β Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops β
π Read
via "Threat Post".
Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizationsβ networks for further malicious activity.π Read
via "Threat Post".
Threat Post
Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops
Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizationsβ networks for further malicious activity.
ποΈ Workaround offered for unpatched HTML-to-PDF rendering vulnerability ποΈ
π Read
via "The Daily Swig".
Security flaws exposed in popular dompdf PHP libraryπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Workaround offered for unpatched HTML-to-PDF rendering vulnerability
Security flaws exposed in popular dompdf PHP library
π1
βΌ CVE-2022-24772 βΌ
π Read
via "National Vulnerability Database".
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-24771 βΌ
π Read
via "National Vulnerability Database".
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24773 βΌ
π Read
via "National Vulnerability Database".
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.π Read
via "National Vulnerability Database".
π1
π΄ Satellite Networks Worldwide at Risk of Possible Cyberattacks, FBI & CISA Warn π΄
π Read
via "Dark Reading".
Agencies provide mitigation steps to protect satellite communication (SATCOM) networks amid "current geopolitical situation."π Read
via "Dark Reading".
Dark Reading
Satellite Networks Worldwide at Risk of Possible Cyberattacks, FBI & CISA Warn
Agencies provide mitigation steps to protect satellite communication (SATCOM) networks amid "current geopolitical situation."
β Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet β
π Read
via "Threat Post".
The Russian-speaking APT behind the NotPetya attacks and the Ukrainian power grid takedown could be setting up for additional sinister attacks, researchers said.π Read
via "Threat Post".
Threat Post
Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet
The Russian-speaking APT behind the NotPetya attacks and the Ukrainian power grid takedown could be setting up for additional sinister attacks, researchers said.
β S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast] β
π Read
via "Naked Security".
Latest episode - listen now!π Read
via "Naked Security".
Naked Security
S3 Ep74: Cybercrime busts, Apple patches, Pi Day, and disconnect effects [Podcast]
Latest episode β listen now!
βΌ CVE-2022-24637 βΌ
π Read
via "National Vulnerability Database".
Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php (instead of the intended "<?php sequence) aren't handled by the PHP interpreter.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2021-39046 βΌ
π Read
via "National Vulnerability Database".
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5 and 8.6 stores user credentials in plain clear text which can be read by a lprivileged user. IBM X-Force ID: 214346.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29899 βΌ
π Read
via "National Vulnerability Database".
IBM Engineering Requirements Quality Assistant prior to 3.1.3 could allow an authenticated user to cause a denial of service. IBM X-Force ID: 207413.π Read
via "National Vulnerability Database".
β OpenSSL patches infinite-loop DoS bug in certificate verification β
π Read
via "Naked Security".
When it comes to writing loops in your code... never sit on the fence!π Read
via "Naked Security".
Naked Security
OpenSSL patches infinite-loop DoS bug in certificate verification
When it comes to writing loops in your code⦠never sit on the fence!
π Friday Five 3/18 π
π Read
via "".
How HIPAA can help mitigate cyberattacks, killing the password, and more - catch up on the infosec news of the week with the Friday Five!π Read
via "".
π΄ Security Teams Struggle to Get Started With Zero Trust π΄
π Read
via "Dark Reading".
Nearly a third of respondents in a Dark Reading survey on endpoint security strategy say zero trust is too confusing to implement.π Read
via "Dark Reading".
Dark Reading
Security Teams Struggle to Get Started With Zero Trust
Nearly a third of respondents in a Dark Reading survey on endpoint security strategy say zero trust is too confusing to implement.
β DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data β
π Read
via "Threat Post".
A DarkHotel phishing campaign breached luxe hotel networks, including Wynn Palace and the Grand Coloane Resort in Macao, a new report says.π Read
via "Threat Post".
Threat Post
DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data
A DarkHotel phishing campaign breached luxe hotel networks, including Wynn Palace and the Grand Coloane Resort in Macao, a new report says.
π΄ Menlo Security: Less Than Three in 10 Organizations Are Equipped to Combat Growing Wave of Web-Based Cyber Threats π΄
π Read
via "Dark Reading".
Report finds that 62 percent of IT decision makers have suffered a browser-based attack in the past 12 months.π Read
via "Dark Reading".
Dark Reading
Menlo Security: Less Than Three in 10 Organizations Are Equipped to Combat Growing Wave of Web-Based Cyber Threats
Report finds that 62 percent of IT decision makers have suffered a browser-based attack in the past 12 months.
π΄ A Chance to Raise Shields Right π΄
π Read
via "Dark Reading".
CISA's "Shields Up" alert provides urgency β and opportunity β for supply chain conversations.π Read
via "Dark Reading".
Dark Reading
A Chance to Raise Shields Right
CISA's "Shields Up" alert provides urgency β and opportunity β for supply chain conversations.
π΄ CyCognito Launches Exploit Intelligence π΄
π Read
via "Dark Reading".
Risk intelligence solution provides insight, visibility, and guidance to identify, prioritize, and remediate vulnerabilities like Log4jπ Read
via "Dark Reading".
Dark Reading
CyCognito Launches Exploit Intelligence
Risk intelligence solution provides insight, visibility, and guidance to identify, prioritize, and remediate vulnerabilities like Log4j
βΌ CVE-2022-22611 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22617 βΌ
π Read
via "National Vulnerability Database".
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22656 βΌ
π Read
via "National Vulnerability Database".
An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in userΓ’β¬β’s desktop from the fast user switching screen.π Read
via "National Vulnerability Database".