π΄ Feds Seize Domains Dealing Stolen Personal Data π΄
π Read
via "Dark Reading".
WeLeakInfo.to and two related domains let users search data stolen in more than 10,000 different breaches.π Read
via "Dark Reading".
Dark Reading
Feds Seize Domains Dealing Stolen Personal Data
WeLeakInfo.to and two related domains let users search data stolen in more than 10,000 different breaches.
π΄ Darktrace's David Masson on What Attacks on Critical Infrastructure Look Like π΄
π Read
via "Dark Reading".
In this Tech Talk, Darktrace's David Masson and Dark Reading's Terry Sweeney discuss the rise of destructive attacks against critical infrastructure.π Read
via "Dark Reading".
Darkreading
Darktrace's David Masson on What Attacks on Critical Infrastructure Look Like
In this Tech Talk, Darktrace's David Masson and Dark Reading's Terry Sweeney discuss the rise of destructive attacks against critical infrastructure.
π΄ 12K Misconfigured Elasticsearch Buckets Ravaged by Extortionists π΄
π Read
via "Dark Reading".
The cloud instances were left open to the public Internet with no authentication, allowing attackers to wipe the data.π Read
via "Dark Reading".
Dark Reading
12K Misconfigured Elasticsearch Buckets Ravaged by Extortionists
The cloud instances were left open to the public Internet with no authentication, allowing attackers to wipe the data.
π΄ Hunting for Threats Using Network Traffic Flows π΄
π Read
via "Dark Reading".
SeclarityIO's NetworkSage platform analyzes network traffic data to identify attacks before they become real problems.π Read
via "Dark Reading".
Dark Reading
Hunting for Threats Using Network Traffic Flows
SeclarityIO's NetworkSage platform analyzes network traffic data to identify attacks before they become real problems.
π΄ FluBot Android Malware Operation Disrupted, Infrastructure Seized π΄
π Read
via "Dark Reading".
Security researchers have described the malware as among the fastest-spreading mobile threats in recent years.π Read
via "Dark Reading".
Dark Reading
FluBot Android Malware Operation Disrupted, Infrastructure Seized
Security researchers have described the malware as among the fastest-spreading mobile threats in recent years.
βΌ CVE-2022-30128 βΌ
π Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30127.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-30190 βΌ
π Read
via "National Vulnerability Database".
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30127 βΌ
π Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30128.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31022 βΌ
π Read
via "National Vulnerability Database".
Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pave way for exploitation of a nodeΓΒ’Γ’β¬ÒβΒ’s filesystem where the bleve index resides, if the user has used bleveΓΒ’Γ’β¬ÒβΒ’s own HTTP (bleve/http) handlers for exposing the access to the indexes. For instance, the CreateIndexHandler (`http/index_create.go`) and DeleteIndexHandler (`http/index_delete.go`) enable an attacker to create a bleve index (directory structure) anywhere where the user running the server has the write permissions and to delete recursively any directory owned by the same user account. Users who have used the bleve/http package for exposing access to bleve index without the explicit handling for the Role Based Access Controls(RBAC) of the index assets would be impacted by this issue. There is no patch for this issue because the http package is purely intended to be used for demonstration purposes. Bleve was never designed handle the RBACs, nor it was ever advertised to be used in that way. The collaborators of this project have decided to stay away from adding any authentication or authorization to bleve project at the moment. The bleve/http package is mainly for demonstration purposes and it lacks exhaustive validation of the user inputs as well as any authentication and authorization measures. It is recommended to not use bleve/http in production use cases.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26905 βΌ
π Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Spoofing Vulnerability.π Read
via "National Vulnerability Database".
π΄ Darktrace's Brianna Leddy on How Ransomware Groups Adapt to New Defenses π΄
π Read
via "Dark Reading".
In this Tech Talk, Darktrace's Brianna Leddy and Dark Reading's Terry Sweeney discuss ways ransomware groups adapt their activities as enterprise security teams evolve their defenses and controls.π Read
via "Dark Reading".
Darkreading
Darktrace's Brianna Leddy on How Ransomware Groups Adapt to New Defenses
In this Tech Talk, Darktrace's Brianna Leddy and Dark Reading's Terry Sweeney discuss ways ransomware groups adapt their activities as enterprise security teams evolve their defenses and controls.
