π΄ Criminal IP Cybersecurity Search Engine Launches First Beta Test π΄
π Read
via "Dark Reading".
Criminal IP visualizes all IT assets connected to the Internet based on IP addresses held by companies and individuals.π Read
via "Dark Reading".
Dark Reading
Criminal IP Cybersecurity Search Engine Launches First Beta Test
Criminal IP visualizes all IT assets connected to the Internet based on IP addresses held by companies and individuals.
π€―1
π΄ United States Leads Seizure of One of the Worldβs Largest Hacker Forums and Arrests Administrator π΄
π Read
via "Dark Reading".
Court records unsealed Tuesday indicate that the United States recently obtained judicial authorization to seize three domains that long hosted the RaidForums website.π Read
via "Dark Reading".
Darkreading
United States Leads Seizure of One of the Worldβs Largest Hacker Forums and Arrests Administrator
Court records unsealed Tuesday indicate that the United States recently obtained judicial authorization to seize three domains that long hosted the RaidForums website.
π΄ Datto to be Acquired by Kaseya for $6.2 Billion π΄
π Read
via "Dark Reading".
Funding led by Insight Partners.π Read
via "Dark Reading".
Darkreading
Datto to be Acquired by Kaseya for $6.2 Billion
Funding led by Insight Partners.
π΄ Intertrust Adds Security for IoT Devices in Zero-Trust Architectures to Intertrust Platform π΄
π Read
via "Dark Reading".
New features provide for end-to-end security and interoperability between data operations and multivendor IoT devices.π Read
via "Dark Reading".
Darkreading
Intertrust Adds Security for IoT Devices in Zero-Trust Architectures to Intertrust Platform
New features provide for end-to-end security and interoperability between data operations and multivendor IoT devices.
βΌ CVE-2022-1339 βΌ
π Read
via "National Vulnerability Database".
SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the dataπ Read
via "National Vulnerability Database".
ποΈ African banking sector targeted by malware-based phishing campaign ποΈ
π Read
via "The Daily Swig".
Attackers use HTML smuggling techniques to hide malicious files in fake job opportunitiesπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
African banking sector targeted by malware-based phishing campaign
Attackers use HTML smuggling techniques to hide malicious files in fake job opportunities
βΌ CVE-2020-29653 βΌ
π Read
via "National Vulnerability Database".
Froxlor through 0.10.22 does not perform validation on user input passed in the customermail GET parameter. The value of this parameter is reflected in the login webpage, allowing the injection of arbitrary HTML tags.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27475 βΌ
π Read
via "National Vulnerability Database".
Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24308 βΌ
π Read
via "National Vulnerability Database".
Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43742 βΌ
π Read
via "National Vulnerability Database".
CMSimple 5.4 is vulnerable to Cross Site Scripting (XSS) via the file upload feature.π Read
via "National Vulnerability Database".
π΄ Identifying a Vulnerability in the SAP Software Supply Chain π΄
π Read
via "Dark Reading".
Make sure you're using the patch to block this supply chain attack.π Read
via "Dark Reading".
Darkreading
Identifying a Vulnerability in the SAP Software Supply Chain
Make sure you're using the patch to block this supply chain attack.
β Hospital robot system gets five critical security holes patched β
π Read
via "Naked Security".
Fortunately, we're not talking about a robot revolution, or about hospital AI run amuck. But these bugs could lead to ransomware, or worse...π Read
via "Naked Security".
Naked Security
Hospital robot system gets five critical security holes patched
Fortunately, weβre not talking about a robot revolution, or about hospital AI run amuck. But these bugs could lead to ransomware, or worseβ¦
ποΈ Git security vulnerabilities prompt updates ποΈ
π Read
via "The Daily Swig".
Windows users at highest risk from security bugs in software development toolπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Git security vulnerabilities prompt updates
Windows users at highest risk from security bugs in software development tool
β Feds Shut Down RaidForums Hacking Marketplace β
π Read
via "Threat Post".
The DoJ is charging its founder, 21-year-old Portuguese citizen Diogo Santos Coelho, on six criminal counts, including conspiracy, access device fraud and aggravated identity theft.π Read
via "Threat Post".
Threat Post
Feds Shut Down RaidForums Hacking Marketplace
The DoJ is charging its founder, 21-year-old Portuguese citizen Diogo Santos Coelho, on six criminal counts, including conspiracy, access device fraud and aggravated identity theft.
βοΈ Microsoft Patch Tuesday, April 2022 Edition βοΈ
π Read
via "Krebs on Security".
Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National Security Agency (NSA).π Read
via "Krebs on Security".
Krebsonsecurity
Microsoft Patch Tuesday, April 2022 Edition
Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, accordingβ¦
βΌ CVE-2022-28052 βΌ
π Read
via "National Vulnerability Database".
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46167 βΌ
π Read
via "National Vulnerability Database".
An access control issue in the authentication module of wizplat PD065 v1.19 allows attackers to access sensitive data and cause a Denial of Service (DoS).π Read
via "National Vulnerability Database".
βΌ CVE-2022-26144 βΌ
π Read
via "National Vulnerability Database".
An XSS issue was discovered in MantisBT before 2.25.3. Improper escaping of a Plugin name allows execution of arbitrary code (if CSP allows it) in manage_plugin_page.php and manage_plugin_uninstall.php when a crafted plugin is installed.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43741 βΌ
π Read
via "National Vulnerability Database".
CMSimple 5.4 is vulnerable to Directory Traversal. The vulnerability exists when a user changes the file name to malicious file on config.php leading to remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27256 βΌ
π Read
via "National Vulnerability Database".
An open redirect vulnerability in Hubzilla before version 7.2 allows remote attackers to redirect a logged in user to an arbitrary URL via the rpath parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26643 βΌ
π Read
via "National Vulnerability Database".
An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application.π Read
via "National Vulnerability Database".