βΌ CVE-2022-0667 βΌ
π Read
via "National Vulnerability Database".
When the vulnerability is triggered the BIND process will exit. BIND 9.18.0π Read
via "National Vulnerability Database".
βΌ CVE-2022-1036 βΌ
π Read
via "National Vulnerability Database".
Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12.π Read
via "National Vulnerability Database".
β Serpent Backdoor Slithers into Orgs Using Chocolatey Installer β
π Read
via "Threat Post".
An unusual attack using an open-source Python package installer called Chocolatey, steganography and Scheduled Tasks is stealthily delivering spyware to companies.π Read
via "Threat Post".
Threat Post
Serpent Backdoor Slithers into Orgs Using Chocolatey Installer
An unusual attack using an open-source package installer called Chocolatey, steganography and Scheduled Tasks is stealthily delivering spyware to companies.
β FIDO: Hereβs Another Knife to Help Murder Passwords β
π Read
via "Threat Post".
After years of promising a passwordless future β really, any day now! β FIDO is proposing tweaks to WebAuthn that could put us out of password misery. Experts arenβt so sure.π Read
via "Threat Post".
Threat Post
FIDO: Hereβs Another Knife to Help Murder Passwords
After a decade of promising passwords will die β really, any day now! β a new FIDO paper describes tweaks to WebAuthn that could put us out of password misery. Experts arenβt so sure.
ποΈ Scottish mental health charity disrupted by βsophisticatedβ cyber-attack ποΈ
π Read
via "The Daily Swig".
Organization is βdevastatedβ over security incidentπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Scottish mental health charity disrupted by βsophisticatedβ cyber-attack
Organization is βdevastatedβ over security incident
βοΈ βSpam Nationβ Villain Vrublevsky Charged With Fraud βοΈ
π Read
via "Krebs on Security".
Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book "Spam Nation," was arrested in Moscow this month and charged with fraud. Russian authorities allege Vrublevsky operated several fraudulent SMS-based payment schemes, and facilitated money laundering for Hydra, the largest Russian darknet market. But according to information obtained by KrebsOnSecurity, it is equally likely Vrublevsky was arrested thanks to his propensity for carefully documenting the links between Russia's state security services and the cybercriminal underground.π Read
via "Krebs on Security".
Krebs on Security
βSpam Nationβ Villain Vrublevsky Charged With Fraud
Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book "Spam Nation," was arrested in Moscow this month and charged with fraud. Russian authorities allege Vrublevsky operated several fraudulent SMS-basedβ¦
π΄ Zscaler Unveils Security Service Edge Innovations to Protect Enterprises From Cyberattacks π΄
π Read
via "Dark Reading".
Advancements to the most deployed ZTNA solution strengthen the Zscaler Zero Trust Exchange with new private app protection, deception, and privileged remote access capabilities.π Read
via "Dark Reading".
Dark Reading
Zscaler Unveils Security Service Edge Innovations to Protect Enterprises From Cyberattacks
Advancements to the most deployed ZTNA solution strengthen the Zscaler Zero Trust Exchange with new private app protection, deception, and privileged remote access capabilities.
π΄ Checkmarx Launches Comprehensive Supply Chain Security Solution π΄
π Read
via "Dark Reading".
Now available for use with Checkmarx Software Composition Analysis (SCA), the solution restores trust in modern application development while letting developers embrace open source code.π Read
via "Dark Reading".
Dark Reading
Checkmarx Launches Comprehensive Supply Chain Security Solution
Now available for use with Checkmarx Software Composition Analysis (SCA), the solution restores trust in modern application development while letting developers embrace open source code.
π΄ Trustero Exits Stealth Mode and Launches its Compliance as a Service Platform π΄
π Read
via "Dark Reading".
Proven best practices create integrity and trustworthiness.π Read
via "Dark Reading".
Dark Reading
Trustero Exits Stealth Mode and Launches its Compliance as a Service Platform
Proven best practices create integrity and trustworthiness.
