β βBe Afraid:β Massive Cyberattack Downs Ukrainian Govβt Sites β
π Read
via "Threat Post".
As Moscow moves troops and threatens military action, about 70 Ukrainian government sites were hit. βBe afraidβ was scrawled on the Foreign Ministry site.π Read
via "Threat Post".
Threat Post
βBe Afraid:β Massive Cyberattack Downs Ukrainian Govβt Sites
As Moscow moves troops and threatens military action, about 70 Ukrainian government sites were hit. βBe afraidβ was scrawled on the Foreign Ministry site.
ποΈ Researcher discloses alleged zero-day vulnerabilities in NUUO NVRmini2 recording device ποΈ
π Read
via "The Daily Swig".
Exploit code has also been released for flaws that supposedly date back to 2016π Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Researcher discloses alleged zero-day vulnerabilities in NUUO NVRmini2 recording device
Exploit code has also been released for flaws that supposedly date back to 2016
β Real Big Phish: Mobile Phishing & Managing User Fallibility β
π Read
via "Threat Post".
Phishing is more successful than ever. Daniel Spicer, CSO of Ivanti, discusses emerging trends in phishing, and using zero-trust security to patch the human vulnerabilities underpinning the spike.π Read
via "Threat Post".
Threat Post
Real Big Phish: Mobile Phishing & Managing User Fallibility
Phishing is more successful than ever. Daniel Spicer, CSO of Ivanti, discusses emerging trends in phishing, and using zero-trust security to patch the human vulnerabilities underpinning the spike.
β Critical Cisco Contact Center Bug Threatens Customer-Service Havoc β
π Read
via "Threat Post".
Attackers could access and modify agent resources, telephone queues and other customer-service systems β and access personal information on companiesβ customers.π Read
via "Threat Post".
Threat Post
Critical Cisco Contact Center Bug Threatens Customer-Service Havoc
Attackers could access and modify agent resources, telephone queues and other customer-service systems β and access personal information on companiesβ customers.
βΌ CVE-2021-32650 βΌ
π Read
via "National Vulnerability Database".
October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with access to the backend is able to execute PHP code by using the theme import feature. This will bypass the safe mode feature that prevents PHP execution in the CMS templates.The issue has been patched in Build 473 (v1.0.473) and v1.1.6. Those unable to upgrade may apply the patch to their installation manually as a workaround.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32649 βΌ
π Read
via "National Vulnerability Database".
October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. The issue has been patched in Build 473 (v1.0.473) and v1.1.6. Those unable to upgrade may apply the patch to their installation manually as a workaround.π Read
via "National Vulnerability Database".
π¦Ώ 7 obstacles that organizations face migrating legacy data to the cloud π¦Ώ
π Read
via "Tech Republic".
Some of the major obstacles center on concerns about compliance, fears about security and infrastructure and uncertainty about budget requirements, says Archive360.π Read
via "Tech Republic".
TechRepublic
7 obstacles that organizations face migrating legacy data to the cloud
Some of the major obstacles center on concerns about compliance, fears about security and infrastructure and uncertainty about budget requirements, says Archive360.
β Top Illicit Carding Marketplace UniCC Abruptly Shuts Down β
π Read
via "Threat Post".
UniCC controlled 30 percent of the stolen payment-card data market; leaving analysts eyeing whatβs next.π Read
via "Threat Post".
Threat Post
Top Illicit Carding Marketplace UniCC Abruptly Shuts Down
UniCC controlled 30 percent of the stolen payment-card data market; leaving analysts eyeing whatβs next.
π΄ White House Meets With Software Firms and Open Source Orgs on Security π΄
π Read
via "Dark Reading".
The Log4j vulnerability is only the latest security flaw to have global impact, prompting the Biden administration and software developers to pledge to produce more secure software.π Read
via "Dark Reading".
Dark Reading
White House Meets With Software Firms and Open Source Orgs on Security
The Log4j vulnerability is only the latest security flaw to have global impact, prompting the Biden administration and software developers to pledge to produce more secure software.
β Serious Security: Linux full-disk encryption bug fixed β patch now! β
π Read
via "Naked Security".
Imagine if someone who didn't have your password could sneakily modify data that was encrypted with it.π Read
via "Naked Security".
Naked Security
Serious Security: Linux full-disk encryption bug fixed β patch now!
Imagine if someone who didnβt have your password could sneakily modify data that was encrypted with it.
π΄ Maryland Dept. of Health Responds to Ransomware Attack π΄
π Read
via "Dark Reading".
An attack discovered on Dec. 4, 2021, forced the Maryland Department of Health to take some of its systems offline.π Read
via "Dark Reading".
Dark Reading
Maryland Dept. of Health Responds to Ransomware Attack
An attack discovered on Dec. 4, 2021 forced the Maryland Department of Health to take some of its systems offline.
π¦Ώ Russia arrests REvil ransomware gang members at request of US officials π¦Ώ
π Read
via "Tech Republic".
Russia's Federal Security Service said that 14 people were arrested and millions in currency has been seized.π Read
via "Tech Republic".
βΌ CVE-2020-13715 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13721 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13042 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-12945 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13742 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13741 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13049 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13743 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13080 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".