β A Guide to Surviving a Ransomware Attack β
π Read
via "Threat Post".
Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture.π Read
via "Threat Post".
Threat Post
A Guide to Surviving a Ransomware Attack
Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture.
βΌ CVE-2021-40643 βΌ
π Read
via "National Vulnerability Database".
EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page (by default/usr/sbin/sendmail) it is possible to execute any command, which will be executed when we make a test of the configuration ("send test mail").π Read
via "National Vulnerability Database".
β S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript] β
π Read
via "Naked Security".
Latest episode - listen and read now! Use our advice to advise your own friends and family... let's all do our bit to stand up to scammers!π Read
via "Naked Security".
Naked Security
S3 Ep89: Sextortion, blockchain blunder, and an OpenSSL bugfix [Podcast + Transcript]
Latest episode β listen and read now! Use our advice to advise your own friends and familyβ¦ letβs all do our bit to stand up to scammers!
ποΈ OpenSea reveals email breach, blames employee at third-party vendor ποΈ
π Read
via "The Daily Swig".
All users who shared their email address with NFT marketplace told: βAssume you were impactedβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
OpenSea among six organizations affected by email address leak by rogue employee at third-party vendor
All users who shared their email address with NFT marketplace told: βAssume you were impactedβ
βΌ CVE-2013-4146 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3414. Reason: This candidate is a duplicate of CVE-2012-3414. Notes: All CVE users should reference CVE-2012-3414 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2078 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40663 βΌ
π Read
via "National Vulnerability Database".
deep.assign npm package 0.0.0-alpha.0 is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution').π Read
via "National Vulnerability Database".
βΌ CVE-2022-1852 βΌ
π Read
via "National Vulnerability Database".
A NULL pointer dereference flaw was found in the Linux kernelΓ’β¬β’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33043 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in the batch add function of Urtracker Premium v4.0.1.1477 allows attackers to execute arbitrary web scripts or HTML via a crafted excel file.π Read
via "National Vulnerability Database".
βΌ CVE-2013-4170 βΌ
π Read
via "National Vulnerability Database".
In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, the `tagName` property of an `Ember.View` was inserted into such a string without being sanitized. This means that if an application assigns a view's `tagName` to user-supplied data, a specially-crafted payload could execute arbitrary JavaScript in the context of the current domain ("XSS"). This vulnerability only affects applications that assign or bind user-provided content to `tagName`.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41506 βΌ
π Read
via "National Vulnerability Database".
Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, HI3518_50H10L_S39 V4.02.R11.7601.Nat.Onvif.20170420, V4.02.R11.Nat.Onvif.20160422, V4.02.R11.7601.Nat.Onvif.20170424, V4.02.R11.Nat.Onvif.20170327, V4.02.R11.Nat.Onvif.20161205, V4.02.R11.Nat.20170301, V4.02.R12.Nat.OnvifS.20170727 is affected by a backdoor in the macGuarder and dvrHelper binaries of DVR/NVR/IP camera firmware due to static root account credentials in the system.π Read
via "National Vulnerability Database".
ποΈ Bug Bounty Radar // The latest bug bounty programs for July 2022 ποΈ
π Read
via "The Daily Swig".
New web targets for the discerning hackerπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Bug Bounty Radar // The latest bug bounty programs for July 2022
New web targets for the discerning hacker
π Blue Team Training Toolkit (BT3) 2.9 π
π Read
via "Packet Storm Security".
Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.π Read
via "Packet Storm Security".
Packetstormsecurity
Blue Team Training Toolkit (BT3) 2.9 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2021-37778 βΌ
π Read
via "National Vulnerability Database".
There is a buffer overflow in gps-sdr-sim v1.0 when parsing long command line parameters, which can lead to DoS or code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37770 βΌ
π Read
via "National Vulnerability Database".
Nucleus CMS v3.71 is affected by a file upload vulnerability. In this vulnerability, we can use upload to change the upload path to the path without the Htaccess file. Upload an Htaccess file and write it to AddType application / x-httpd-php.jpg. In this way, an attacker can upload a picture with shell, treat it as PHP, execute commands, so as to take down website resources.π Read
via "National Vulnerability Database".
β ZuoRAT Can Take Over Widely Used SOHO Routers β
π Read
via "Threat Post".
Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor.π Read
via "Threat Post".
Threat Post
ZuoRAT Can Take Over Widely Used SOHO Routers
Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor.
βΌ CVE-2021-38941 βΌ
π Read
via "National Vulnerability Database".
IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. IBM X-Force ID: 211048.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22474 βΌ
π Read
via "National Vulnerability Database".
IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22472 βΌ
π Read
via "National Vulnerability Database".
IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. By retrieving the logs of a container an attacker could exploit this vulnerability to bypass login security of the IBM Spectrum Protect Plus server and gain unauthorized access based on the permissions of the IBM Spectrum Protect Plus user to the vulnerable Spectrum Protect Plus server software. IBM X-Force ID: 225340.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31112 βΌ
π Read
via "National Vulnerability Database".
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions parse Server LiveQuery does not remove protected fields in classes, passing them to the client. The LiveQueryController now removes protected fields from the client response. Users are advised to upgrade. Users unable t upgrade should use `Parse.Cloud.afterLiveQueryEvent` to manually remove protected fields.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38954 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could disclose sensitive version information that could aid in future attacks against the system. IBM X-Force ID: 211414.π Read
via "National Vulnerability Database".