β Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass (Fake) Account Creation β
π Read
via "Threat Post".
Jason Kent is Hacker-in-Residence at Cequence Security.π Read
via "Threat Post".
Threat Post
Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud
Jason Kent, hacker-in-residence at Cequence Security, discusses sneaky shopping bot tactics (i.e., domain parking) seen in a mass campaign, and what retail security teams can do about them.
βΌ CVE-2021-45885 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25993 βΌ
π Read
via "National Vulnerability Database".
In Requarks wiki.js, versions 2.0.0-beta.147 to 2.5.255 are affected by Stored XSS vulnerability, where a low privileged (editor) user can upload a SVG file that contains malicious JavaScript while uploading assets in the page. That will send the JWT tokens to the attackerΓ’β¬β’s server and will lead to account takeover when accessed by the victim.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23727 βΌ
π Read
via "National Vulnerability Database".
This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery backend, they could trigger a stored command injection vulnerability and potentially gain further access to the system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4187 βΌ
π Read
via "National Vulnerability Database".
vim is vulnerable to Use After Freeπ Read
via "National Vulnerability Database".
βΌ CVE-2021-36724 βΌ
π Read
via "National Vulnerability Database".
ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions to shutdown the secure connector service writes a large amount of characters in the installationPath. This will cause the buffer to overflow and override the stack cookie causing the service to crash.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43876 βΌ
π Read
via "National Vulnerability Database".
Microsoft SharePoint Elevation of Privilege Vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4188 βΌ
π Read
via "National Vulnerability Database".
mruby is vulnerable to NULL Pointer Dereferenceπ Read
via "National Vulnerability Database".
π¦Ώ Learn highly marketable ethical hacking skills for less than $45 π¦Ώ
π Read
via "Tech Republic".
Even if you have no tech experience, you can develop valuable skills with the online training offered by The Super-Sized Ethical Hacking Bundle.π Read
via "Tech Republic".
TechRepublic
Learn highly marketable ethical hacking skills for less than $45
Even if you have no tech experience, you can develop valuable skills with the online training offered by The Super-Sized Ethical Hacking Bundle.
βΌ CVE-2021-45427 βΌ
π Read
via "National Vulnerability Database".
Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated arbitrary file deletion due to path traversal. An attacker can browse and delete files without any authentication due to incorrect access control and directory traversal.π Read
via "National Vulnerability Database".
π΄ In the Fight Against Cybercrime, Takedowns Are Only Temporary π΄
π Read
via "Dark Reading".
Disrupting access to servers and infrastructure continues to interfere with cybercrime activity, but it's far from a perfect strategy.π Read
via "Dark Reading".
Dark Reading
In the Fight Against Cybercrime, Takedowns Are Only Temporary
Disrupting access to servers and infrastructure continues to interfere with cybercrime activity, but it's far from a perfect strategy.
β Instagram copyright infringment scams β donβt get sucked in! β
π Read
via "Naked Security".
We deconstructed a copyright phish so you don't have to. Be warned: the crooks are getting better at these scams...π Read
via "Naked Security".
Naked Security
Instagram copyright infringment scams β donβt get sucked in!
We deconstructed a copyright phish so you donβt have to. Be warned: the crooks are getting better at these scamsβ¦
π΄ Zero Trust and Access: Protecting the Keys to the Kingdom π΄
π Read
via "Dark Reading".
Zero trust moves the control pane closer to the defended asset and attempts to tightly direct access and privileges.π Read
via "Dark Reading".
Dark Reading
Zero Trust and Access: Protecting the Keys to the Kingdom
Zero trust moves the control pane closer to the defended asset and attempts to tightly direct access and privileges.
βΌ CVE-2021-45818 βΌ
π Read
via "National Vulnerability Database".
SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability which can lead to can lead to HTTP response splitting.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43861 βΌ
π Read
via "National Vulnerability Database".
Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. Prior to version 8.13.8, malicious diagrams can run javascript code at diagram readers' machines. Users should upgrade to version 8.13.8 to receive a patch. There are no known workarounds aside from upgrading.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45815 βΌ
π Read
via "National Vulnerability Database".
Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting (XSS) vulnerability.π Read
via "National Vulnerability Database".
ποΈ Swig Security Review 2021 β Part II ποΈ
π Read
via "The Daily Swig".
Key thinkers on the biggest security stories and trends in 2021π Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Swig Security Review 2021 β Part II
Key thinkers on the biggest security stories and trends in 2021
β APT βAquatic Pandaβ Targets Universities with Log4Shell Exploit Tools β
π Read
via "Threat Post".
Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution.π Read
via "Threat Post".
Threat Post
APT βAquatic Pandaβ Targets Universities with Log4Shell Exploit Tools
Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution.
ποΈ HCL DX vendor βcould not reproduceβ allegedly critical vulnerabilities ποΈ
π Read
via "The Daily Swig".
Disclosure process for bugs in HCL DX β formerly WebSphere Portal β seemingly went awryπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
HCL DX vendor βcould not reproduceβ allegedly critical vulnerabilities
Disclosure process for bugs in HCL DX β formerly WebSphere Portal β seemingly went awry
βΌ CVE-2021-43862 βΌ
π Read
via "National Vulnerability Database".
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting (XSS) vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code the victim sees. If the application uses the `execHash` option and executes code from URL, the attacker can use this URL to execute their code. The scope is limited because the javascript attribute used is added to span tag, so no automatic execution like with `onerror` on images is possible. This issue is fixed in version 2.31.1. As a workaround, the user can use formatting that wrap whole user input and its no op. The code for this workaround is available in the GitHub Security Advisory. The fix will only work when user of the library is not using different formatters (e.g. to highlight code in different way).π Read
via "National Vulnerability Database".
π΄ Getting Started With Threat-Informed Security Programs π΄
π Read
via "Dark Reading".
Security leaders need to examine their business model, document risks, and develop a strategic plan to address those risks.π Read
via "Dark Reading".
Dark Reading
Getting Started With Threat-Informed Security Programs
Security leaders need to examine their business model, document risks, and develop a strategic plan to address those risks.