π΄ New Attack Shows Weaponized PDF Files Remain a Threat π΄
π Read
via "Dark Reading".
Notable new infection chain uses PDF to embed malicious files, load remote exploits, shellcode encryption, and more, new research shows.π Read
via "Dark Reading".
Dark Reading
New Attack Shows Weaponized PDF Files Remain a Threat
Notable new infection chain uses PDF to embed malicious files, load remote exploits, shellcode encryption, and more, new research shows.
π΄ Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021 π΄
π Read
via "Dark Reading".
But there was a substantial drop in the overall number of critical vulnerabilities that the company disclosed last year, new analysis shows.π Read
via "Dark Reading".
Dark Reading
Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021
But there was a substantial drop in the overall number of critical vulnerabilities that the company disclosed last year, new analysis shows.
βΌ CVE-2022-29333 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file.π Read
via "National Vulnerability Database".
π΄ 'There's No Ceiling': Ransomware's Alarming Growth Signals a New Era, Verizon DBIR Finds π΄
π Read
via "Dark Reading".
Ransomware has become so efficient, and the underground economy so professional, that traditional monetization of stolen data may be on its way out.π Read
via "Dark Reading".
Dark Reading
'There's No Ceiling': Ransomware's Alarming Growth Signals a New Era, Verizon DBIR Finds
Ransomware has become so efficient, and the underground economy so professional, that traditional monetization of stolen data may be on its way out.
β Poisoned Python and PHP packages purloin passwords for AWS access β
π Read
via "Naked Security".
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2022-29337 βΌ
π Read
via "National Vulnerability Database".
C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22497 βΌ
π Read
via "National Vulnerability Database".
IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. IBM X-Force ID: 226951.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29334 βΌ
π Read
via "National Vulnerability Database".
An issue in H v1.0 allows attackers to bypass authentication via a session replay attack.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29349 βΌ
π Read
via "National Vulnerability Database".
kkFileView v4.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url parameter at /controller/OnlinePreviewController.java.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29710 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in uploadConfirm.php of LimeSurvey v5.3.9 and below allows attackers to execute arbitrary web scripts or HTML via a crafted plugin.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29358 βΌ
π Read
via "National Vulnerability Database".
epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in _parse_special_tag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XML file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29362 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29361 βΌ
π Read
via "National Vulnerability Database".
Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29359 βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in /scas/?page=clubs/application_form&id=7 of School Club Application System v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter.π Read
via "National Vulnerability Database".
ποΈ Malicious Python library CTX removed from PyPI repo ποΈ
π Read
via "The Daily Swig".
A suspicious developer appears to have performed a domain hijack to take over the original projectπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Malicious Python library CTX removed from PyPI repo
A suspicious developer appears to have performed a domain hijack to take over the original project
π΄ DBIR Makes a Case for Passwordless π΄
π Read
via "Dark Reading".
Verizon's "2022 Data Breach Investigations Report" repeatedly makes the point that criminals are stealing credentials to carry out their attacks.π Read
via "Dark Reading".
Dark Reading
DBIR Makes a Case for Passwordless
Verizon's "2022 Data Breach Investigations Report" repeatedly makes the point that criminals are stealing credentials to carry out their attacks.
π1
β Zoom Patches βZero-Clickβ RCE Bug β
π Read
via "Threat Post".
The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server.π Read
via "Threat Post".
Threat Post
Zoom Patches βZero-Clickβ RCE Bug
The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server.
β Verizon Report: Ransomware, Human Error Among Top Security Risks β
π Read
via "Threat Post".
2022βs DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur.π Read
via "Threat Post".
Threat Post
Verizon Report: Ransomware, Human Error Among Top Security Risks
2022βs DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur.
ποΈ Tails users warned not to launch bundled Tor Browser until security fix is released ποΈ
π Read
via "The Daily Swig".
Critical vulnerability has been fixed upstream, but Tails dev team βdoesnβt have the capacity to publish an emergency release earlierβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Tails users warned not to launch bundled Tor Browser until security fix is released
Critical vulnerability has been fixed upstream, but Tails dev team βdoesnβt have the capacity to publish an emergency release earlierβ
β Link Found Connecting Chaos, Onyx and Yashma Ransomware β
π Read
via "Threat Post".
A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names.π Read
via "Threat Post".
Threat Post
Link Found Connecting Chaos, Onyx and Yashma Ransomware
A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names.
π΄ DDoS Extortion Attack Flagged as Possible REvil Resurgence π΄
π Read
via "Dark Reading".
A DDoS campaign observed by Akamai from actors claiming to be REvil would represent a major pivot in tactics for the gang.π Read
via "Dark Reading".
Dark Reading
DDoS Extortion Attack Flagged as Possible REvil Resurgence
A DDoS campaign observed by Akamai from actors claiming to be REvil would represent a major pivot in tactics for the gang.