π΄ IGI Cybersecurity Introduces CISO Team-as-a-Service π΄
π Read
via "Dark Reading".
Service gives customers access to a CISO-led team of practitioners with a variety of skills and expertise.π Read
via "Dark Reading".
Dark Reading
IGI Cybersecurity Introduces CISO Team-as-a-Service
Service gives customers access to a CISO-led team of practitioners with a variety of skills and expertise.
π΄ NSO Group Spyware Used to Breach US State Dept. Phones π΄
π Read
via "Dark Reading".
At least nine US State Department employee iPhones were targeted with sophisticated spyware developed by the Israeli firm NSO Group.π Read
via "Dark Reading".
Dark Reading
NSO Group Spyware Used to Breach US State Dept. Phones
At least nine US State Department employee iPhones were targeted with sophisticated spyware developed by the Israeli firm NSO Group.
βΌ CVE-2021-23758 βΌ
π Read
via "National Vulnerability Database".
All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44352 βΌ
π Read
via "National Vulnerability Database".
A Stack-based Buffer Overflow vlnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44347 βΌ
π Read
via "National Vulnerability Database".
SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController.class.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44349 βΌ
π Read
via "National Vulnerability Database".
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage\Controller\DownloadController.class.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35346 βΌ
π Read
via "National Vulnerability Database".
tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow via the function HevcSpsUnit::short_term_ref_pic_set(int) in hevc.cpp.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44348 βΌ
π Read
via "National Vulnerability Database".
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller\AdvertController.class.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23562 βΌ
π Read
via "National Vulnerability Database".
This affects the package plupload before 2.3.9. A file name containing JavaScript code could be uploaded and run. An attacker would need to trick a user to upload this kind of file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35344 βΌ
π Read
via "National Vulnerability Database".
tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow via the function BitStreamReader::getCurVal in bitStream.h.π Read
via "National Vulnerability Database".
π΄ One-Third of Black Friday Shoppers Were Bots, Fake Users π΄
π Read
via "Dark Reading".
Fake traffic observed on Nov. 26 included malicious scrapers, sophisticated botnets, fake accounts, and click farms.π Read
via "Dark Reading".
Dark Reading
One-Third of Black Friday Shoppers Were Bots, Fake Users
Fake traffic observed on Nov. 26 included malicious scrapers, sophisticated botnets, fake accounts, and click farms.
βοΈ Who Is the Network Access Broker βBabamβ? βοΈ
π Read
via "Krebs on Security".
Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in stealing remote access credentials -- such as usernames and passwords needed to remotely connect to the target's network. In this post we'll look at the clues left behind by "Babam," the handle chosen by a cybercriminal who has sold such access to ransomware groups on many occasions over the past few years.π Read
via "Krebs on Security".
Krebs on Security
Who Is the Network Access Broker βBabamβ?
Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in stealing remote access credentials -- such as usernames and passwordsβ¦
βΌ CVE-2021-35415 βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the course "Title" and "Content" fields.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43415 βΌ
π Read
via "National Vulnerability Database".
HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35414 βΌ
π Read
via "National Vulnerability Database".
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main/plagiarism/compilatio/upload.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35413 βΌ
π Read
via "National Vulnerability Database".
A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo LMS v1.11.x allows authenticated attackers to execute arbitrary code via a crafted .htaccess file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44044 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists when reading a JPG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists with parsing JPG files. Crafted data in a JPG (4 extraneous bytes before the marker 0xca) can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37253 βΌ
π Read
via "National Vulnerability Database".
M-Files Web before 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP requests with crafted Range or Request-Range headers).π Read
via "National Vulnerability Database".
βΌ CVE-2021-44048 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists when reading a TIF file using Open Design Alliance (ODA) Drawings Explorer before 2022.11. The specific issue exists after loading TIF files. Crafted data in a TIF file can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44046 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability exists when reading U3D files in Open Design Alliance PRC SDK before 2022.11. An unchecked return value of a function (verifying input data from a U3D file) leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44047 βΌ
π Read
via "National Vulnerability Database".
A use-after-free vulnerability exists when reading a DWF/DWFX file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists with parsing DWF/DWFX files. Crafted data in a DWF/DWFX file and lack of proper validation of input data can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.π Read
via "National Vulnerability Database".