‼ CVE-2021-46171 ‼
📖 Read
via "National Vulnerability Database".
Modex v2.11 was discovered to contain a NULL pointer dereference in set_create_id() at xtract.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46170 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c file.📖 Read
via "National Vulnerability Database".
📢 Microsoft takes aim at critical RCE flaws with "massive" Patch Tuesday update 📢
📖 Read
via "ITPro".
Microsoft has kicked off 2022 with a score of security fixes for critical-rated vulnerabilities in some of the most widely used products used by businesses around the world📖 Read
via "ITPro".
ITPro
Microsoft takes aim at critical RCE flaws with "massive" Patch Tuesday update
Microsoft has kicked off 2022 with a score of security fixes for critical-rated vulnerabilities in some of the most widely used products used by businesses around the world
📢 Cyber attacks on corporate networks increased 50% in 2021 📢
📖 Read
via "ITPro".
Check Point data reveals an upward trend of malicious activity since mid-2020📖 Read
via "ITPro".
IT PRO
Cyber attacks on corporate networks increased 50% in 2021 | IT PRO
Check Point data reveals an upwards trend of malicious activity since mid-2020
📢 Google Drive accounted for the most malware downloads in 2021 📢
📖 Read
via "ITPro".
NetSkope research malware downloaded via cloud apps is now more prevalent than web-delivered malware📖 Read
via "ITPro".
IT PRO
Google Drive accounted for the most malware downloads in 2021 | IT PRO
NetSkope research malware downloaded via cloud apps is now more prevalent than web-delivered malware
📢 QNAP warns of ransomware targeting internet-facing NAS products 📢
📖 Read
via "ITPro".
The manufacturer has provided a guide to securing vulnerable products amid ongoing attacks📖 Read
via "ITPro".
IT PRO
QNAP warns of ransomware targeting internet-facing NAS products | IT PRO
The manufacturer has provided a guide to securing vulnerable products amid ongoing attacks
📢 Open source in open rebellion - can Google bring peace to the developer community? 📢
📖 Read
via "ITPro".
A recent White House gathering exposes divisions between the open source community and the private companies that exploit it📖 Read
via "ITPro".
IT PRO
Open source in open rebellion - can Google bring peace to the developer community? | IT PRO
A recent White House gathering exposes divisions between the open source community and the private companies that exploit it
📢 US gov issues fresh warning over Russian threat to critical infrastructure 📢
📖 Read
via "ITPro".
The FBI, NSA and CISA have urged network defenders to be on "heightened alert" for Russian cyber attacks📖 Read
via "ITPro".
IT PRO
US gov issues fresh warning over Russian threat to critical infrastructure | IT PRO
The FBI, NSA and CISA have urged network defenders to be on "heightened alert" for Russian cyber attacks
📢 NetUSB flaw exposes millions of routers to remote code execution 📢
📖 Read
via "ITPro".
The vulnerability impacts devices from Netgear, TP-Link, D-Link, and Western Digital📖 Read
via "ITPro".
IT PRO
NetUSB flaw exposes millions of routers to remote code execution | IT PRO
The vulnerability impacts devices from Netgear, TP-Link, D-Link, and Western Digital
📢 Five giveaways that show an email is a phishing attack 📢
📖 Read
via "ITPro".
One of the biggest problems in cyber security is the phishing email📖 Read
via "ITPro".
IT PRO
Five giveaways that show an email is a phishing attack | IT PRO
One of the biggest problems in cyber security is the phishing email
📢 Ransomware is being rewritten in Go for joint attacks on Windows, Linux users 📢
📖 Read
via "ITPro".
The Google-created programming language has become increasingly popular in the malware community for its speed and effectiveness in targeting more users with the same code base📖 Read
via "ITPro".
IT PRO
Ransomware is being rewritten in Go for joint attacks on Windows, Linux users | IT PRO
The Google-created programming language has become increasingly popular in the malware community for its speed and effectiveness in targeting more users with the same code base
📢 Ukraine government and embassies hit by "massive" cyber attacks 📢
📖 Read
via "ITPro".
Russia is said to be most-likely behind the attacks as tensions between the two countries increases📖 Read
via "ITPro".
IT PRO
Ukraine government and embassies hit by "massive" cyber attacks | IT PRO
Russia is said to be most-likely behind the attacks as tensions between the two countries increases
📢 How to build a zero trust model 📢
📖 Read
via "ITPro".
Threats are becoming greater and more diverse, but having a zero trust architecture could help your business defend its infrastructure📖 Read
via "ITPro".
IT PRO
How to build a zero trust model | IT PRO
Threats are becoming greater and more diverse, but having a zero trust architecture could help your business defend its infrastructure
📢 Nearly half of all Log4j downloads remain critically vulnerable 📢
📖 Read
via "ITPro".
The findings come as the US threatens legal action against those who fail to patch to the latest versions of the popular Java library📖 Read
via "ITPro".
IT PRO
Nearly half of all Log4j downloads remain critically vulnerable | IT PRO
The findings come as the US threatens legal action against those who fail to patch to the latest versions of the popular Java library
📢 El Salvador becomes latest target of Pegasus spyware 📢
📖 Read
via "ITPro".
The list of nations with access to Pegasus is growing, with evidence pointing to potential links between 35 confirmed Pegasus cases and the Salvadoran government📖 Read
via "ITPro".
IT PRO
El Salvador becomes latest target of Pegasus spyware | IT PRO
The list of nations with access to Pegasus is growing, with evidence pointing to potential links between 35 confirmed Pegasus cases and the Salvadoran government
‼ CVE-2022-23094 ‼
📖 Read
via "National Vulnerability Database".
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-24044 ‼
📖 Read
via "National Vulnerability Database".
By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yield positions. This could result in segmentation fault as a consequence of type confusion error, with a low chance of RCE. This issue affects Hermes versions prior to v0.10.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44049 ‼
📖 Read
via "National Vulnerability Database".
CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a Trojan horse Procmon64.exe in the user's Temp directory.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23178 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23095 ‼
📖 Read
via "National Vulnerability Database".
Open Design Alliance Drawings SDK before 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33828 ‼
📖 Read
via "National Vulnerability Database".
The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection.📖 Read
via "National Vulnerability Database".