π΄ More Than 70% of SOC Analysts Experiencing Burnout π΄
π Read
via "Dark Reading".
Nearly 65% of security operations center (SOC) analysts are likely to change jobs in the next year, survey shows.π Read
via "Dark Reading".
Dark Reading
More Than 70% of SOC Analysts Experiencing Burnout
Nearly 65% of security operations center (SOC) analysts are likely to change jobs in the next year, survey shows.
π1
β Massive Meris Botnet Embeds Ransomware Notes from REvil β
π Read
via "Threat Post".
Notes threatening to tank targeted companies' stock price were embedded into the DDoS ransomware attacks as a string_of_text directed to CEOs and webops_geeks in the URL.π Read
via "Threat Post".
Threat Post
Massive Meris Botnet Embeds Ransomware Notes from REvil
Notes threatening to tank targeted companies' stock price were embedded into the DDoS ransomware attacks as a string_of_text directed to CEOs and webops_geeks in the URL.
βΌ CVE-2021-46353 βΌ
π Read
via "National Vulnerability Database".
An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46384 βΌ
π Read
via "National Vulnerability Database".
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. The impact is: execute arbitrary code (remote). The attack vector is: ${"freemarker.template.utility.Execute"?new()("calc")}. ΓΒΆΓΒΆ MCMS has a pre-auth RCE vulnerability through which allows unauthenticated attacker with network access via http to compromise MCMS. Successful attacks of this vulnerability can result in takeover of MCMS.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44827 βΌ
π Read
via "National Vulnerability Database".
There is remote authenticated OS command injection on TP-Link Archer C20i 0.9.1 3.2 v003a.0 Build 170221 Rel.55462n devices vie the X_TP_ExternalIPv6Address HTTP parameter, allowing a remote attacker to run arbitrary commands on the router with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40846 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext HTTP to check, and request, updates. Thus, attackers can man-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27756 βΌ
π Read
via "National Vulnerability Database".
"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it."π Read
via "National Vulnerability Database".
βΌ CVE-2021-43590 βΌ
π Read
via "National Vulnerability Database".
Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a Plain-text password storage vulnerability. A local high privileged malicious user may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32008 βΌ
π Read
via "National Vulnerability Database".
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a Pathname to restricted directory, allows logged in GateManager admin to delete system Files or Directories.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25312 βΌ
π Read
via "National Vulnerability Database".
An XML external entity (XXE) injection vulnerability was discovered in the Any23 RDFa XSLTStylesheet extractor and is known to affect Any23 versions < 2.7. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. It often allows an attacker to view files on the application server filesystem, and to interact with any back-end or external systems that the application itself can access. This issue is fixed in Apache Any23 2.7.π Read
via "National Vulnerability Database".
π’ The new rules of ransomware π’
π Read
via "ITPro".
The rise in working from home has brought with it a rise in ransomware attacks, but an effective backup routine can guard against disasterπ Read
via "ITPro".
IT PRO
The new rules of ransomware | IT PRO
The rise in working from home has brought with it a rise in ransomware attacks, but an effective backup routine can guard against disaster
π’ Microsoft releases Defender for Azure Cosmos DB in preview π’
π Read
via "ITPro".
The database protection service is exclusive to Microsoft Defender for Cloud usersπ Read
via "ITPro".
ITPro
Microsoft releases Defender for Azure Cosmos DB in preview
The database protection service is exclusive to Microsoft Defender for Cloud users
π’ Anonymous hacks website of Russian Space Research Institute π’
π Read
via "ITPro".
Russiaβs lunar missions files were obtained through a brute-force attack on a private service hosted by Roscosmosπ Read
via "ITPro".
IT PRO
Anonymous hacks website of Russian Space Research Institute | IT PRO
Russiaβs lunar missions files were obtained through a brute-force attack on a private service hosted by Roscosmos
π’ Cisco patches critical bugs in collaboration products π’
π Read
via "ITPro".
Attackers could exploit the flaw to run their own code on Cisco's video conferencing serversπ Read
via "ITPro".
IT PRO
Cisco patches critical bugs in collaboration products | IT PRO
Attackers could exploit the flaw to run their own code on Cisco's video conferencing servers
π’ IT Pro News In Review: Compromised Nvidia data, protesters boycott Russian tech, Conti data breach π’
π Read
via "ITPro".
Catch up on the biggest headlines of the week in just two minutesπ Read
via "ITPro".
IT PRO
IT Pro News In Review: Compromised Nvidia data, protesters boycott Russian tech, Conti data breach
Catch up on the biggest headlines of the week in just two minutes
π’ OneWeb suspends satellite launch from Russian spaceport π’
π Read
via "ITPro".
The decision follows Roscosmosβ demand that the UK sell its 20% stake in OneWeb purchased in 2020π Read
via "ITPro".
IT PRO
OneWeb suspends satellite launch from Russian spaceport | IT PRO
The decision follows Roscosmosβ demand that the UK sell its 20% stake in OneWeb purchased in 2020
π1
βΌ CVE-2022-25069 βΌ
π Read
via "National Vulnerability Database".
Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to perform remote code execution (RCE) via injecting a crafted payload into /lib/contentState/pasteCtrl.js.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25465 βΌ
π Read
via "National Vulnerability Database".
Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25044 βΌ
π Read
via "National Vulnerability Database".
Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0849 βΌ
π Read
via "National Vulnerability Database".
Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6.π Read
via "National Vulnerability Database".
β Firefox patches two in-the-wild exploits β update now! β
π Read
via "Naked Security".
Firefox just published a double-zero-day patch - "remote code execution" combined with "sandbox escape". Update now!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News