π΄ Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale π΄
π Read
via "Dark Reading".
Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.π Read
via "Dark Reading".
Dark Reading
Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale
Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.
π΄ The Myth of Protection Online β and What Comes Next π΄
π Read
via "Dark Reading".
It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.π Read
via "Dark Reading".
Dark Reading
The Myth of Protection Online β and What Comes Next
It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.
ποΈ Chromium site isolation bypass allows wide range of attacks on browsers ποΈ
π Read
via "The Daily Swig".
Flaw that opened the door to cookie modification and data theft resolvedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Chromium site isolation bypass allows wide range of attacks on browsers
Flaw that opened the door to cookie modification and data theft resolved
π΄ Massive China-Linked Disinformation Campaign Taps PR Firm for Help π΄
π Read
via "Dark Reading".
A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.π Read
via "Dark Reading".
Dark Reading
Massive China-Linked Disinformation Campaign Taps PR Firm for Help
A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.
βοΈ Scammers Sent Uber to Take Elderly Lady to the Bank βοΈ
π Read
via "Krebs on Security".
Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. In this case, the woman figured out she was being scammed before embarking for the bank, but her story is a chilling reminder of how far crooks will go these days to rip people off.π Read
via "Krebs on Security".
Krebs on Security
Scammers Sent Uber to Take Elderly Lady to the Bank
Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. In this case, theβ¦
βΌ CVE-2022-25168 βΌ
π Read
via "National Vulnerability Database".
Apache Hadoop's FileUtil.unTar(File, File) API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in Hadoop 2.x for yarn localization, which does enable remote code execution. It is used in Apache Spark, from the SQL command ADD ARCHIVE. As the ADD ARCHIVE command adds new binaries to the classpath, being able to execute shell scripts does not confer new permissions to the caller. SPARK-38305. "Check existence of file before untarring/zipping", which is included in 3.3.0, 3.1.4, 3.2.2, prevents shell commands being executed, regardless of which version of the hadoop libraries are in use. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.3 or upper (including HADOOP-18136).π Read
via "National Vulnerability Database".
β S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text] β
π Read
via "Naked Security".
Lastest episode - listen now! (Or read if that's what you prefer.)π Read
via "Naked Security".
Naked Security
S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
Latest episode β listen now! (Or read if thatβs what you prefer.)
βΌ CVE-2022-31118 βΌ
π Read
via "National Vulnerability Database".
Nextcloud server is an open source personal cloud solution. In affected versions an attacker could brute force to find if federated sharing is being used and potentially try to brute force access tokens for federated shares (`a-zA-Z0-9` ^ 15). It is recommended that the Nextcloud Server is upgraded to 22.2.9, 23.0.6 or 24.0.2. Users unable to upgrade may disable federated sharing via the Admin Sharing settings in `index.php/settings/admin/sharing`.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31132 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php`π Read
via "National Vulnerability Database".
βΌ CVE-2022-31120 βΌ
π Read
via "National Vulnerability Database".
Nextcloud server is an open source personal cloud solution. The audit log is used to get a full trail of the actions which has been incompletely populated. In affected versions federated share events were not properly logged which would allow brute force attacks to go unnoticed. This behavior exacerbates the impact of CVE-2022-31118. It is recommended that the Nextcloud Server is upgraded to 22.2.7, 23.0.4 or 24.0.0. There are no workarounds available.π Read
via "National Vulnerability Database".
π΄ How Email Security Is Evolving π΄
π Read
via "Dark Reading".
Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.π Read
via "Dark Reading".
Dark Reading
How Email Security Is Evolving
Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.
π΄ High-Severity Bug in Kaspersky VPN Client Opens Door to PC Takeover π΄
π Read
via "Dark Reading".
The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.π Read
via "Dark Reading".
Dark Reading
Bug in Kaspersky VPN Client Allows Privilege Escalation
The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.
βΌ CVE-2022-34862 βΌ
π Read
via "National Vulnerability Database".
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when an LTM virtual server is configured to perform normalization, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31119 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions of Nextcloud mail would log user passwords to disk in the event of a misconfiguration. Should an attacker gain access to the logs complete access to affected accounts would be obtainable. It is recommended that the Nextcloud Mail is upgraded to 1.12.1. Operators should inspect their logs and remove passwords which have been logged. There are no workarounds to prevent logging in the event of a misconfiguration.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31473 βΌ
π Read
via "National Vulnerability Database".
In BIG-IP Versions 16.1.x before 16.1.1 and 15.1.x before 15.1.4, when running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35241 βΌ
π Read
via "National Vulnerability Database".
In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35728 βΌ
π Read
via "National Vulnerability Database".
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ version 8.x before 8.2.0 and all versions of 7.x, an authenticated user's iControl REST token may remain valid for a limited time after logging out from the Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35243 βΌ
π Read
via "National Vulnerability Database".
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.5.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, using an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35245 βΌ
π Read
via "National Vulnerability Database".
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5.1, when a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34651 βΌ
π Read
via "National Vulnerability Database".
In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, when an LTM Client or Server SSL profile with TLS 1.3 enabled is configured on a virtual server, along with an iRule that calls HTTP::respond, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34655 βΌ
π Read
via "National Vulnerability Database".
In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an iRule containing the HTTP::payload command is configured on a virtual server, undisclosed traffic can cause Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.π Read
via "National Vulnerability Database".