βΌ CVE-2021-30353 βΌ
π Read
via "National Vulnerability Database".
Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearablesπ Read
via "National Vulnerability Database".
π΄ Check If You Have to Worry About the Latest HTTP Protocol Stack Flaw π΄
π Read
via "Dark Reading".
In this Tech Tip, SANS Instituteβs Johannes Ullrich suggests using PowerShell to identify Windows systems affected by the newly disclosed vulnerability in http.sys.π Read
via "Dark Reading".
Dark Reading
Check If You Have to Worry About the Latest HTTP Protocol Stack Flaw
In this Tech Tip, SANS Instituteβs Johannes Ullrich suggests using PowerShell to identify Windows systems affected by the newly disclosed vulnerability in http.sys.
β Adobe Cloud Abused to Steal Office 365, Gmail Credentials β
π Read
via "Threat Post".
Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users, researchers from Avanan discovered.π Read
via "Threat Post".
Threat Post
Adobe Cloud Abused to Steal Office 365, Gmail Credentials
Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users, researchers from Avanan discovered.
π΄ Microsoft RDP Bug Enables Data Theft, Smart-Card Hijacking π΄
π Read
via "Dark Reading".
The vulnerability was patched this week in Microsoft's set of security updates for January 2022.π Read
via "Dark Reading".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
ποΈ Generation cyber: How diversity and ageism can impact the IT workforce ποΈ
π Read
via "The Daily Swig".
Report claims generational attitudes can help or hinder the industryπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Generation cyber: How diversity and ageism can impact the IT workforce
Report claims generational attitudes can help or hinder the industry
βΌ CVE-2021-23514 βΌ
π Read
via "National Vulnerability Database".
This affects the package Crow before 0.3+4. It is possible to traverse directories to fetch arbitrary files from the server.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45806 βΌ
π Read
via "National Vulnerability Database".
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and inject some malicious code.π Read
via "National Vulnerability Database".
β New GootLoader Campaign Targets Accounting, Law Firms β
π Read
via "Threat Post".
GootLoader hijacks WordPress sites to lure professionals to download malicious sample contract templates.π Read
via "Threat Post".
Threat Post
New GootLoader Campaign Targets Accounting, Law Firms
GootLoader hijacks WordPress sites to lure professionals to download malicious sample contract templates.
β S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript] β
π Read
via "Naked Security".
Latest episode -listen to it or read it now!π Read
via "Naked Security".
Naked Security
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
Latest episode -listen to it or read it now!
π΄ Redefining the CISO-CIO Relationship π΄
π Read
via "Dark Reading".
While these roles have different needs, drivers, and objectives, they should complement each other rather than compete with one another.π Read
via "Dark Reading".
Dark Reading
Redefining the CISO-CIO Relationship
While these roles have different needs, drivers, and objectives, they should complement each other rather than compete with one another.
ποΈ GitLab shifts left to patch high-impact vulnerabilities ποΈ
π Read
via "The Daily Swig".
HackerOne bug bounty reports triagedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
GitLab shifts left to patch high-impact vulnerabilities
HackerOne bug bounty reports triaged
π Clam AntiVirus Toolkit 0.104.2 π
π Read
via "Packet Storm Security".
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.π Read
via "Packet Storm Security".
Packetstormsecurity
Clam AntiVirus Toolkit 0.104.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2021-23824 βΌ
π Read
via "National Vulnerability Database".
This affects the package Crow before 0.3+4. When using attributes without quotes in the template, an attacker can manipulate the input to introduce additional attributes, potentially executing code. This may lead to a Cross-site Scripting (XSS) vulnerability, assuming an attacker can influence the value entered into the template. If the template is used to render user-generated content, this vulnerability may escalate to a persistent XSS vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23131 βΌ
π Read
via "National Vulnerability Database".
In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).π Read
via "National Vulnerability Database".
βΌ CVE-2022-23132 βΌ
π Read
via "National Vulnerability Database".
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system levelπ Read
via "National Vulnerability Database".
βΌ CVE-2022-23133 βΌ
π Read
via "National Vulnerability Database".
An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40327 βΌ
π Read
via "National Vulnerability Database".
Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key (held by the Crypto service) based solely on knowledge of its key ID. For example, there is no authorization check associated with the relationship between a caller and a key owner.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23134 βΌ
π Read
via "National Vulnerability Database".
After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.π Read
via "National Vulnerability Database".
π¦Ώ New study reveals phishing simulations might not be effective in training users π¦Ώ
π Read
via "Tech Republic".
A new study at unprecedented scale revealed that embedded phishing training in simulations run by organizations doesn't work well. Yet crowd-sourcing phishing detection is.π Read
via "Tech Republic".
TechRepublic
New study reveals phishing simulations might not be effective in training users
A new study at unprecedented scale revealed that embedded phishing training in simulations run by organizations doesn't work well. Yet crowd-sourcing phishing detection is.
β US Military Ties Prolific MuddyWater Cyberespionage APT to Iran β
π Read
via "Threat Post".
US Cyber Command linked the group to Iranian intelligence and detailed its multi-pronged, increasingly sophisticated suite of malware tools.π Read
via "Threat Post".
Threat Post
US Military Ties Prolific MuddyWater Cyberespionage APT to Iran
US Cyber Command linked the group to Iranian intelligence and detailed its multi-pronged, increasingly sophisticated suite of malware tools.
π΄ How Cybercriminals Are Cashing in on the Culture of 'Yes' π΄
π Read
via "Dark Reading".
The reward is always front of mind, while the potential harm of giving out a phone number doesn't immediately reveal itself.π Read
via "Dark Reading".
Dark Reading
How Cybercriminals Are Cashing in on the Culture of 'Yes'
The reward is always front of mind, while the potential harm of giving out a phone number doesn't immediately reveal itself.