π΄ 40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j π΄
π Read
via "Dark Reading".
More than 60 variants of the original exploit were introduced over the last day alone.π Read
via "Dark Reading".
Dark Reading
40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j
More than 60 variants of the original exploit were introduced over the last day alone.
π΄ Why Classifying Ransomware as a National Security Threat Matters π΄
π Read
via "Dark Reading".
Government actions help starve attack groups of the resources - money, ability to recruit, and time.π Read
via "Dark Reading".
Dark Reading
Why Classifying Ransomware as a National Security Threat Matters
Government actions help starve attack groups of the resources - money, ability to recruit, and time.
βΌ CVE-2021-24045 βΌ
π Read
via "National Vulnerability Database".
A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.π Read
via "National Vulnerability Database".
βΌ CVE-2020-19042 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via a modify action in user/adv.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41272 βΌ
π Read
via "National Vulnerability Database".
Besu is an Ethereum client written in Java. Starting in version 21.10.0, changes in the implementation of the SHL, SHR, and SAR operations resulted in the introduction of a signed type coercion error in values that represent negative values for 32 bit signed integers. Smart contracts that ask for shifts between approximately 2 billion and 4 billion bits (nonsensical but valid values for the operation) will fail to execute and hence fail to validate. In networks where vulnerable versions are mining with other clients or non-vulnerable versions this will result in a fork and the relevant transactions will not be included in the fork. In networks where vulnerable versions are not mining (such as Rinkeby) no fork will result and the validator nodes will stop accepting blocks. In networks where only vulnerable versions are mining the relevant transaction will not be included in any blocks. When the network adds a non-vulnerable version the network will act as in the first case. Besu 21.10.2 contains a patch for this issue. Besu 21.7.4 is not vulnerable and clients can roll back to that version. There is a workaround available: Once a transaction with the relevant shift operations is included in the canonical chain, the only remediation is to make sure all nodes are on non-vulnerable versions.π Read
via "National Vulnerability Database".
β Kronos Ransomware Outage Drives Widespread Payroll Chaos β
π Read
via "Threat Post".
Kronos, the workforce-management provider, said a weeks-long outage of its cloud services is in the offing, just in time to hamstring end-of-year HR activities like bonuses ands vacation tracking.π Read
via "Threat Post".
Threat Post
Kronos Ransomware Outage Drives Widespread Payroll Chaos
Kronos, the workforce-management provider, said a weeks-long outage of its cloud services is in the offing, just in time to hamstring end-of-year HR activities like bonuses and vacation tracking.
π΄ Tales from the Dark Web: Fingerprinting Access Brokers on Criminal Forums π΄
π Read
via "Dark Reading".
Every high-profile breach leaves a trail of bread crumbs, and defenders who monitor access brokers can connect the dots and detect attacks as they unfold.π Read
via "Dark Reading".
Dark Reading
Tales from the Dark Web: Fingerprinting Access Brokers on Criminal Forums
Every high-profile breach leaves a trail of bread crumbs, and defenders who monitor access brokers can connect the dots and detect attacks as they unfold.
β Log4Shell explained β how it works, why you need to know, and how to fix it β
π Read
via "Naked Security".
Find out how to deal with the Log2Shell vulnerability right across your estate. Yes, you need to patch, but that helps everyone else along with you!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Apple security updates are out β and not a Log4Shell mention in sight β
π Read
via "Naked Security".
Get 'em while they're hot!π Read
via "Naked Security".
Naked Security
Apple security updates are out β and not a Log4Shell mention in sight
Get βem while theyβre hot!
βΌ CVE-2021-44524 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal user authentication service. This could allow an unauthenticated remote attacker to trigger several actions on behalf of valid user accounts.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44435 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to stack based buffer overflow while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14903)π Read
via "National Vulnerability Database".
βΌ CVE-2021-44010 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attacker could leverage this vulnerability to leak information in the context of the current process.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44005 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted TIFF files. This could allow an attacker to execute code in the context of the current process.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44017 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Image.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted TIF files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15111)π Read
via "National Vulnerability Database".
βΌ CVE-2021-44015 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The VCRUNTIME140.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted CGM files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15109)π Read
via "National Vulnerability Database".
βΌ CVE-2021-44441 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14913)π Read
via "National Vulnerability Database".
βΌ CVE-2021-44011 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Jt1001.dll is vulnerable to an out of bounds read past the end of an allocated buffer while parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15101)π Read
via "National Vulnerability Database".
βΌ CVE-2021-44003 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to use of uninitialized memory while parsing user supplied TIFF files. This could allow an attacker to cause a denial-of-service condition.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44446 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14828, ZDI-CAN-14898)π Read
via "National Vulnerability Database".
βΌ CVE-2021-44448 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-14843, ZDI-CAN-15051)π Read
via "National Vulnerability Database".
βΌ CVE-2021-44522 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal message broker system. This could allow an unauthenticated remote attacker to subscribe to arbitrary message queues.π Read
via "National Vulnerability Database".