π΄ After a Busy December, Attacks on Log4J Vulnerability Dropped π΄
π Read
via "Dark Reading".
While attackers and researchers shift their attention to the next new vulnerability, security teams make sure they finish patching vulnerable Log4j versions in their applications and services .π Read
via "Dark Reading".
Dark Reading
After a Busy December, Attacks on Log4j Vulnerability Dropped
While attackers and researchers shift their attention to the next new vulnerability, security teams make sure they finish patching vulnerable Log4j versions in their applications and services.
ποΈ Utah privacy bill places tighter controls on consumer data ποΈ
π Read
via "The Daily Swig".
Policymakers move forward with new data privacy legislationπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Utah privacy bill places tighter controls on consumer data
Policymakers move forward with new data privacy legislation
π΄ Why the World Needs a Global Collective Cyber Defense π΄
π Read
via "Dark Reading".
This sort of approach would enable cross-company and cross-sector threat information sharing, an effort that would allow companies to easily turn data into actionable insights.π Read
via "Dark Reading".
Dark Reading
Why the World Needs a Global Collective Cyber Defense
This sort of approach would enable cross-company and cross-sector threat information sharing, an effort that would allow companies to easily turn data into actionable insights.
π€―1
βΌ CVE-2022-0754 βΌ
π Read
via "National Vulnerability Database".
SQL Injection in GitHub repository salesagility/suitecrm prior to 7.12.5.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0755 βΌ
π Read
via "National Vulnerability Database".
Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.12.5.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0756 βΌ
π Read
via "National Vulnerability Database".
Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5.π Read
via "National Vulnerability Database".
β Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape β
π Read
via "Threat Post".
Both vulnerabilities are use-after-free issues in Mozilla's popular web browser.π Read
via "Threat Post".
Threat Post
Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape
Both vulnerabilities are use-after-free issues in Mozilla's popular web browser.
ποΈ Fresh flaws in Facebook Canvas earn bug bounty hunter a second payday ποΈ
π Read
via "The Daily Swig".
Next-level account takeoverπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Fresh flaws in Facebook Canvas earn bug bounty hunter a second payday
Next-level account takeover
β Nvidiaβs Stolen Code-Signing Certs Used to Sign Malware β
π Read
via "Threat Post".
Nvidia certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines.π Read
via "Threat Post".
Threat Post
NVIDIAβs Stolen Code-Signing Certs Used to Sign Malware
NVIDIA certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines.
π΄ Industrial Systems See More Vulnerabilities, Greater Threat π΄
π Read
via "Dark Reading".
The makers of operational technology and connected devices saw reported vulnerabilities grow by half in 2021, but other trends may be more disturbing.π Read
via "Dark Reading".
Dark Reading
Industrial Systems See More Vulnerabilities, Greater Threat
The makers of operational technology and connected devices saw reported vulnerabilities grow by half in 2021, but other trends may be more disturbing.
β Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak β
π Read
via "Threat Post".
The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked.π Read
via "Threat Post".
Threat Post
Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak
The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked.
βΌ CVE-2021-38989 βΌ
π Read
via "National Vulnerability Database".
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212951.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22351 βΌ
π Read
via "National Vulnerability Database".
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged trusted host user to exploit a vulnerability in the nimsh daemon to cause a denial of service in the nimsh daemon on another trusted host. IBM X-Force ID: 220396π Read
via "National Vulnerability Database".
βΌ CVE-2021-38988 βΌ
π Read
via "National Vulnerability Database".
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 212950.π Read
via "National Vulnerability Database".
π SEC Mulling New Cybersecurity Rules π
π Read
via "".
Recently proposed SEC cybersecurity rules could affect how U.S. securities markets, including issuers, registrants, and service providers, approach compliance efforts.π Read
via "".
Digital Guardian
SEC Mulling New Cybersecurity Rules
Recently proposed SEC cybersecurity rules could affect how U.S. securities markets, including issuers, registrants, and service providers, approach compliance efforts.
β Novel Attack Turns Amazon Devices Against Themselves β
π Read
via "Threat Post".
Researchers have discovered how to remotely manipulate the Amazon Echo through its own speakers.π Read
via "Threat Post".
Threat Post
Novel Attack Turns Amazon Devices Against Themselves
Researchers have discovered how to remotely manipulate the Amazon Echo through its own speakers.
π΄ Name That Edge Toon: Animal Instincts π΄
π Read
via "Dark Reading".
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading".
Dark Reading
Name That Edge Toon: Animal Instincts
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
π΄ Samsung Source Code Compromised in Hack π΄
π Read
via "Dark Reading".
Mobile vendor confirms that some source code used with its Galaxy devices was breached.π Read
via "Dark Reading".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π΄ Google in Talks to Acquire Mandiant π΄
π Read
via "Dark Reading".
Last month, Microsoft was interested in buying Mandiant. Now, it's Google that is looking at a deal to boost Google Cloud.π Read
via "Dark Reading".
Dark Reading
Google in Talks to Acquire Mandiant
Last month, Microsoft was interested in buying Mandiant. Now, it's Google that is looking at a deal to boost Google Cloud.
π1
π΄ Trio of Vendors Offer Free Services to Organizations at Risk of Russian Cyberattacks π΄
π Read
via "Dark Reading".
CrowdStrike, Cloudflare, and Ping Identity have teamed up with tools and services for the healthcare, power, and water industries as a way to quickly bolster their security on several fronts.π Read
via "Dark Reading".
Dark Reading
Cloud Security recent news | Dark Reading
Explore the latest news and expert commentary on Cloud Security, brought to you by the editors of Dark Reading
βΌ CVE-2022-24737 βΌ
π Read
via "National Vulnerability Database".
HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didnΓΒ’Γ’βΒ¬ΓΕt distinguish between cookies and hosts they belonged. This behavior resulted in the exposure of some cookies when there are redirects originating from the actual host to a third party website. Users are advised to upgrade. There are no known workarounds.π Read
via "National Vulnerability Database".