ποΈ Dozens of cryptography libraries vulnerable to private key theft ποΈ
π Read
via "The Daily Swig".
Signing mechanism security shortcomings exposedπ Read
via "The Daily Swig".
π MIMEDefang Email Scanner 3.0 π
π Read
via "Packet Storm Security".
MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.π Read
via "Packet Storm Security".
Packetstormsecurity
MIMEDefang Email Scanner 3.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π American Fuzzy Lop plus plus 4.01c π
π Read
via "Packet Storm Security".
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.π Read
via "Packet Storm Security".
Packetstormsecurity
American Fuzzy Lop plus plus 4.01c β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Ransomware Volume Nearly Doubles 2021 Totals in a Single Quarter π΄
π Read
via "Dark Reading".
Like a hydra, every time one ransomware gang drops out (REvil or Conti), plenty more step up to fill the void (Black Basta).π Read
via "Dark Reading".
Dark Reading
Ransomware Volume Nearly Doubles 2021 Totals in a Single Quarter
Like a hydra, every time one ransomware gang drops out (REvil or Conti), plenty more step up to fill the void (Black Basta).
βΌ CVE-2022-0085 βΌ
π Read
via "National Vulnerability Database".
Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23763 βΌ
π Read
via "National Vulnerability Database".
Origin validation error vulnerability in NeoRSΓ’β¬β’s ActiveX moudle allows attackers to download and execute arbitrary files. Remote attackers can use this vulerability to encourage users to access crafted web pages, causing damage such as malicious code infections.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30560 βΌ
π Read
via "National Vulnerability Database".
When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30561 βΌ
π Read
via "National Vulnerability Database".
When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in, the attacker could log in to the device by replaying the user's login packet.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30562 βΌ
π Read
via "National Vulnerability Database".
If the user enables the https function on the device, an attacker can modify the userΓ’β¬β’s request data packet through a man-in-the-middle attack ,Injection of a malicious URL in the Host: header of the HTTP Request results in a 302 redirect to an attacker-controlled page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30563 βΌ
π Read
via "National Vulnerability Database".
When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet.π Read
via "National Vulnerability Database".
π΄ A WAF Is Not a Free Lunch: Teaching the Shift-Left Security Mindset π΄
π Read
via "Dark Reading".
Developers need to think like WAF operators for security. Start with secure coding and think of Web application firewalls not as a prophylactic but as part of the secure coding test process.π Read
via "Dark Reading".
Dark Reading
A WAF Is Not a Free Lunch: Teaching the Shift-Left Security Mindset
Developers need to think like WAF operators for security. Start with secure coding and think of Web application firewalls not as a prophylactic but as part of the secure coding test process.
π΄ Can Zero-Knowledge Crypto Solve Our Password Problems? π΄
π Read
via "Dark Reading".
Creating temporary keys that are not stored in central repositories and time out automatically could improve security for even small businesses.π Read
via "Dark Reading".
Dark Reading
Can Zero-Knowledge Cryptography Solve Our Password Problems?
Creating temporary keys that are not stored in central repositories and time out automatically could improve security for even small businesses.
π΄ Atlassian Confluence Exploits Peak at 100K Daily π΄
π Read
via "Dark Reading".
Swarms of breach attempts against the Atlassian Confluence vulnerability are likely to continue for years, researchers say, averaging 20,000 attempts daily as of this week.π Read
via "Dark Reading".
Dark Reading
Atlassian Confluence Exploits Peak at 100K Daily
Swarms of breach attempts against the Atlassian Confluence vulnerability are likely to continue for years, researchers say, averaging 20,000 attempts daily as of this week.
βΌ CVE-2022-0987 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40553 βΌ
π Read
via "National Vulnerability Database".
piwigo 11.5.0 is affected by a remote code execution (RCE) vulnerability in the LocalFiles Editor.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33108 βΌ
π Read
via "National Vulnerability Database".
XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3779 βΌ
π Read
via "National Vulnerability Database".
A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31052 βΌ
π Read
via "National Vulnerability Database".
Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the request causing the problem, but in other cases the Synapse process may crash altogether. It is possible to exploit this maliciously, either by malicious users on the homeserver, or by remote users sending URLs that a local user's client may automatically request a URL preview for. Remote users are not able to exploit this directly, because the URL preview endpoint is authenticated. Deployments with `url_preview_enabled: false` set in configuration are not affected. Deployments with `url_preview_enabled: true` set in configuration **are** affected. Deployments with no configuration value set for `url_preview_enabled` are not affected, because the default is `false`. Administrators of homeservers with URL previews enabled are advised to upgrade to v1.61.1 or higher. Users unable to upgrade should set `url_preview_enabled` to false.π Read
via "National Vulnerability Database".
π΄ China-Backed APT Pwns Building-Automation Systems with ProxyLogon π΄
π Read
via "Dark Reading".
The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks.π Read
via "Dark Reading".
Dark Reading
China-Backed APT Pwns Building-Automation Systems With ProxyLogon
The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks.
βοΈ The Link Between AWM Proxy & the Glupteba Botnet βοΈ
π Read
via "Krebs on Security".
On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy -- a 14-year-old anonymity service that rents hacked PCs to cybercriminals -- suddenly went offline. Security experts had long seen a link between Glupteba and AWM Proxy, but new research shows AWM Proxy's founder is one of the men being sued by Google.π Read
via "Krebs on Security".
Krebs on Security
The Link Between AWM Proxy & the Glupteba Botnet
On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy -- aβ¦
π΄ 'Raccoon Stealer' Scurries Back on the Scene After Hiatus π΄
π Read
via "Dark Reading".
Researchers this week said they had observed criminals using a new and improved version of the prolific malware, barely three months after its authors announced they were quitting.π Read
via "Dark Reading".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading