‼ CVE-2021-39618 ‼
📖 Read
via "National Vulnerability Database".
In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing packages without user consent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-196855999📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39630 ‼
📖 Read
via "National Vulnerability Database".
In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-202768292📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44704 ‼
📖 Read
via "National Vulnerability Database".
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
🕴 The Cybersecurity Measures CTOs Are Actually Implementing 🕴
📖 Read
via "Dark Reading".
Companies look to multifactor authentication and identity and access management to block attacks, but hedge their bets with disaster recovery.📖 Read
via "Dark Reading".
Dark Reading
The Cybersecurity Measures CTOs Are Actually Implementing
Companies look to multifactor authentication and identity and access management to block attacks, but hedge their bets with disaster recovery.
🕴 Russia Takes Down REvil Ransomware Operation, Arrests Key Members 🕴
📖 Read
via "Dark Reading".
Timing of the move has evoked at least some skepticism from security experts about the country's true motives.📖 Read
via "Dark Reading".
Dark Reading
Russia Takes Down REvil Ransomware Operation, Arrests Key Members
Timing of the move has evoked at least some skepticism from security experts about the country's true motives.
♟️ At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates ♟️
📖 Read
via "Krebs on Security".
The Russian government said today it arrested 14 people accused of working for "REvil," a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin's decision to station 100,000 troops along the nation's border with Ukraine.📖 Read
via "Krebs on Security".
Krebs on Security
At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates
The Russian government said today it arrested 14 people accused of working for "REvil," a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said…
‼ CVE-2021-46168 ‼
📖 Read
via "National Vulnerability Database".
Spin v6.5.1 was discovered to contain an out-of-bounds write in lex() at spinlex.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46169 ‼
📖 Read
via "National Vulnerability Database".
Modex v2.11 was discovered to contain an Use-After-Free vulnerability via the component tcache.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46171 ‼
📖 Read
via "National Vulnerability Database".
Modex v2.11 was discovered to contain a NULL pointer dereference in set_create_id() at xtract.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46170 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c file.📖 Read
via "National Vulnerability Database".
📢 Microsoft takes aim at critical RCE flaws with "massive" Patch Tuesday update 📢
📖 Read
via "ITPro".
Microsoft has kicked off 2022 with a score of security fixes for critical-rated vulnerabilities in some of the most widely used products used by businesses around the world📖 Read
via "ITPro".
ITPro
Microsoft takes aim at critical RCE flaws with "massive" Patch Tuesday update
Microsoft has kicked off 2022 with a score of security fixes for critical-rated vulnerabilities in some of the most widely used products used by businesses around the world
📢 Cyber attacks on corporate networks increased 50% in 2021 📢
📖 Read
via "ITPro".
Check Point data reveals an upward trend of malicious activity since mid-2020📖 Read
via "ITPro".
IT PRO
Cyber attacks on corporate networks increased 50% in 2021 | IT PRO
Check Point data reveals an upwards trend of malicious activity since mid-2020
📢 Google Drive accounted for the most malware downloads in 2021 📢
📖 Read
via "ITPro".
NetSkope research malware downloaded via cloud apps is now more prevalent than web-delivered malware📖 Read
via "ITPro".
IT PRO
Google Drive accounted for the most malware downloads in 2021 | IT PRO
NetSkope research malware downloaded via cloud apps is now more prevalent than web-delivered malware
📢 QNAP warns of ransomware targeting internet-facing NAS products 📢
📖 Read
via "ITPro".
The manufacturer has provided a guide to securing vulnerable products amid ongoing attacks📖 Read
via "ITPro".
IT PRO
QNAP warns of ransomware targeting internet-facing NAS products | IT PRO
The manufacturer has provided a guide to securing vulnerable products amid ongoing attacks
📢 Open source in open rebellion - can Google bring peace to the developer community? 📢
📖 Read
via "ITPro".
A recent White House gathering exposes divisions between the open source community and the private companies that exploit it📖 Read
via "ITPro".
IT PRO
Open source in open rebellion - can Google bring peace to the developer community? | IT PRO
A recent White House gathering exposes divisions between the open source community and the private companies that exploit it
📢 US gov issues fresh warning over Russian threat to critical infrastructure 📢
📖 Read
via "ITPro".
The FBI, NSA and CISA have urged network defenders to be on "heightened alert" for Russian cyber attacks📖 Read
via "ITPro".
IT PRO
US gov issues fresh warning over Russian threat to critical infrastructure | IT PRO
The FBI, NSA and CISA have urged network defenders to be on "heightened alert" for Russian cyber attacks
📢 NetUSB flaw exposes millions of routers to remote code execution 📢
📖 Read
via "ITPro".
The vulnerability impacts devices from Netgear, TP-Link, D-Link, and Western Digital📖 Read
via "ITPro".
IT PRO
NetUSB flaw exposes millions of routers to remote code execution | IT PRO
The vulnerability impacts devices from Netgear, TP-Link, D-Link, and Western Digital
📢 Five giveaways that show an email is a phishing attack 📢
📖 Read
via "ITPro".
One of the biggest problems in cyber security is the phishing email📖 Read
via "ITPro".
IT PRO
Five giveaways that show an email is a phishing attack | IT PRO
One of the biggest problems in cyber security is the phishing email
📢 Ransomware is being rewritten in Go for joint attacks on Windows, Linux users 📢
📖 Read
via "ITPro".
The Google-created programming language has become increasingly popular in the malware community for its speed and effectiveness in targeting more users with the same code base📖 Read
via "ITPro".
IT PRO
Ransomware is being rewritten in Go for joint attacks on Windows, Linux users | IT PRO
The Google-created programming language has become increasingly popular in the malware community for its speed and effectiveness in targeting more users with the same code base
📢 Ukraine government and embassies hit by "massive" cyber attacks 📢
📖 Read
via "ITPro".
Russia is said to be most-likely behind the attacks as tensions between the two countries increases📖 Read
via "ITPro".
IT PRO
Ukraine government and embassies hit by "massive" cyber attacks | IT PRO
Russia is said to be most-likely behind the attacks as tensions between the two countries increases
📢 How to build a zero trust model 📢
📖 Read
via "ITPro".
Threats are becoming greater and more diverse, but having a zero trust architecture could help your business defend its infrastructure📖 Read
via "ITPro".
IT PRO
How to build a zero trust model | IT PRO
Threats are becoming greater and more diverse, but having a zero trust architecture could help your business defend its infrastructure