π΄ Managing Extended Software Supply Chain Risks π΄
π Read
via "Dark Reading".
Supply chain woes have dominated headlines, but there's another type of supply chain that's also increasingly at risk: the cloud supply chain.π Read
via "Dark Reading".
Dark Reading
Managing Extended Software Supply Chain Risks
Supply chain woes have dominated headlines, but there's another type of supply chain that's also increasingly at risk: the cloud supply chain.
βΌ CVE-2022-29235 βΌ
π Read
via "National Vulnerability Database".
BigBlueButton is an open source web conferencing system. Starting in version 2.2 and up to versions 2.3.18 and 2.4-rc-6, an attacker who is able to obtain the meeting identifier for a meeting on a server can find information related to an external video being shared, like the current timestamp and play/pause. The problem has been patched in versions 2.3.18 and 2.4-rc-6 by modifying the stream to send the data only for users in the meeting. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29234 βΌ
π Read
via "National Vulnerability Database".
BigBlueButton is an open source web conferencing system. Starting in version 2.2 and up to versions 2.3.18 and 2.4.1, an attacker could send messages to a locked chat within a grace period of 5s after the lock setting was enacted. The attacker needs to be a participant in the meeting. Versions 2.3.18 and 2.4.1 contain a patch for this issue. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29233 βΌ
π Read
via "National Vulnerability Database".
BigBlueButton is an open source web conferencing system. In BigBlueButton starting with 2.2 but before 2.3.18 and 2.4-rc-1, an attacker can circumvent access controls to gain access to all breakout rooms of the meeting they are in. The permission checks rely on knowledge of internal ids rather than on verification of the role of the user. Versions 2.3.18 and 2.4-rc-1 contain a patch for this issue. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29236 βΌ
π Read
via "National Vulnerability Database".
BigBlueButton is an open source web conferencing system. Starting in version 2.2 and up to versions 2.3.18 and 2.4-rc-6, an attacker can circumvent access restrictions for drawing on the whiteboard. The permission check is inadvertently skipped on the server, due to a previously introduced grace period. The attacker must be a meeting participant. The problem has been patched in versions 2.3.18 and 2.4-rc-6. There are currently no known workarounds.π Read
via "National Vulnerability Database".
β Being prepared for adversarial attacks β
π Read
via "Threat Post".
There is no question that the level of threats facing todayβs businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the Threatpost podcast, I am joined by Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, Fortinetβs [β¦]π Read
via "Threat Post".
Threat Post
Being Prepared for Adversarial Attacks β Podcast
There is no question that the level of threats facing todayβs businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the Threatpost podcast, I am joined by Derek Manky, Chief Securityβ¦
ποΈ Insight: Russia is βfailingβ in its mission to destabilize Ukraineβs networks after a series of thwarted cyber-attacks ποΈ
π Read
via "The Daily Swig".
Speaking at WithSecureβs annual conference, Mikko HyppΓΆnen discussed the threat landscape between the two nationsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Insight: Russia is βfailingβ in its mission to destabilize Ukraineβs networks after a series of thwarted cyber-attacks
Speaking at WithSecureβs annual conference, Mikko HyppΓΆnen discussed the threat landscape between the two nations
β International Authorities Take Down Flubot Malware Network β
π Read
via "Threat Post".
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.π Read
via "Threat Post".
Threat Post
International Authorities Take Down Flubot Malware Network
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.
β Scammers Target NFT Discord Channel β
π Read
via "Threat Post".
Hackers escalate phishing and scamming attacks to exploit popular Discord bot and persuade users to click on the malicious links.π Read
via "Threat Post".
Threat Post
Scammers Target NFT Discord Channel
Hackers escalate phishing and scamming attacks to exploit popular Discord bot and persuade users to click on the malicious links.
β Cybercriminals Expand Attack Radius and Ransomware Pain Points β
π Read
via "Threat Post".
Melissa Bischoping, security researcher with Tanium and Infosec Insiders columnist, urges firms to consider the upstream and downstream impact of "triple extortion" ransomware attacks.π Read
via "Threat Post".
Threat Post
Cybercriminals Expand Attack Radius and Ransomware Pain Points
Melissa Bischoping, security researcher with Tanium and Infosec Insiders columnist, urges firms to consider the upstream and downstream impact of "triple extortion" ransomware attacks.