βΌ CVE-2022-21213 βΌ
π Read
via "National Vulnerability Database".
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively is not checked, leading to exploiting this vulnerability. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7792](https://security.snyk.io/vuln/SNYK-JS-MOUT-1014544).π Read
via "National Vulnerability Database".
βΌ CVE-2022-22138 βΌ
π Read
via "National Vulnerability Database".
All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation.π Read
via "National Vulnerability Database".
βΌ CVE-2022-21503 βΌ
π Read
via "National Vulnerability Database".
Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle Cloud Infrastructure accessible data. All affected customers were notified of CVE-2022-21503 by Oracle. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)π Read
via "National Vulnerability Database".
βΌ CVE-2022-33981 βΌ
π Read
via "National Vulnerability Database".
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46822 βΌ
π Read
via "National Vulnerability Database".
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46823 βΌ
π Read
via "National Vulnerability Database".
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33987 βΌ
π Read
via "National Vulnerability Database".
The got package before 12.1.0 for Node.js allows a redirect to a UNIX socket.π Read
via "National Vulnerability Database".
π’ Mozilla adds 'Total Cookie Protection' to its browser π’
π Read
via "ITPro".
The new function will separate cookies into a "cookie jar" and prevent user trackingπ Read
via "ITPro".
IT PRO
Mozilla adds 'Total Cookie Protection' to its browser | IT PRO
The new function will separate cookies into a "cookie jar" and prevent user tracking
π’ Businesses need to be more aggressive with their cyber security, Cisco warns π’
π Read
via "ITPro".
Government warnings of Ukraine-Russia cyber war spillover must be heeded in order to stay safeπ Read
via "ITPro".
IT PRO
Businesses need to be more aggressive with their cyber security, Cisco warns | IT PRO
Government warnings of Ukraine-Russia cyber war spillover must be heeded in order to stay safe
π’ IT Pro News In Review: UK 4 day week, ransomware payment rise, IBM cut ties with Russia π’
π Read
via "ITPro".
Catch up on the biggest headlines of the week in just two minutesπ Read
via "ITPro".
IT PRO
IT Pro News In Review: UK 4 day week, ransomware payment rise, IBM cut ties with Russia
Catch up on the biggest headlines of the week in just two minutes
π’ Microsoft silent patches called βa grossly irresponsible policyβ π’
π Read
via "ITPro".
Cyber security company Tenable said that the tech giant is putting customers at risk after it found two bugs in Microsoft Azure analytics software, one of which users werenβt made aware ofπ Read
via "ITPro".
ITPro
Microsoft silent patches called βa grossly irresponsible policyβ
Cyber security company Tenable said that the tech giant is putting customers at risk after it found two bugs in Microsoft Azure analytics software, one of which users werenβt made aware of
π’ Using Google Takeout to reclaim your data π’
π Read
via "ITPro".
Everyone knows your data drives the Google machine, but now you can find out exactly what it holds on youπ Read
via "ITPro".
IT PRO
Using Google Takeout to reclaim your data | IT PRO
Everyone knows your data drives the Google machine, but now you can find out exactly what it holds on you
π’ Microsoft bolsters threat intelligence capabilities with Miburo acquisition π’
π Read
via "ITPro".
Cyber threat and research firm will tackle malicious foreign information campaigns as part of Microsoftβs Customer Security and Trust organizationπ Read
via "ITPro".
channelpro
Microsoft bolsters threat intelligence capabilities with Miburo acquisition
Cyber threat and research firm will tackle malicious foreign information campaigns as part of Microsoftβs Customer Security and Trust organization
π’ Atos looks to split up cyber security division as CEO exits π’
π Read
via "ITPro".
The company is set to split into two but so far the news hasnβt been taken well by investors as shares are down by nearly 20%π Read
via "ITPro".
IT PRO
Atos looks to split up cyber security division as CEO exits | IT PRO
The company is set to split into two but so far the news hasnβt been taken well by investors as shares are down by nearly 20%
π’ Proofpoint details 'dangerous' ransomware flaw in SharePoint and OneDrive π’
π Read
via "ITPro".
Functionality allows ransomware to encrypt files stored on SharePoint and OneDrive to make them potentially unrecoverable, vendor saysπ Read
via "ITPro".
IT PRO
Proofpoint details 'dangerous' ransomware flaw in SharePoint and OneDrive | IT PRO
Functionality allows ransomware to encrypt files stored on SharePoint and OneDrive to make them potentially unrecoverable, vendor says
π’ TSA greenlights trials for Pangiamβs AI-based baggage screening solution in Arlington π’
π Read
via "ITPro".
The solution is intended to make air travel safer by discerning forbidden items in carry-on baggage in real timeπ Read
via "ITPro".
IT PRO
TSA greenlights trials for Pangiamβs AI-based baggage screening solution in Arlington | IT PRO
The solution is intended to make air travel safer by discerning forbidden items in carry-on baggage in real time
π’ What is phishing as a service (Phaas)? π’
π Read
via "ITPro".
With phishing as a service attacks surging, we explain what this low-cost, off-the-shelf method of targeting businesses is and why itβs growing in popularityπ Read
via "ITPro".
IT PRO
The rise of phishing as a service (PhaaS) and how to tackle it | IT PRO
With phishing as a service attacks surging, we explain what this low-cost, off-the-shelf method of targeting businesses is and why itβs growing in popularity
π’ A guide to cyber security certification and training π’
π Read
via "ITPro".
Cyber security skills are in demand from every organisation, but what training and certification is needed?π Read
via "ITPro".
IT PRO
A guide to cyber security certification and training | IT PRO
Cyber security skills are in demand from every organisation, but what training and certification is needed?
π’ Deepfake attacks expected to be next major threat to businesses π’
π Read
via "ITPro".
Ciscoβs cyber security experts agreed that social norms may also become βsuper weirdβ as a resultπ Read
via "ITPro".
IT PRO
Deepfake attacks expected to be next major threat to businesses | IT PRO
Ciscoβs cyber security experts agreed that social norms may also become βsuper weirdβ as a result
π’ Cisco unveils new βintelligentβ approach to networking with brace of product launches π’
π Read
via "ITPro".
Cloud Management for Cisco Catalyst and Cisco Nexus both aim to bring deeper insights and ease the burden of IT teamsπ Read
via "ITPro".
IT PRO
Cisco unveils new βintelligentβ approach to networking with brace of product launches | IT PRO
Cloud Management for Cisco Catalyst and Cisco Nexus both aim to bring deeper insights and ease the burden of IT teams
π’ IT Pro News In Review: Frontier Supercomputer, BT and Ericsson offer 5G, and Italy warns of hacks π’
π Read
via "ITPro".
Catch up on the biggest headlines of the week in just two minutesπ Read
via "ITPro".
IT PRO
IT Pro News In Review: Frontier Supercomputer, BT and Ericsson offer 5G, and Italy warns of hacks
Catch up on the biggest headlines of the week in just two minutes