βΌ CVE-2021-28237 βΌ
π Read
via "National Vulnerability Database".
LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28236 βΌ
π Read
via "National Vulnerability Database".
LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36130 βΌ
π Read
via "National Vulnerability Database".
AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1_dx_iface.c.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36133 βΌ
π Read
via "National Vulnerability Database".
AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h.π Read
via "National Vulnerability Database".
π΄ Ransomware, Carding, and Initial Access Brokers: Group-IB Presents Report on Trending Crimes π΄
π Read
via "Dark Reading".
Report explores cybercrime developments from the second half of 2020 through the first half of 2021.π Read
via "Dark Reading".
Dark Reading
Ransomware, Carding, and Initial Access Brokers: Group-IB Presents Report on Trending Crimes
Report explores cybercrime developments from the second half of 2020 through the first half of 2021.
ποΈ FTC implements tougher data protection rules to safeguard customer information ποΈ
π Read
via "The Daily Swig".
New requirements for financial institutions include vulnerability assessments, employee trainingπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
FTC implements tougher data protection rules to safeguard customer information
New requirements for financial institutions include vulnerability assessments, employee training
β Threat Group Takes Aim Again at Cloud Platform Provider Zoho β
π Read
via "Threat Post".
Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the companyβs portfolio.π Read
via "Threat Post".
Threat Post
Threat Group Takes Aim Again at Cloud Platform Provider Zoho
Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the companyβs portfolio.
βΌ CVE-2021-44020 βΌ
π Read
via "National Vulnerability Database".
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44021.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4000 βΌ
π Read
via "National Vulnerability Database".
showdoc is vulnerable to URL Redirection to Untrusted Siteπ Read
via "National Vulnerability Database".
βΌ CVE-2021-44021 βΌ
π Read
via "National Vulnerability Database".
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44020.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43673 βΌ
π Read
via "National Vulnerability Database".
dzzoffice 2.02.1_SC_UTF8 is affected by a Cross Site Scripting (XSS) vulnerability in explorerfile.php. The output of exit function will be print for the user exit(json_encode($return)).π Read
via "National Vulnerability Database".
βΌ CVE-2021-43772 βΌ
π Read
via "National Vulnerability Database".
Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44022 βΌ
π Read
via "National Vulnerability Database".
A reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the program on affected installations, leading to a denial-of-service (DoS). Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44019 βΌ
π Read
via "National Vulnerability Database".
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44020 and 44021.π Read
via "National Vulnerability Database".
π¦Ώ How to avoid being a hacker's next target: Don't overshare information on business social media π¦Ώ
π Read
via "Tech Republic".
When using LinkedIn and other social media accounts for professional reasons, there are important factors to consider about securing your personal data. Learn how to protect yourself from a hacker.π Read
via "Tech Republic".
TechRepublic
How to avoid being a hacker's next target: Don't overshare information on business social media
When using LinkedIn and other social media accounts for professional reasons, there are important factors to consider about securing your personal data. Learn how to protect yourself from a hacker.
π Friday Five 12/2 π
π Read
via "".
$31 in digital coin stolen, an insider extortion attack, and a new cybersecurity resource for healthcare workers - catch up on the infosec news of the week with the Friday Five!π Read
via "".
Digital Guardian
Friday Five 12/2
$31 in digital coin stolen, an insider extortion attack, and a new cybersecurity resource for healthcare workers - catch up on the infosec news of the week with the Friday Five!
ποΈ US identity thieves jailed over $130,000 scam that targeted the elderly ποΈ
π Read
via "The Daily Swig".
Dark web fraudsters caught after stealing the identities of murder victimsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
US identity thieves jailed over $130,000 scam that targeted the elderly
Dark web fraudsters caught after stealing the identities of murder victims
π΄ An Insider's Account of Disclosing Vulnerabilities π΄
π Read
via "Dark Reading".
Vendors drag their heels when it comes to identifying software vulnerabilities and are often loath to expedite the fixes.π Read
via "Dark Reading".
Dark Reading
An Insider's Account of Disclosing Vulnerabilities
Vendors drag their heels when it comes to identifying software vulnerabilities and are often loath to expedite the fixes.
βΌ CVE-2021-44278 βΌ
π Read
via "National Vulnerability Database".
Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43676 βΌ
π Read
via "National Vulnerability Database".
matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43674 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** ThinkUp 2.0-beta.10 is affected by a path manipulation vulnerability in Smarty.class.php.π Read
via "National Vulnerability Database".