๐ด CrowdStrike Incorporates Intel CPU Telemetry into Falcon Sensor ๐ด
๐ Read
via "Dark Reading".
The Falcon sensor uses Intel PT telemetry to identify suspicious operations associated with hard-to-detect exploit techniques.๐ Read
via "Dark Reading".
Dark Reading
CrowdStrike Incorporates Intel CPU Telemetry Into Falcon Sensor
The Falcon sensor uses Intel PT telemetry to identify suspicious operations associated with hard-to-detect exploit techniques.
โผ CVE-2021-43946 โผ
๐ Read
via "National Vulnerability Database".
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to add administrator groups to filter subscriptions via a Broken Access Control vulnerability in the /secure/EditSubscription.jspa endpoint. The affected versions are before version 8.21.0.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-22567 โผ
๐ Read
via "National Vulnerability Database".
Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a program in unexpected ways.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-41043 โผ
๐ Read
via "National Vulnerability Database".
Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-31589 โผ
๐ Read
via "National Vulnerability Database".
BeyondTrust Secure Remote Access Base Software through 6.0.1 allows an attacker to achieve full admin access to the appliance, by tricking the administrator into creating a new admin account through an XSS/CSRF attack involving a crafted request to the /appliance/users?action=edit endpoint. This cross-site-scripting (XSS) vulnerability occurs when it does not properly sanitize an unauthenticated crafted web request to the server๐ Read
via "National Vulnerability Database".
โผ CVE-2020-15933 โผ
๐ Read
via "National Vulnerability Database".
A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9 and below, FortiMail versions 6.2.4 and below FortiMail versions 6.4.1 and 6.4.0 allows attacker to obtain potentially sensitive software-version information via client-side resources inspection.๐ Read
via "National Vulnerability Database".
๐๏ธ Indian academic bookseller Oswaal Books fixes alleged RCE and other serious vulnerabilities with Shopify relaunch ๐๏ธ
๐ Read
via "The Daily Swig".
Researcher claims he found RCE, authentication bypass, CSRF flaws๐ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Indian academic bookseller Oswaal Books fixes alleged RCE and other serious vulnerabilities with Shopify relaunch
Researcher claims he found RCE, authentication bypass, CSRF flaws
โ โMalsmokeโ Exploits Microsoftโs E-Signature Verification โ
๐ Read
via "Threat Post".
The info-stealing campaign using ZLoader malware โ previously used to deliver Ryuk and Conti ransomware โ already has claimed more than 2,000 victims across 111 countries.๐ Read
via "Threat Post".
Threat Post
โMalsmokeโ Exploits Microsoftโs E-Signature Verification
The info-stealing campaign using ZLoader malware โ previously used to deliver Ryuk and Conti ransomware โ already has claimed more than 2,000 victims across 111 countries.
๐๏ธ Web skimming attacks on hundreds of real estate websites deployed via cloud video hosting service ๐๏ธ
๐ Read
via "The Daily Swig".
Attackers leverage software supply chain to compromise high-traffic sites๐ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Web skimming attacks on hundreds of real estate websites deployed via cloud video hosting service
Attackers leverage software supply chain to compromise high-traffic sites
๐ด Putting Ransomware Gangs Out of Business With AI ๐ด
๐ Read
via "Dark Reading".
Organizations need to take matters into their own hands with a new approach.๐ Read
via "Dark Reading".
Dark Reading
Putting Ransomware Gangs Out of Business With AI
Organizations need to take matters into their own hands with a new approach.
โ Apple Home software bug could lock you out of your iPhone โ
๐ Read
via "Naked Security".
The finder of this bug insists it "poses a serious risk". We're not so sure, but we recommend you take steps to avoid it anyway.๐ Read
via "Naked Security".
Naked Security
Apple Home software bug could lock you out of your iPhone
The finder of this bug insists it โposes a serious riskโ. Weโre not so sure, but we recommend you take steps to avoid it anyway.
