β Millions of Routers Exposed to RCE by USB Kernel Bug β
π Read
via "Threat Post".
The high-severity RCE flaw is in the KCodes NetUSB kernel module, used by popular routers from Netgear, TP-Link, DLink, Western Digital, et al.π Read
via "Threat Post".
Threat Post
Millions of Routers Exposed to RCE by USB Kernel Bug
The high-severity RCE flaw is in the KCodes NetUSB kernel module, used by popular routers from Netgear, TP-Link, DLink, Western Digital, et al.
ποΈ IP spoofing bug leaves Django REST applications open to DDoS, password-cracking attacks ποΈ
π Read
via "The Daily Swig".
Security researcher discovers how to send unlimited HTTP requests with the same clientπ Read
via "The Daily Swig".
βΌ CVE-2021-37195 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS accepts arbitrary code as attachment to tasks. This could allow an attacker to inject malicious code that is executed when loading the attachment.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45460 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate process. Attackers might achieve persistence on the system ("backdoors") or cause a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41769 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions < V8.83). An improper input validation vulnerability in the web server could allow an unauthenticated user to access device information.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37197 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS is vulnerable to SQL injections. This could allow an attacker to execute arbitrary SQL statements.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37196 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS unpacks specially crafted archive files to relative paths. This vulnerability could allow an attacker to store files in any folder accessible by the COMOS Web webservice.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45034 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70ΓΒ°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70ΓΒ°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). The web server of the affected system allows access to logfiles and diagnostic data generated by a privileged user. An unauthenticated attacker could access the files by knowing the corresponding download links.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45033 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70ΓΒ°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70ΓΒ°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). An undocumented debug port uses hard-coded default credentials. If this port is enabled by a privileged user, an attacker aware of the credentials could access an administrative debug shell on the affected device.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37198 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of COMOS uses a flawed implementation of CSRF prevention. An attacker could exploit this vulnerability to perform Cross-Site-Request-Forgery attacks.π Read
via "National Vulnerability Database".
ποΈ Multiple Node.js vulnerabilities fixed in flurry of new releases ποΈ
π Read
via "The Daily Swig".
Three medium-impact and one low severity bug have been patchedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Multiple Node.js vulnerabilities fixed in flurry of new releases
Three medium-impact and one low severity bug have been patched
π΄ 5 Things to Know About Next-Generation SIEM π΄
π Read
via "Dark Reading".
NG-SIEM is emerging as a cloud- and analytics-driven alternative to legacy SIEMs. Based on new research, Omdia highlights five important new insights for anyone considering a NG-SIEM purchase.π Read
via "Dark Reading".
Dark Reading
5 Things to Know About Next-Generation SIEM
NG-SIEM is emerging as a cloud- and analytics-driven alternative to legacy SIEMs. Based on new research, Omdia highlights five important new insights for anyone considering a NG-SIEM purchase.
β Critical SonicWall NAC Vulnerability Stems from Apache Mods β
π Read
via "Threat Post".
Researchers offer more detail on the bug, which can allow attackers to completely take over targets.π Read
via "Threat Post".
Threat Post
Critical SonicWall NAC Vulnerability Stems from Apache Mods
Researchers offer more detail on the bug, which can allow attackers to completely take over targets.
βΌ CVE-2021-44647 βΌ
π Read
via "National Vulnerability Database".
Lua 5.4.4 and 5.4.2 are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service.π Read
via "National Vulnerability Database".
π΄ Why Security Awareness Training Should Begin in the C-Suite π΄
π Read
via "Dark Reading".
It's not just the rights and privileges that CXOs have on the network. They can also set an example of what good security hygiene looks like.π Read
via "Dark Reading".
Dark Reading
Why Security Awareness Training Should Begin in the C-Suite
It's not just the rights and privileges that CXOs have on the network. They can also set an example of what good security hygiene looks like.
β βFully Undetectedβ SysJoker Backdoor Malware Targets Windows, Linux & macOS β
π Read
via "Threat Post".
The malware establishes initial access on targeted machines, then waits for additional code to execute.π Read
via "Threat Post".
Threat Post
βFully Undetectedβ SysJoker Backdoor Malware Targets Windows, Linux & macOS
The malware establishes initial access on targeted machines, then waits for additional code to execute.
ποΈ VMware Horizon under attack as China-based ransomware group targets Log4j vulnerability ποΈ
π Read
via "The Daily Swig".
Microsoft says cybercrime group is attempting to deploy NightSky ransomwareπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
VMware Horizon under attack as China-based ransomware group targets Log4j vulnerability
Microsoft says cybercrime group is attempting to deploy NightSky ransomware
π Faraday 3.19.0 π
π Read
via "Packet Storm Security".
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.π Read
via "Packet Storm Security".
Packetstormsecurity
Faraday 3.19.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π¦Ώ 9 ways that cybersecurity may change in 2022 π¦Ώ
π Read
via "Tech Republic".
As malicious bot activity increases and attacks surge against APIs, MFA will become more of a mandate and the CISO will take on a greater role, predicts Ping Identity CEO and founder Andre Durand.π Read
via "Tech Republic".
TechRepublic
9 ways that cybersecurity may change in 2022
As malicious bot activity increases and attacks surge against APIs, MFA will become more of a mandate and the CISO will take on a greater role, predicts Ping Identity CEO and founder Andre Durand.
ποΈ Growing cyber threats listed among greatest global risks in annual World Economic Forum report ποΈ
π Read
via "The Daily Swig".
Resilience, resilience, resilienceπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Growing cyber threats listed among greatest global risks in annual World Economic Forum report
Resilience, resilience, resilience
π¦Ώ Google Drive accounted for the most malware downloads from cloud storage sites in 2021 π¦Ώ
π Read
via "Tech Republic".
Google took over the top spot for malicious downloads from Microsoft OneDrive as attackers created free accounts, uploaded malware and shared documents with unsuspecting users, says Netskope.π Read
via "Tech Republic".
TechRepublic
Google Drive accounted for the most malware downloads from cloud storage sites in 2021
Google took over the top spot for malicious downloads from Microsoft OneDrive as attackers created free accounts, uploaded malware and shared documents with unsuspecting users, says Netskope.