerability Database".
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.π Read
via "National Vulnerability Database".
β 3 Top Tools for Defending Against Phishing Attacks β
π Read
via "Threat Post".
Phishing emails are now skating past traditional defenses. Justin Jett, director of audit and compliance at Plixer, discusses what to do about it.π Read
via "Threat Post".
Threat Post
3 Top Tools for Defending Against Phishing Attacks
Phishing emails are now skating past traditional defenses. Justin Jett, director of audit and compliance at Plixer, discusses what to do about it.
π¦Ώ Windows 11 SE: Why it's both more and less locked down than Windows 10 S π¦Ώ
π Read
via "Tech Republic".
Managing computers for education is complicated, but Microsoft thinks it has a solution.π Read
via "Tech Republic".
π¦Ώ How to install the OpenSSH server on Windows with PowerShell π¦Ώ
π Read
via "Tech Republic".
If you've ever had a need to SSH into a Windows machine, Jack Wallen shows you how to make that possible with the help of PowerShell.π Read
via "Tech Republic".
TechRepublic
How to install the OpenSSH server on Windows with PowerShell
If you've ever had a need to SSH into a Windows machine, Jack Wallen shows you how to make that possible with the help of PowerShell.
π΄ California Pizza Kitchen Suffers Data Breach π΄
π Read
via "Dark Reading".
Personal data, including Social Security numbers, of more than 100K employees exposed.π Read
via "Dark Reading".
Dark Reading
California Pizza Kitchen Suffers Data Breach
Personal data, including Social Security numbers, of more than 100K employees exposed.
βΌ CVE-2021-43017 βΌ
π Read
via "National Vulnerability Database".
Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker could leverage this vulnerability to achieve denial of service in the context of the user. User interaction is required before product installation to abuse this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39920 βΌ
π Read
via "National Vulnerability Database".
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture fileπ Read
via "National Vulnerability Database".
βΌ CVE-2021-23193 βΌ
π Read
via "National Vulnerability Database".
Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3) ; 8.40 versions prior to 8.40.2063 (MR4); 8.30 versions prior to 8.30.1454 (MR4) ; 8.20 versions prior to 8.20.1291 (MR6); version 8.10 and prior versions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39928 βΌ
π Read
via "National Vulnerability Database".
NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture fileπ Read
via "National Vulnerability Database".
βΌ CVE-2021-23197 βΌ
π Read
via "National Vulnerability Database".
Unquoted service path vulnerability in the Gallagher Controller Service allows an unprivileged user to execute arbitrary code as the account that runs the Controller Service. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3) ;π Read
via "National Vulnerability Database".
β Ransomware Phishing Emails Sneak Through SEGs β
π Read
via "Threat Post".
The MICROP ransomware spreads via Google Drive and locally stored passwords.π Read
via "Threat Post".
Threat Post
Ransomware Phishing Emails Sneak Through SEGs
The MICROP ransomware spreads via Google Drive and locally stored passwords.
β Github cookie leakage β thousands of Firefox cookie files uploaded by mistake β
π Read
via "Naked Security".
Be aware before you share! That's a good rule for developers and techies, just as much as it is for social media addicts.π Read
via "Naked Security".
Naked Security
Github cookie leakage β thousands of Firefox cookie files uploaded by mistake
Be aware before you share! Thatβs a good rule for developers and techies, just as much as it is for social media addicts.
π΄ Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 US Presidential Election π΄
π Read
via "Dark Reading".
An indictment was unsealed charging two Iranian nationals for their involvement in a cyber-enabled campaign to intimidate and influence American voters, and otherwise undermine voter confidence and sow discord, in connection with the 2020 US presidential election.π Read
via "Dark Reading".
Dark Reading
Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 US Presidentialβ¦
An indictment was unsealed charging two Iranian nationals for their involvement in a cyber-enabled campaign to intimidate and influence American voters, and otherwise undermine voter confidence and sow discord, in connection with the 2020 US presidentialβ¦