โ FTC threatens โlegal actionโ over unpatched Log4j and other vulns โ
๐ Read
via "Naked Security".
Remember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory!๐ Read
via "Naked Security".
Naked Security
FTC threatens โlegal actionโ over unpatched Log4j and other vulns
Remember the Equifax breach? Remember the $700m penalty? In case youโd forgotten, hereโs the FTC to refresh your memory!
๐๏ธ Prosecutors file additional charges against former Uber security chief over 2016 data breach โcover upโ ๐๏ธ
๐ Read
via "The Daily Swig".
Alleged misuse of bug bounty and failure to disclose breach leads to criminal charges๐ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Prosecutors file additional charges against former Uber security chief over 2016 data breach โcover upโ
Alleged misuse of bug bounty and failure to disclose breach leads to criminal charges
โผ CVE-2022-22110 โผ
๐ Read
via "National Vulnerability Database".
In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality. A user with privileges to update his password could change it to a weak password, such as those with a length of a single character. This may allow an attacker to brute-force usersรขโฌโข passwords with minimal to no computational effort.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-22108 โผ
๐ Read
via "National Vulnerability Database".
In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. An attacker that has the lowest privileges account (employee type user), can view the absences of all users in the system including administrators. This type of user is not authorized to view this kind of information.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-22111 โผ
๐ Read
via "National Vulnerability Database".
In DayByDay CRM, version 2.2.0 is vulnerable to missing authorization. Any application user in the application who has update user permission enabled is able to change the password of other users, including the administratorรขโฌโขs. This allows the attacker to gain access to the highest privileged user in the application.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-22109 โผ
๐ Read
via "National Vulnerability Database".
In Daybyday CRM, version 2.2.0 is vulnerable to Stored Cross-Site Scripting (XSS) vulnerability that allows low privileged application users to store malicious scripts in the title field of new tasks. These scripts are executed in a victimรขโฌโขs browser when they open the รขโฌล/tasksรขโฌ๏ฟฝ page to view all the tasks.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-22107 โผ
๐ Read
via "National Vulnerability Database".
In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. An attacker that has the lowest privileges account (employee type user), can view the appointments of all users in the system including administrators. However, this type of user is not authorized to view the calendar at all.๐ Read
via "National Vulnerability Database".
๐ด Why We Need To Reframe the False-Positive Problem ๐ด
๐ Read
via "Dark Reading".
Efforts to tune or build behavior- or signature-based threat identification requires time and effort most organizations don't have.๐ Read
via "Dark Reading".
Dark Reading
Why We Need To Reframe the False-Positive Problem
Efforts to tune or build behavior- or signature-based threat identification requires time and effort most organizations don't have.
๐ฆฟ Behind the scenes: A day in the life of a cybersecurity curriculum director ๐ฆฟ
๐ Read
via "Tech Republic".
The Kennedy Space Center kick-started Andee Harston's career in cybersecurity. Here's how she worked her way up to overseeing the cybersecurity curriculum for Infosec.๐ Read
via "Tech Republic".
TechRepublic
Behind the scenes: A day in the life of a cybersecurity curriculum director
The Kennedy Space Center kick-started Andee Harston's career in cybersecurity. Here's how she worked her way up to overseeing the cybersecurity curriculum for Infosec.
๐ฆฟ MalSmoke attack: Zloader malware exploits Microsoft's signature verification to steal sensitive data ๐ฆฟ
๐ Read
via "Tech Republic".
Already impacting more than 2,000 victims, the malware is able to modify a DLL file digitally signed by Microsoft, says Check Point Research.๐ Read
via "Tech Republic".
TechRepublic
MalSmoke attack: Zloader malware exploits Microsoft's signature verification to steal sensitive data | TechRepublic
Already impacting more than 2,000 victims, the malware is able to modify a DLL file digitally signed by Microsoft, says Check Point Research.