βΌ CVE-2021-41678 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/users/Staff.php, staff{TITLE] parameter.π Read
via "National Vulnerability Database".
π΄ Ransomware vs. Cities: A Cyber War π΄
π Read
via "Dark Reading".
As smart cities become the new normal for urban living, they must be resilient against the speed and sophistication of modern cyber threats.π Read
via "Dark Reading".
Dark Reading
Ransomware vs. Cities: A Cyber War
As smart cities become the new normal for urban living, they must be resilient against the speed and sophistication of modern cyber threats.
π¦Ώ Become an ethical hacker for just $13 during this Cyber Week sale π¦Ώ
π Read
via "Tech Republic".
Now you can learn everything you need to become a master ethical hacker without having to take time away from your current job.π Read
via "Tech Republic".
TechRepublic
Become an ethical hacker for just $13 during this Cyber Week sale
Now you can learn everything you need to become a master ethical hacker without having to take time away from your current job.
βΌ CVE-2021-43202 βΌ
π Read
via "National Vulnerability Database".
In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43998 βΌ
π Read
via "National Vulnerability Database".
HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and 1.8.4 templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement. Fixed in Vault and Vault Enterprise 1.7.6, 1.8.5, and 1.9.0.π Read
via "National Vulnerability Database".
ποΈ Bug Bounty Radar // The latest bug bounty programs for December 2021 ποΈ
π Read
via "The Daily Swig".
New web targets for the discerning hackerπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Bug Bounty Radar // The latest bug bounty programs for December 2021
New web targets for the discerning hacker
π’ Practicality of UK governmentβs cyber bill criticised by industry experts π’
π Read
via "ITPro".
The Product Security and Telecommunications Infrastructure (PSTI) Bill falls short in several key areasπ Read
via "ITPro".
IT PRO
Practicality of UK governmentβs cyber bill criticised by industry experts | IT PRO
The Product Security and Telecommunications Infrastructure (PSTI) Bill falls short in several key areas
π’ Ikea launches "full-scale investigation" into email-based cyber attack π’
π Read
via "ITPro".
Early evidence seems to indicate a compromise of Microsoft Exchange servers in a reply chain attack campaignπ Read
via "ITPro".
ITPro
Ikea launches "full-scale investigation" into email-based cyber attack
Early evidence seems to indicate a compromise of Microsoft Exchange servers in a reply chain attack campaign
π’ What is smishing? π’
π Read
via "ITPro".
A closer look at one of the most perilous forms of phishingπ Read
via "ITPro".
IT PRO
What is smishing? | IT PRO
A closer look at one of the most perilous forms of phishing
π’ RATDispenser evades nine in ten anti-virus engines π’
π Read
via "ITPro".
Stealth malware deploys key loggers and information stealersπ Read
via "ITPro".
IT PRO
RATDispenser evades nine in ten anti-virus engines | IT PRO
Stealth malware deploys key loggers and information stealers
π’ Sky Broadband took almost 18 months to fix serious router flaw π’
π Read
via "ITPro".
Flaw could expose userβs home network to hackersπ Read
via "ITPro".
IT PRO
Sky Broadband took almost 18 months to fix serious router flaw | IT PRO
Flaw could expose userβs home network to hackers
π’ GoDaddy data breach exposes over 1.2 million customer details π’
π Read
via "ITPro".
Attacker had access to admin passwords for over two monthsπ Read
via "ITPro".
IT PRO
GoDaddy data breach exposes over 1.2 million customer details | IT PRO
Attacker had access to admin passwords for over two months
π’ Why the NCSC and telecoms firms are at loggerheads over quantum key distribution π’
π Read
via "ITPro".
In the face of mixed messages between the public and private sector, should businesses be wary of jumping on the bandwagon?π Read
via "ITPro".
IT PRO
Why the NCSC and telecoms firms are at loggerheads over quantum key distribution | IT PRO
In the face of mixed messages between the public and private sector, should businesses be wary of jumping on the bandwagon?
π’ SMBs urged to update software ahead of Black Friday π’
π Read
via "ITPro".
NCSC identified 4,151 online shops compromised using vulnerability within e-commerce platform Magentoπ Read
via "ITPro".
IT PRO
SMBs urged to update software ahead of Black Friday | IT PRO
NCSC identified 4,151 online shops compromised using vulnerability within e-commerce platform Magento
π’ Pizza chain exposed 100,000 employees' Social Security numbers π’
π Read
via "ITPro".
Former and current staff at California Pizza Kitchen potentially burned by hackersπ Read
via "ITPro".
IT PRO
Pizza chain exposed 100,000 employees' Social Security numbers | IT PRO
Former and current staff at California Pizza Kitchen potentially burned by hackers
π’ Apple sues NSO Group over Pegasus attacks on its customers π’
π Read
via "ITPro".
The lawsuit claims 'flagrant' violations of US federal and state law from the Israeli firm behind the infamous spywareπ Read
via "ITPro".
IT PRO
Apple sues NSO Group over Pegasus attacks on its customers | IT PRO
The lawsuit claims 'flagrant' violations of US federal and state law from the Israeli firm behind the infamous spyware
π’ Thousands of printers at risk of denial of service attacks π’
π Read
via "ITPro".
Attackers can easily manipulate the 9100 port to hijack hardware and steal data, researchers claimπ Read
via "ITPro".
IT PRO
Thousands of printers at risk of denial of service attacks | IT PRO
Attackers can easily manipulate the 9100 port to hijack hardware and steal data, researchers claim
π’ Wind turbine maker Vestas hit by cyber attack π’
π Read
via "ITPro".
Danish firm says hackers managed to obtain company data and knock out parts of its IT networkπ Read
via "ITPro".
IT PRO
Wind turbine maker Vestas hit by cyber attack | IT PRO
Danish firm says hackers managed to obtain company data and knock out parts of its IT network
π’ Hackers use Linux backdoor on compromised e-commerce sites with software skimmer π’
π Read
via "ITPro".
Cyber criminals in China control the malwareπ Read
via "ITPro".
IT PRO
Hackers use Linux backdoor on compromised e-commerce sites with software skimmer | IT PRO
Cyber criminals in China control the malware
π’ CronRat Magecart malware uses 31st February date to remain undetected π’
π Read
via "ITPro".
The malware allows for server-side payment skimming that bypasses browser securityπ Read
via "ITPro".
IT PRO
CronRat Magecart malware uses 31st February date to remain undetected | IT PRO
The malware allows for server-side payment skimming that bypasses browser security
π’ Iranian hackers ramp up attacks against IT services sector π’
π Read
via "ITPro".
Microsoft security researchers warn hacking is part of broader cyber espionage effortπ Read
via "ITPro".
ITPro
Iranian hackers ramp up attacks against IT services sector
Microsoft security researchers warn hacking is part of broader cyber espionage effort