π΄ Why We Need "Developer-First" Application Security π΄
π Read
via "Dark Reading".
The way to improve the security of the modern software development life cycle and reduce the number of application-based breaches is to re-center app security around the needs of developers.π Read
via "Dark Reading".
Dark Reading
Why We Need "Developer-First" Application Security
The way to improve the security of the modern software development life cycle and reduce the number of application-based breaches is to re-center app security around the needs of developers.
ποΈ Log4j: Security pros call for urgent patch implementation as in-the-wild exploitation continues ποΈ
π Read
via "The Daily Swig".
Initial, βincompleteβ patch created path to denial-of-service attacksπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Log4j: Security pros call for urgent patch implementation as in-the-wild exploitation continues
Initial, βincompleteβ patch created path to denial-of-service attacks
π¦Ώ Kodachi is the operating system for those who value privacy but don't want to learn Linux π¦Ώ
π Read
via "Tech Republic".
For anyone looking to gain an extra layer of privacy on a desktop or laptop, Kodachi Linux might be the perfect option. Jack Wallen highlights this live Linux distribution.π Read
via "Tech Republic".
TechRepublic
Kodachi is the operating system for those who value privacy but donβt want to learn Linux
For anyone looking to gain an extra layer of privacy on a desktop or laptop, Kodachi Linux might be the perfect option. Jack Wallen highlights this live Linux distribution.
π¦Ώ Just in time for Christmas, Kronos payroll and HR cloud software goes offline due to ransomware π¦Ώ
π Read
via "Tech Republic".
The attack has led to an outage expected to last weeks, leaving companies scrambling to make payroll with the holidays right around the corner.π Read
via "Tech Republic".
TechRepublic
Just in time for Christmas, Kronos payroll and HR cloud software goes offline due to ransomware
The attack has led to an outage expected to last weeks, leaving companies scrambling to make payroll with the holidays right around the corner.
π Log4j Recognizer π
π Read
via "Packet Storm Security".
This utility looks for log4j in the currently running JVM. It is useful for systems that allow plugins to introduce their own jars. Therefore, you can find if someone is using log4j with a dangerous version.π Read
via "Packet Storm Security".
Packetstormsecurity
Log4j Recognizer β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2021-43237 βΌ
π Read
via "National Vulnerability Database".
Windows Setup Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-43893 βΌ
π Read
via "National Vulnerability Database".
Windows Encrypting File System (EFS) Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-43227 βΌ
π Read
via "National Vulnerability Database".
Storage Spaces Controller Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43235.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43877 βΌ
π Read
via "National Vulnerability Database".
ASP.NET Core and Visual Studio Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-43907 βΌ
π Read
via "National Vulnerability Database".
Visual Studio Code WSL Extension Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-41333 βΌ
π Read
via "National Vulnerability Database".
Windows Print Spooler Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-43892 βΌ
π Read
via "National Vulnerability Database".
Microsoft BizTalk ESB Toolkit Spoofing Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-43243 βΌ
π Read
via "National Vulnerability Database".
VP9 Video Extensions Information Disclosure Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-43908 βΌ
π Read
via "National Vulnerability Database".
Visual Studio Code Spoofing Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-42312 βΌ
π Read
via "National Vulnerability Database".
Microsoft Defender for IOT Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-43889 βΌ
π Read
via "National Vulnerability Database".
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-41365, CVE-2021-42310, CVE-2021-42311, CVE-2021-42313, CVE-2021-42314, CVE-2021-42315, CVE-2021-43882.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43216 βΌ
π Read
via "National Vulnerability Database".
Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-43675 βΌ
π Read
via "National Vulnerability Database".
Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42320 βΌ
π Read
via "National Vulnerability Database".
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-43242.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43256 βΌ
π Read
via "National Vulnerability Database".
Microsoft Excel Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2021-43905 βΌ
π Read
via "National Vulnerability Database".
Microsoft Office app Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".