🕴 White House Moves to Shore Up US Post-Quantum Cryptography Posture 🕴
📖 Read
via "Dark Reading".
Biden's executive order pushes new NIST quantum-cryptography standards and directs federal government to move toward quantum-resistant cybersecurity.📖 Read
via "Dark Reading".
Darkreading
White House Moves to Shore Up US Post-Quantum Cryptography Posture
Biden's executive order pushes new NIST quantum-cryptography standards and directs federal government to move toward quantum-resistant cybersecurity.
🕴 Scammer Infects His Own Machine with Spyware, Reveals True Identity 🕴
📖 Read
via "Dark Reading".
An operational slip-up led security researchers to an attacker associated with Nigerian letter scams and malware distribution, after he infected himself with Agent Tesla.📖 Read
via "Dark Reading".
Darkreading
Scammer Infects His Own Machine With Spyware, Reveals True Identity
An operational slip-up led security researchers to an attacker associated with Nigerian letter scams and malware distribution, after he infected himself with Agent Tesla.
🕴 Ikea Canada Breach Exposes 95K Customer Records 🕴
📖 Read
via "Dark Reading".
An unauthorized employee accessed Ikea's customer database, but it's unclear what the intention was.📖 Read
via "Dark Reading".
Darkreading
Ikea Canada Breach Exposes 95K Customer Records
An unauthorized employee accessed Ikea's customer database, but it's unclear what the intention was.
🕴 What We've Learned in the 12 Months Since the Colonial Pipeline Attack 🕴
📖 Read
via "Dark Reading".
The attack may have been "a major wake-up call" about the need for greater resilience in IT environments, but have security teams hit the snooze bar one too many times?📖 Read
via "Dark Reading".
Darkreading
What We've Learned in the 12 Months Since the Colonial Pipeline Attack
The attack may have been "a major wake-up call" about the need for greater resilience in IT environments, but have security teams hit the snooze bar one too many times?
‼ CVE-2021-27767 ‼
📖 Read
via "National Vulnerability Database".
The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28276 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27760 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. An authenticated Sametime chat user could cause Remote Code Execution on another chat client by sending a specially formatted message through chat containing Javascript code.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28279 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28278 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29423 ‼
📖 Read
via "National Vulnerability Database".
Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24099 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27765 ‼
📖 Read
via "National Vulnerability Database".
The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27762 ‼
📖 Read
via "National Vulnerability Database".
Misconfigured security-related HTTP headers: Several security-related headers were missing or mis-configured on the web responses📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24105 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious U3D file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27909 ‼
📖 Read
via "National Vulnerability Database".
In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27784 ‼
📖 Read
via "National Vulnerability Database".
Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in After Effects.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28273 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23802 ‼
📖 Read
via "National Vulnerability Database".
Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive information (remote). The component is: Access to private information and components, possibility to view other users' information. Information disclosure Access to private information and components, possibility to view other users' information.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27766 ‼
📖 Read
via "National Vulnerability Database".
The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24098 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an improper input validation vulnerability when parsing a PCX file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PCX file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27764 ‼
📖 Read
via "National Vulnerability Database".
Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. (WebUI)📖 Read
via "National Vulnerability Database".