π΄ Logpoint Unleashes SaaS-Delivered Converged SIEM π΄
π Read
via "Dark Reading".
Only solution to deliver integrated cloud-based SIEM, SOAR, and UEBA services directly to organizations of all sizes.π Read
via "Dark Reading".
Dark Reading
Logpoint Unleashes SaaS-Delivered Converged SIEM
Only solution to deliver integrated cloud-based SIEM, SOAR, and UEBA services directly to organizations of all sizes.
β Russia Lays Groundwork for Cyberattacks on US Infrastructure β White House β
π Read
via "Threat Post".
"Evolving intelligence" shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said -- but researchers warn that many orgs are not prepared.π Read
via "Threat Post".
Threat Post
Russia Lays Groundwork for Cyberattacks on US Infrastructure β White House
"Evolving intelligence" shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said β but researchers warn that many orgs are not prepared.
ποΈ Okta investigates LAPSUS$ gangβs compromise claims ποΈ
π Read
via "The Daily Swig".
Attackers purportedly said βfocus was only on Okta customersβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Okta investigates LAPSUS$ gangβs compromise claims
Attackers purportedly said βfocus was only on Okta customersβ
βΌ CVE-2022-24764 βΌ
π Read
via "National Vulnerability Database".
PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API `pjmedia_sdp_print(), pjmedia_sdp_media_print()`. Applications that do not use PJSUA2 and do not directly call `pjmedia_sdp_print()` or `pjmedia_sdp_media_print()` should not be affected. A patch is available on the `master` branch of the `pjsip/pjproject` GitHub repository. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43650 βΌ
π Read
via "National Vulnerability Database".
WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter used to set the username during the login process.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24774 βΌ
π Read
via "National Vulnerability Database".
CycloneDX BOM Repository Server is a bill of materials (BOM) repository server for distributing CycloneDX BOMs. CycloneDX BOM Repository Server before version 2.0.1 has an improper input validation vulnerability leading to path traversal. A malicious user may potentially exploit this vulnerability to create arbitrary directories or a denial of service by deleting arbitrary directories. The vulnerability is resolved in version 2.0.1. The vulnerability is not exploitable with the default configuration with the post and delete methods disabled. This can be configured by modifying the `appsettings.json` file, or alternatively, setting the environment variables `ALLOWEDMETHODS__POST` and `ALLOWEDMETHODS__DELETE` to `false`.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-25484 βΌ
π Read
via "National Vulnerability Database".
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-21718 βΌ
π Read
via "National Vulnerability Database".
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` allows renderers to obtain access to a bluetooth device via the web bluetooth API if the app has not configured a custom `select-bluetooth-device` event handler. This has been patched and Electron versions `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` contain the fix. Code from the GitHub Security Advisory can be added to the app to work around the issue.π Read
via "National Vulnerability Database".
π΄ Red Canary's Annual Threat Detection Report Reveals Top Threats and Techniques Targeting Most Organizations π΄
π Read
via "Dark Reading".
Report analyzes 30,000 threats in customer environments to uncover the trends, threats and techniques that comprised the 2021 threat landscape.π Read
via "Dark Reading".
Dark Reading
Red Canary's Annual Threat Detection Report Reveals Top Threats and Techniques Targeting Most Organizations
Report analyzes 30,000 threats in customer environments to uncover the trends, threats and techniques that comprised the 2021 threat landscape.
π΄ Ransomware Group Claims Major Okta Breach π΄
π Read
via "Dark Reading".
Screenshots that ransomware gang Lapsus$ released this week suggest the threat actor also stole Microsoft source code.π Read
via "Dark Reading".
Dark Reading
Ransomware Group Claims Major Okta Breach
Screenshots that ransomware gang Lapsus$ released this week suggest the threat actor also stole Microsoft source code.
βΌ CVE-2022-1031 βΌ
π Read
via "National Vulnerability Database".
Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26188 βΌ
π Read
via "National Vulnerability Database".
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via /setting/NTPSyncWithHost.π Read
via "National Vulnerability Database".