βΌ CVE-2021-40636 βΌ
π Read
via "National Vulnerability Database".
OS4ED openSIS 8.0 is affected by SQL Injection in CheckDuplicateName.php, which can extract information from the database.π Read
via "National Vulnerability Database".
β Russia Leaks Data From a Thousand CutsβPodcast β
π Read
via "Threat Post".
Itβs not just Ukraine: There's a flood of intel on Russian military, nukes and crooks, says dark-web intel expert Vinny Troia, even with the Conti ransomware gang shuttering its leaking Jabber chat server.π Read
via "Threat Post".
Threat Post
Russia Leaks Data From a Thousand CutsβPodcast
Itβs not just Ukraine: There's a flood of intel on Russian military, nukes and crooks, says dark-web intel expert Vinny Troia, even with the Conti ransomware gang shuttering its leaking Jabber chat server.
ποΈ Nvidia hackers allegedly attempting to blackmail company into open-sourcing GPU drivers ποΈ
π Read
via "The Daily Swig".
Unusual demand follows request that hardware firm removes mining hashrate limiters on GPUsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Nvidia hackers allegedly attempting to blackmail company into open-sourcing GPU drivers
Unusual demand follows request that hardware firm removes mining hashrate limiters on GPUs
βΌ CVE-2021-40637 βΌ
π Read
via "National Vulnerability Database".
OS4ED openSIS 8.0 is affected by cross-site scripting (XSS) in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43774 βΌ
π Read
via "National Vulnerability Database".
A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer (e.g., by using the default credentials) can download the address book file, which contains the list of users (domain users, FTP users, etc.) stored on the printer, together with their encrypted passwords. The passwords are protected by a weak cipher, such as ROT13, which requires minimal effort to instantly retrieve the original password, giving the attacker a list of valid domain or FTP usernames and passwords.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0753 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.9.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0841 βΌ
π Read
via "National Vulnerability Database".
OS Command Injection in GitHub repository ljharb/npm-lockfile prior to v2.0.5.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22706 βΌ
π Read
via "National Vulnerability Database".
An Arm product family through 2022-01-03 has an Exposed Dangerous Method or Function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45819 βΌ
π Read
via "National Vulnerability Database".
Wordline HIDCCEMonitorSVC before v5.2.4.3 contains an unquoted service path which allows attackers to escalate privileges to the system level.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25031 βΌ
π Read
via "National Vulnerability Database".
Remote Desktop Commander Suite Agent before v4.8 contains an unquoted service path which allows attackers to escalate privileges to the system level.π Read
via "National Vulnerability Database".
π΄ Attivo Expands Active Directory Protection from Unmanaged Devices, Including Mac, Linux, IoT/OT π΄
π Read
via "Dark Reading".
Attivo Networks ADSecure-DC solution joins the companyβs existing suite of Active Directory protection products.π Read
via "Dark Reading".
Dark Reading
Attivo Expands Active Directory Protection from Unmanaged Devices, Including Mac, Linux, IoT/OT
Attivo Networks ADSecure-DC solution joins the companyβs existing suite of Active Directory protection products.
π΄ 8-Character Passwords Can Be Cracked in Less than 60 Minutes π΄
π Read
via "Dark Reading".
Researchers say passwords with less than seven characters can be hacked "instantly."π Read
via "Dark Reading".
Dark Reading
8-Character Passwords Can Be Cracked in Less than 60 Minutes
Researchers say passwords with less than seven characters can be hacked "instantly."
ποΈ Google WAF bypassed via oversized POST requests ποΈ
π Read
via "The Daily Swig".
Security research highlights web application firewall security riskπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Google WAF bypassed via oversized POST requests
Security research highlights web application firewall security risk
π1
βΌ CVE-2022-26128 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26126 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26125 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26129 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25138 βΌ
π Read
via "National Vulnerability Database".
Axelor Open Suite v5.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Name parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26127 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c.π Read
via "National Vulnerability Database".
π OCR Urges Organizations to Secure Health Information in 2022 π
π Read
via "".
The Director of HHS OCR called on healthcare organizations this week to strengthen their cyber posture in 2022.π Read
via "".
Digital Guardian
OCR Urges Organizations to Secure Health Information in 2022
The Director of HHS OCR called on healthcare organizations this week to strengthen their cyber posture in 2022.
π΄ Cybersecurity Mesh Architecture: Hope or Hype? π΄
π Read
via "Dark Reading".
Gartner has touted CSMA as one of the top technology trends for this year. But what is it really?π Read
via "Dark Reading".