βΌ CVE-2022-25523 βΌ
π Read
via "National Vulnerability Database".
TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is exploited via a crafted POST request.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44905 βΌ
π Read
via "National Vulnerability Database".
Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13-2022 allows a remote attacker to disable the lock via an unauthenticated edit to the lock name.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1071 βΌ
π Read
via "National Vulnerability Database".
User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26198 βΌ
π Read
via "National Vulnerability Database".
Notable v1.8.4 does not filter text editing, allowing attackers to execute arbitrary code via a crafted payload injected into the Title text field.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26620 βΌ
π Read
via "National Vulnerability Database".
Akeo Consulting Rufus Executable 3.17.1846 and Rufus Portable Executable 3.17p were discovered to allow attackers to execute arbitrary code or escalate privileges via placing a crafted x86 DLL in the same directory as other executables.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26200 βΌ
π Read
via "National Vulnerability Database".
Technitium Installer v4.4 was discovered to allow attackers to execute arbitrary code or escalate privileges via placing a crafted DLL in the same directory as the current installer.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26205 βΌ
π Read
via "National Vulnerability Database".
Marky commit 3686565726c65756e was discovered to contain a remote code execution (RCE) vulnerability via the Display text fields. This vulnerability allows attackers to execute arbitrary code via injection of a crafted payload.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27948 βΌ
π Read
via "National Vulnerability Database".
Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26245 βΌ
π Read
via "National Vulnerability Database".
Falcon-plus v0.3 was discovered to contain a SQL injection vulnerability via the parameter grpName in /config/service/host.go.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1106 βΌ
π Read
via "National Vulnerability Database".
use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.π Read
via "National Vulnerability Database".
π’ F-Secure launches WithSecure, spinning off entire enterprise portfolio π’
π Read
via "ITPro".
After years of trying to integrate business and consumer streams, F-Secure signals a complete split will help both new entities focus on their customers and industry relevanceπ Read
via "ITPro".
IT PRO
F-Secure launches WithSecure, spinning off entire enterprise portfolio | IT PRO
After years of trying to integrate business and consumer streams, F-Secure signals a complete split will help both new entities focus on their customers and industry relevance
π’ The keys to catching a cyber crook π’
π Read
via "ITPro".
Why greed, carelessness and an itch for glory are highly exploitable chinks in a cyber criminal's armourπ Read
via "ITPro".
IT PRO
The keys to catching a cyber crook | IT PRO
Why greed, carelessness and an itch for glory are highly exploitable chinks in a cyber criminal's armour
π’ EU proposes new bloc-wide cyber security regulations π’
π Read
via "ITPro".
The Computer Emergency Response Team for the EU institutions, bodies, offices, and agencies (CERT-EU) will be renamed as the βCybersecurity Centre'π Read
via "ITPro".
IT PRO
EU proposes new bloc-wide cyber security regulations | IT PRO
The Computer Emergency Response Team for the EU institutions, bodies, offices, and agencies (CERT-EU) will be renamed as the βCybersecurity Centre'
π’ Linux botnet spreads using Log4Shell flaw π’
π Read
via "ITPro".
The malware uses DNS tunnelling to communicate with its C2 control serverπ Read
via "ITPro".
IT PRO
Linux botnet spreads using Log4Shell flaw | IT PRO
The malware uses DNS tunnelling to communicate with its C2 control server
π’ How a platform approach to security monitoring initiatives adds value π’
π Read
via "ITPro".
Integration, orchestration, analytics, automation, and the need for speedπ Read
via "ITPro".
IT PRO
How a platform approach to security monitoring initiatives adds value
Integration, orchestration, analytics, automation, and the need for speed
π’ Hackers spotted using CAPTCHAs to dodge email security scanners π’
π Read
via "ITPro".
The technique allows hackers to hide malicious links in HTML filesπ Read
via "ITPro".
IT PRO
Hackers spotted using CAPTCHAs to dodge email security scanners | IT PRO
The technique allows hackers to hide malicious links in HTML files
π’ Okta confirms investigation into alleged LAPSUS$ security breach π’
π Read
via "ITPro".
Businesses are now on high alert as the hackers claim to have had full admin access to the back-end of identity and authentication provider Okta for at least two monthsπ Read
via "ITPro".
IT PRO
Okta concludes investigation into alleged LAPSUS$ security breach | IT PRO
After security alarm bells rang following an undisclosed months-old breach, Okta's investigation concluded that the impact was less severe than first feared
π’ Ransomware strikes Scottish mental health charity π’
π Read
via "ITPro".
The RansomEXX cyber criminals have claimed responsibility for the hack which led to more than 12GB of sensitive data being leaked to the dark webπ Read
via "ITPro".
IT PRO
Ransomware strikes Scottish mental health charity | IT PRO
The RansomEXX cyber criminals have claimed responsibility for the hack which led to more than 12GB of sensitive data being leaked to the dark web
π’ EU and US reach agreement on Privacy Shield replacement π’
π Read
via "ITPro".
Privacy campaigner Max Schrems suggests the deal amounts to a "patchwork approach" that will ultimately failπ Read
via "ITPro".
IT PRO
EU and US reach agreement on Privacy Shield replacement | IT PRO
Privacy campaigner Max Schrems suggests the deal amounts to a "patchwork approach" that will ultimately fail
π’ McAfee Enterpriseβs SSE business rebrands to Skyhigh Security π’
π Read
via "ITPro".
The new organisation will provide a βcomprehensive and convergedβ approach to data security, Symphony Technology Group saysπ Read
via "ITPro".
IT PRO
McAfee Enterpriseβs SSE business rebrands to Skyhigh Security | IT PRO
The new organisation will provide a βcomprehensive and convergedβ approach to data security, Symphony Technology Group says
π’ Open source dev attacked for spreading data-wiping 'protestware' π’
π Read
via "ITPro".
Developer denies wiping users' drives in spite of detailed code analysisπ Read
via "ITPro".
IT PRO
Open source dev attacked for spreading data-wiping 'protestware' | IT PRO
Developer denies wiping users' drives in spite of detailed code analysis