π’ What is threat hunting? π’
π Read
via "ITPro".
Although most threats can be dealt with automatically, the tougher ones require a bit more investigationπ Read
via "ITPro".
IT PRO
What is threat hunting? | IT PRO
Although most threats can be dealt with automatically, the tougher ones require a bit more investigation
π’ FTC fires warning against sensitive data misuse π’
π Read
via "ITPro".
The agency has responded to fears around biometric data breaches, including those relating to abortion servicesπ Read
via "ITPro".
IT PRO
FTC fires warning against sensitive data misuse | IT PRO
The agency has responded to fears around biometric data breaches, including those relating to abortion services
π’ Deloitte launches Zero Trust Access for enterprises π’
π Read
via "ITPro".
The managed security service protects applications regardless of their location or typeβπ Read
via "ITPro".
IT PRO
Deloitte launches Zero Trust Access for enterprises | IT PRO
The managed security service protects applications regardless of their location or typeβ
π’ Australian university suffers data breach of 47,000 students π’
π Read
via "ITPro".
The attacker also launched a smishing attempt while inside the universityβs systemsπ Read
via "ITPro".
IT PRO
Australian university suffers data breach of 47,000 students | IT PRO
The attacker also launched a smishing attempt while inside the universityβs systems
π’ Actively exploited zero-day and four 'critical' vulnerabilities fixed in Microsoft's July Patch Tuesday π’
π Read
via "ITPro".
The month's list of 84 bug fixes has been branded "boring" by some experts but should be welcome news to security personnelπ Read
via "ITPro".
ITPro
Actively exploited zero-day and four 'critical' vulnerabilities fixed in Microsoft's July Patch Tuesday
The month's list of 84 bug fixes has been branded "boring" by some experts but should be welcome news to security personnel
π’ Cyber attackers strike flood monitoring system in Goa, India π’
π Read
via "ITPro".
Ransomware attack has prevented the ability to back up data, with attackers demanding Bitcoin in return for decryptionπ Read
via "ITPro".
IT PRO
Cyber attackers strike flood monitoring system in Goa, India | IT PRO
Ransomware attack has prevented the ability to back up data, with attackers demanding Bitcoin in return for decryption
π’ What is cyber insurance? π’
π Read
via "ITPro".
In an age of increasingly devastating cyber attacks, many businesses are looking to cyber insurance to cushion the financial blowπ Read
via "ITPro".
IT PRO
What is cyber insurance and should your business buy into it? | IT PRO
In an age of increasingly devastating cyber attacks, many businesses are looking to cyber insurance to cushion the financial blow
π’ Amazon gave police departments Ring footage without permission π’
π Read
via "ITPro".
The tech giant has done this 11 times this yearπ Read
via "ITPro".
IT PRO
Amazon gave police departments Ring footage without permission | IT PRO
The tech giant has done this 11 times this year
π’ How to protect against 'endemic' Log4j vulnerabilities π’
π Read
via "ITPro".
A US government report details a series of recommendations to help counter the Log4Shell flaw in the long termπ Read
via "ITPro".
IT PRO
How to protect against 'endemic' Log4j vulnerabilities | IT PRO
A US government report details a series of recommendations to help counter the Log4Shell flaw in the long term
π’ ID.me pushes for US-wide privacy legislation π’
π Read
via "ITPro".
The latest push follows Apple CEO Tim Cook advocating support for the "strongest privacy bill possible"π Read
via "ITPro".
IT PRO
ID.me pushes for US-wide privacy legislation | IT PRO
The latest push follows Apple CEO Tim Cook advocating support for the "strongest privacy bill possible"
π’ Will FIDO passwordless authentication save cyber security? π’
π Read
via "ITPro".
Plans to eradicate passwords from the business landscape are underway, but there are significant hurdles to overcomeπ Read
via "ITPro".
IT PRO
Will FIDO passwordless authentication save cyber security? | IT PRO
Plans to eradicate passwords from the business landscape are underway, but there are significant hurdles to overcome
π’ ICO crackdown on AI recruitment part of three-year vision to save businesses Β£100 million π’
π Read
via "ITPro".
ICO25 outlines a fresh approach that involves releasing learning materials, advice, and a new ICO-moderated discussion forum for businessesπ Read
via "ITPro".
IT PRO
ICO crackdown on AI recruitment part of three-year vision to save businesses Β£100 million | IT PRO
ICO25 outlines a fresh approach that involves releasing learning materials, advice, and a new ICO-moderated discussion forum for businesses
βΌ CVE-2021-34987 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.1 (49187). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the HDAudio virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-14969.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34986 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.0 (49183). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13932.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31158 βΌ
π Read
via "National Vulnerability Database".
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the Authentication Request. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31159 βΌ
π Read
via "National Vulnerability Database".
The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issueΓ’β¬β’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` .π Read
via "National Vulnerability Database".
βΌ CVE-2022-31157 βΌ
π Read
via "National Vulnerability Database".
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31153 βΌ
π Read
via "National Vulnerability Database".
OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum flavors) in the v0.2.0 release of OpenZeppelin Contracts for Cairo, which are not whitelisted on StarkNet mainnet. Only goerli deployments of v0.2.0 accounts are affected. This faulty behavior is not observed in StarkNet's testing framework. This bug has been patched in v0.2.1.π Read
via "National Vulnerability Database".
βοΈ Why 8kun Went Offline During the January 6 Hearings βοΈ
π Read
via "Krebs on Security".
The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun[.]top and TheDonald[.]win in helping to organize and galvanize supporters who responded to former President Trump's invitation to "be wild" in Washington, D.C. on that chaotic day. At the same time the committee was hearing video testimony from 8kun founder Jim Watkins, 8kun and a slew of similar websites were suddenly yanked offline. Watkins suggested the outage was somehow related to the work of the committee, but the truth is KrebsOnSecurity was responsible and the timing was pure coincidence.π Read
via "Krebs on Security".
Krebs on Security
Why 8kun Went Offline During the January 6 Hearings
The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun[.]top and TheDonald[.]win in helping to organize and galvanize supporters who responded to former President Trump's invitation to "be wild" in Washingtonβ¦
βΌ CVE-2022-25858 βΌ
π Read
via "National Vulnerability Database".
The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25891 βΌ
π Read
via "National Vulnerability Database".
The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages.π Read
via "National Vulnerability Database".