ποΈ Middleboxes now being used for DDoS attacks in the wild, Akamai finds ποΈ
π Read
via "The Daily Swig".
Malicious actors are starting to add TCP middlebox reflection to their arsenalπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Middleboxes now being used for DDoS attacks in the wild, Akamai finds
Malicious actors are starting to add TCP middlebox reflection to their arsenal
β Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads β
π Read
via "Threat Post".
The ever-shifting, ever-more-powerful malware is now hijacking email threads to download malicious DLLs that inject password-stealing code into webpages, among other foul things.π Read
via "Threat Post".
Threat Post
Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads
The ever-shifting, ever-more-powerful malware is now hijacking email threads to download malicious DLLs that inject password-stealing code into webpages, among other foul things.
βΌ CVE-2022-0895 βΌ
π Read
via "National Vulnerability Database".
Static Code Injection in GitHub repository microweber/microweber prior to 1.3.π Read
via "National Vulnerability Database".
π΄ What Security Controls Do I Need for My Kubernetes Cluster? π΄
π Read
via "Dark Reading".
This Tech Tip offers some security controls to embed in your organization's CI/CD pipeline to protect Kubernetes clusters and corporate networks.π Read
via "Dark Reading".
Dark Reading
DR Technology
β Multi-Ransomwared Victims Have It ComingβPodcast β
π Read
via "Threat Post".
Let's blame the victim. IT decision makers' confidence about security doesn't jibe with their concession that repeated incidents are their own fault, says ExtraHop's Jamie Moles.π Read
via "Threat Post".
π RagnarLocker Ransomware Connected to Hacks at 52 Organizations π
π Read
via "".
New guidance from the FBI contains IOCs and technical details on how the ransomware spreads.π Read
via "".
Digital Guardian
RagnarLocker Ransomware Connected to Hacks at 52 Organizations
New guidance from the FBI contains IOCs and technical details on how the ransomware spreads.
β Russia May Use Ransomware Payouts to Avoid Sanctions β
π Read
via "Threat Post".
FinCEN warns financial institutions to beware of unusual cryptocurrency payments or illegal transactions Russia may use to evade restrictions imposed due to its invasion of Ukraine.π Read
via "Threat Post".
Threat Post
Russia May Use Ransomware Payouts to Avoid Sanctionsβ Financial Harm
FinCEN warns financial institutions to be ware of unusual cryptocurrency payments or illegal transactions Russia may use to ease financial hurt from Ukraine-linked sanctions.
π΄ Log4j and Livestock Apps: APT41 Wages Persistent Cyberattack Campaign on US Government π΄
π Read
via "Dark Reading".
The group's attack methods have included exploits for a zero-day vulnerability in a livestock-tracking apps as well as for the Apache Log4 flaw.π Read
via "Dark Reading".
Dark Reading
Log4j and Livestock Apps: APT41 Wages Persistent Cyberattack Campaign on US Government
The group's attack methods have included exploits for a zero-day vulnerability in a livestock-tracking apps as well as for the Apache Log4 flaw.
ποΈ 1Password increases bug bounty reward to $1 million ποΈ
π Read
via "The Daily Swig".
Researchers offered record incentive for vulnerabilities found on Bugcrowd programsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
1Password increases bug bounty reward to $1 million
Researchers offered record incentive for vulnerabilities found on Bugcrowd programs
π΄ Why You Should Be Using CISA's Catalog of Exploited Vulns π΄
π Read
via "Dark Reading".
It's a great starting point for organizations that want to ride the wave of risk-based vulnerability management rather than drowning beneath it.π Read
via "Dark Reading".
Dark Reading
Why You Should Be Using CISA's Catalog of Exploited Vulns
It's a great starting point for organizations that want to ride the wave of risk-based vulnerability management rather than drowning beneath it.
β Most Orgs Would Take Security Bugs Over Ethical Hacking Help β
π Read
via "Threat Post".
A new survey suggests that security is becoming more important for enterprises, but theyβre still falling back on old "security by obscurity" ways.π Read
via "Threat Post".
Threat Post
Most Orgs Would Take Security Bugs Over Ethical Hacking Help
A new survey suggests that security is becoming more important for enterprises, but theyβre still falling back on old "security by obscurity" ways.
ποΈ RagnarLocker ransomware struck 52 critical infrastructure entities within two years β FBI ποΈ
π Read
via "The Daily Swig".
Agency issues mitigation advice to help organizations tighten network defensesπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
RagnarLocker ransomware struck 52 critical infrastructure entities within two years β FBI
Agency issues mitigation advice to help organizations tighten network defenses
π1
β S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast] β
π Read
via "Naked Security".
Latest episode - listen now!π Read
via "Naked Security".
Naked Security
S3 Ep73: Ransomware with a difference, dirty Linux pipes, and much more [Podcast + Transcript]
Latest episode β listen now!
βΌ CVE-2022-0905 βΌ
π Read
via "National Vulnerability Database".
Improper Authorization in GitHub repository go-gitea/gitea prior to 1.16.4.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0906 βΌ
π Read
via "National Vulnerability Database".
Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12.π Read
via "National Vulnerability Database".
π Falco 0.31.1 π
π Read
via "Packet Storm Security".
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.π Read
via "Packet Storm Security".
Packetstormsecurity
Falco 0.31.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Cyber Insurance and Business Risk: How the Relationship Is Changing Reinsurance & Policy Guidance π΄
π Read
via "Dark Reading".
While cyber insurance will continue to exist, it will cost more and cover less β and that's changing the risk your company faces.π Read
via "Dark Reading".
Dark Reading
Cyber Insurance and Business Risk: How the Relationship Is Changing Reinsurance & Policy Guidance
While cyber insurance will continue to exist, it will cost more and cover less β and that's changing the risk your company faces.
βΌ CVE-2022-0725 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in KeePass. The vulnerability occurs due to logging the plain text passwords in the system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2021-43970 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 (1043) via a .mp3;.jsp filename for a file that begins with audio data bytes. It allows an authenticated (low privileged) attacker to execute remote code on the target server within the context of application's permissions (SYSTEM).π Read
via "National Vulnerability Database".
π1
βΌ CVE-2021-34122 βΌ
π Read
via "National Vulnerability Database".
The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference.π Read
via "National Vulnerability Database".
βΌ CVE-2020-14112 βΌ
π Read
via "National Vulnerability Database".
Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000.π Read
via "National Vulnerability Database".