📢 Facebook business accounts hijacked by infostealer malware campaign 📢
📖 Read
via "ITPro".
Threat actors are using LinkedIn phishing to seize business, ad accounts for financial gain📖 Read
via "ITPro".
IT PRO
Facebook business accounts hijacked by infostealer malware campaign | IT PRO
Threat actors are using LinkedIn phishing to seize business, ad accounts for financial gain
📢 T-Mobile to pay $350m to settle class action lawsuit 📢
📖 Read
via "ITPro".
The news follows a breach that exposed the personal data of over 40 million customers in 2021📖 Read
via "ITPro".
IT PRO
T-Mobile to pay $350m to settle class action lawsuit | IT PRO
The news follows a breach that exposed the personal data of over 40 million customers in 2021
📢 IT Pro News In Review: Slack ups subscription fees, ransomware attacks rise, Microsoft expands CRM capabilities 📢
📖 Read
via "ITPro".
Catch up on the biggest headlines of the week in just two minutes📖 Read
via "ITPro".
ITPro
IT Pro News In Review: Slack ups subscription fees, ransomware attacks rise, Microsoft expands CRM capabilities
Catch up on the biggest headlines of the week in just two minutes
📢 Best Linux distros 2022 📢
📖 Read
via "ITPro".
Whether it's for desktop, server or security, there's bound to be a Linux distro for you📖 Read
via "ITPro".
IT PRO
Best Linux distros 2023: The finest open source operating systems around | IT PRO
Bringing together the best Linux distros on the market today, including specialist versions for enterprise users
📢 Ransomware now strikes one in 40 organisations per week, Check Point finds 📢
📖 Read
via "ITPro".
VARs, systems integrators, and distributors saw a 143% year-on-year increase in attacks during Q2📖 Read
via "ITPro".
IT PRO
Ransomware now strikes one in 40 organisations per week, Check Point finds | IT PRO
VARs, systems integrators, and distributors saw a 143% year-on-year increase in attacks during Q2
📢 McAfee and Visa offer 50% off antivirus subscriptions for small businesses 📢
📖 Read
via "ITPro".
UK Visa Classic Business card holders can access the deal starting today📖 Read
via "ITPro".
IT PRO
McAfee and Visa offer 50% off antivirus subscriptions for small businesses | IT PRO
UK Visa Classic Business card holders can access the deal starting today
📢 Microsoft warns hackers turning to IIS exploits to create backdoors in businesses 📢
📖 Read
via "ITPro".
Internet information service modules formed part of the attack of Microsoft's own Exchange servers earlier this year📖 Read
via "ITPro".
ITPro
Microsoft warns hackers turning to IIS exploits to create backdoors in businesses
Internet information service modules formed part of the attack of Microsoft's own Exchange servers earlier this year
📢 Price hike for consumers as data breach costs rocket to all-time high 📢
📖 Read
via "ITPro".
Report from IBM Security finds that 60% of organizations have raised product or service prices post-breach📖 Read
via "ITPro".
IT PRO
Price hike for consumers as data breach costs rocket to all-time high | IT PRO
Report from IBM Security finds that 60% of organizations have raised product or service prices post-breach
👍1
‼ CVE-2022-2010 ‼
📖 Read
via "National Vulnerability Database".
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36987 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2158 ‼
📖 Read
via "National Vulnerability Database".
Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2295 ‼
📖 Read
via "National Vulnerability Database".
Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27613 ‼
📖 Read
via "National Vulnerability Database".
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in webapi component in Synology CardDAV Server before 6.0.10-0153 allows remote authenticated users to inject SQL commands via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22684 ‼
📖 Read
via "National Vulnerability Database".
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in task management component in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows remote attackers to execute arbitrary commands via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31627 ‼
📖 Read
via "National Vulnerability Database".
In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27612 ‼
📖 Read
via "National Vulnerability Database".
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Audio Station before 6.5.4-3367 allows remote attackers to execute arbitrary commands via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27614 ‼
📖 Read
via "National Vulnerability Database".
Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to obtain sensitive information via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22685 ‼
📖 Read
via "National Vulnerability Database".
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology WebDAV Server before 2.4.0-0062 allows remote authenticated users to delete arbitrary files via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27611 ‼
📖 Read
via "National Vulnerability Database".
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Audio Station before 6.5.4-3367 allows remote authenticated users to delete arbitrary files via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22683 ‼
📖 Read
via "National Vulnerability Database".
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36364 ‼
📖 Read
via "National Vulnerability Database".
Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via `httpclient_impl` connection property; however, the driver does not verify if the class implements the expected interface before instantiating it, which can lead to code execution loaded via arbitrary classes and in rare cases remote code execution. To exploit the vulnerability: 1) the attacker needs to have privileges to control JDBC connection parameters; 2) and there should be a vulnerable class (constructor with URL parameter and ability to execute code) in the classpath. From Apache Calcite Avatica 1.22.0 onwards, it will be verified that the class implements the expected interface before invoking its constructor.📖 Read
via "National Vulnerability Database".