βΌ CVE-2021-40753 βΌ
π Read
via "National Vulnerability Database".
Adobe After Effects version 18.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.π Read
via "National Vulnerability Database".
β 3 Top Tools for Defending Against Phishing Attacks β
π Read
via "Threat Post".
Phishing emails are now skating past traditional defenses. Justin Jett, director of audit and compliance at Plixer, discusses what to do about it.π Read
via "Threat Post".
Threat Post
3 Top Tools for Defending Against Phishing Attacks
Phishing emails are now skating past traditional defenses. Justin Jett, director of audit and compliance at Plixer, discusses what to do about it.
π¦Ώ Windows 11 SE: Why it's both more and less locked down than Windows 10 S π¦Ώ
π Read
via "Tech Republic".
Managing computers for education is complicated, but Microsoft thinks it has a solution.π Read
via "Tech Republic".
π¦Ώ How to install the OpenSSH server on Windows with PowerShell π¦Ώ
π Read
via "Tech Republic".
If you've ever had a need to SSH into a Windows machine, Jack Wallen shows you how to make that possible with the help of PowerShell.π Read
via "Tech Republic".
TechRepublic
How to install the OpenSSH server on Windows with PowerShell
If you've ever had a need to SSH into a Windows machine, Jack Wallen shows you how to make that possible with the help of PowerShell.
π΄ California Pizza Kitchen Suffers Data Breach π΄
π Read
via "Dark Reading".
Personal data, including Social Security numbers, of more than 100K employees exposed.π Read
via "Dark Reading".
Dark Reading
California Pizza Kitchen Suffers Data Breach
Personal data, including Social Security numbers, of more than 100K employees exposed.
βΌ CVE-2021-43017 βΌ
π Read
via "National Vulnerability Database".
Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker could leverage this vulnerability to achieve denial of service in the context of the user. User interaction is required before product installation to abuse this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39920 βΌ
π Read
via "National Vulnerability Database".
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture fileπ Read
via "National Vulnerability Database".
βΌ CVE-2021-23193 βΌ
π Read
via "National Vulnerability Database".
Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3) ; 8.40 versions prior to 8.40.2063 (MR4); 8.30 versions prior to 8.30.1454 (MR4) ; 8.20 versions prior to 8.20.1291 (MR6); version 8.10 and prior versions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39928 βΌ
π Read
via "National Vulnerability Database".
NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture fileπ Read
via "National Vulnerability Database".
βΌ CVE-2021-23197 βΌ
π Read
via "National Vulnerability Database".
Unquoted service path vulnerability in the Gallagher Controller Service allows an unprivileged user to execute arbitrary code as the account that runs the Controller Service. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3) ;π Read
via "National Vulnerability Database".
β Ransomware Phishing Emails Sneak Through SEGs β
π Read
via "Threat Post".
The MICROP ransomware spreads via Google Drive and locally stored passwords.π Read
via "Threat Post".
Threat Post
Ransomware Phishing Emails Sneak Through SEGs
The MICROP ransomware spreads via Google Drive and locally stored passwords.
β Github cookie leakage β thousands of Firefox cookie files uploaded by mistake β
π Read
via "Naked Security".
Be aware before you share! That's a good rule for developers and techies, just as much as it is for social media addicts.π Read
via "Naked Security".
Naked Security
Github cookie leakage β thousands of Firefox cookie files uploaded by mistake
Be aware before you share! Thatβs a good rule for developers and techies, just as much as it is for social media addicts.
π΄ Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 US Presidential Election π΄
π Read
via "Dark Reading".
An indictment was unsealed charging two Iranian nationals for their involvement in a cyber-enabled campaign to intimidate and influence American voters, and otherwise undermine voter confidence and sow discord, in connection with the 2020 US presidential election.π Read
via "Dark Reading".
Dark Reading
Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 US Presidentialβ¦
An indictment was unsealed charging two Iranian nationals for their involvement in a cyber-enabled campaign to intimidate and influence American voters, and otherwise undermine voter confidence and sow discord, in connection with the 2020 US presidentialβ¦
π΄ North Korean Hacking Group Targets Diplomats, Forgoes Malware π΄
π Read
via "Dark Reading".
The TA406 group uses credential harvesting to target diplomats and policy experts in the United States, Russia, China, and South Korea, rarely resorting to malware.π Read
via "Dark Reading".
Dark Reading
North Korean Hacking Group Targets Diplomats, Forgoes Malware
The TA406 group uses credential harvesting to target diplomats and policy experts in the United States, Russia, China, and South Korea, rarely resorting to malware.
βΌ CVE-2021-37322 βΌ
π Read
via "National Vulnerability Database".
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.π Read
via "National Vulnerability Database".
π΄ Microsoft Exchange Server Flaws Now Exploited for BEC Attacks π΄
π Read
via "Dark Reading".
Attackers also are deploying ProxyShell and abusing the vulnerabilities in stealthier manner, researchers say.π Read
via "Dark Reading".
Dark Reading
Microsoft Exchange Server Flaws Now Exploited for BEC Attacks
Attackers also are deploying ProxyShell and abusing the vulnerabilities in stealthier manner, researchers say.
βΌ CVE-2021-40129 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to submit a SQL query through the CSPC configuration dashboard. This vulnerability is due to insufficient input validation of uploaded files. An attacker could exploit this vulnerability by uploading a file containing a SQL query to the configuration dashboard. A successful exploit could allow the attacker to read restricted information from the CSPC SQL database.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40130 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the web application of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit this vulnerability by configuring non-log files as sources for syslog reporting through the web application. A successful exploit could allow the attacker to read non-log files on the CSPC.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41278 βΌ
π Read
via "National Vulnerability Database".
Functions SDK for EdgeX is meant to provide all the plumbing necessary for developers to get started in processing/transforming/exporting data out of the EdgeX IoT platform. In affected versions broken encryption in app-functions-sdk Γ’β¬ΕAESΓ’β¬οΏ½ transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectors. The app-functions-sdk exports an Γ’β¬ΕaesΓ’β¬οΏ½ transform that user scripts can optionally call to encrypt data in the processing pipeline. No decrypt function is provided. Encryption is not enabled by default, but if used, the level of protection may be less than the user may expects due to a broken implementation. Version v2.1.0 (EdgeX Foundry Jakarta release and later) of app-functions-sdk-go/v2 deprecates the Γ’β¬ΕaesΓ’β¬οΏ½ transform and provides an improved Γ’β¬Εaes256Γ’β¬οΏ½ transform in its place. The broken implementation will remain in a deprecated state until it is removed in the next EdgeX major release to avoid breakage of existing software that depends on the broken implementation. As the broken transform is a library function that is not invoked by default, users who do not use the AES transform in their processing pipelines are unaffected. Those that are affected are urged to upgrade to the Jakarta EdgeX release and modify processing pipelines to use the new "aes256" transform.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40131 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input that is processed by the web-based management interface. An attacker could exploit this vulnerability by adding malicious code to the configuration by using the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code in the context of the interface or access sensitive, browser-based information.π Read
via "National Vulnerability Database".
π΄ Search CT Logs for Misconfigured SSL Certificates π΄
π Read
via "Dark Reading".
Security defenders can run these queries against Certificate Transparency logs to identify misconfigured SSL certificates before they can be used by adversaries to map out attacks.π Read
via "Dark Reading".
Dark Reading
Search CT Logs for Misconfigured SSL Certificates
Security defenders can run these queries against Certificate Transparency logs to identify misconfigured SSL certificates before they can be used by adversaries to map out attacks.