π΄ How to Upskill Tech Staff to Meet Cybersecurity Needs π΄
π Read
via "Dark Reading".
Cybersecurity is the largest current tech skills gap; closing it requires a concerted effort to upskill existing staff.π Read
via "Dark Reading".
Dark Reading
How to Upskill Tech Staff to Meet Cybersecurity Needs
Cybersecurity is the largest current tech skills gap; closing it requires a concerted effort to upskill existing staff.
β S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, heathcare security [Audio + Text] β
π Read
via "Naked Security".
Latest episode - listen now (or read if you prefer!)π Read
via "Naked Security".
Naked Security
S3 Ep96: Zoom 0-day, AEPIC leak, Conti reward, healthcare security [Audio + Text]
Latest episode β listen now (or read if you prefer!)
π΄ Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel Sectors π΄
π Read
via "Dark Reading".
The cybercriminal crew has used 15 malware families to target travel and hospitality companies globally, constantly changing tactics over the course of its four-year history.π Read
via "Dark Reading".
Dark Reading
Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel Sectors
The cybercriminal crew has used 15 malware families to target travel and hospitality companies globally, constantly changing tactics over the course of its four-year history.
π΄ Which Security Bugs Will Be Exploited? Researchers Create an ML Model to Find Out π΄
π Read
via "Dark Reading".
How critical is that vulnerability? University researchers are improving predictions of which software flaws will end up with an exploit, a boon for prioritizing patches and estimating risk.π Read
via "Dark Reading".
Dark Reading
Which Security Bugs Will Be Exploited? Researchers Create an ML Model to Find Out
How critical is that vulnerability? University researchers are improving predictions of which software flaws will end up with an exploit, a boon for prioritizing patches and estimating risk.
β Google Patches Chromeβs Fifth Zero-Day of the Year β
π Read
via "Threat Post".
Google has patched the fifth actively exploited zero-day vulnerability discovered in Chrome this year as one in a series of fixes included in a stable channel update released Wednesday. The bug, tracked as CVE-2022-2856 and rated as high on the Common Vulnerability Scoring System (CVSS), is associated with βinsufficient validation of untrusted input in Intents,β [β¦]π Read
via "Threat Post".
Threat Post
Google Patches Chromeβs Fifth Zero-Day of the Year
An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
ποΈ Vulnerability in open source identity management system Free IPA could lead to XXE attacks ποΈ
π Read
via "The Daily Swig".
Attackers could βtake full control of the infrastructureβ, warn researchersπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Vulnerability in open source identity management system Free IPA could lead to XXE attacks
Attackers could βtake full control of the infrastructureβ, warn researchers
βοΈ PayPal Phishing Scam Uses Invoices Sent Via PayPal βοΈ
π Read
via "Krebs on Security".
Scammers are using invoices sent through PayPal.com to trick recipients into calling a number to dispute a pending charge. The missives -- which come from Paypal.com and include a link at Paypal.com that displays an invoice for the supposed transaction -- state that the user's account is about to be charged hundreds of dollars. Recipients who call the supplied toll-free number to contest the transaction are soon asked to download software that lets the scammers assume remote control over their computer.π Read
via "Krebs on Security".
Krebs on Security
PayPal Phishing Scam Uses Invoices Sent Via PayPal
Scammers are using invoices sent through PayPal.com to trick recipients into calling a number to dispute a pending charge. The missives -- which come from Paypal.com and include a link at Paypal.com that displays an invoice for the supposed transactionβ¦
β Apple patches double zero-day in browser and kernel β update now! β
π Read
via "Naked Security".
Double 0-day exploits - one in WebKit (to break in) and the other in the kernel (to take over). Patch now!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2022-36024 βΌ
π Read
via "National Vulnerability Database".
A fork of discord.py py-cord is a modern, easy to use, feature-rich, and async ready API wrapper for Discord written in Python. This issue allows users to be able to remotely shutdown the a bot running on py-cord, via adding it to a discord server with the `application.commands` scope but not the `bot` scope - then executing a command in that server. Currently, it appears that all public bots that use slash commands are affected. This issue has been patched in version 2.0.1. There are currently no recommended workarounds - please upgrade to a patched version.π Read
via "National Vulnerability Database".
π΄ 5 Russia-Linked Groups Target Ukraine in Cyberwar π΄
π Read
via "Dark Reading".
Information on the attributed cyberattacks conducted since the beginning of the Russia-Ukraine war shows that a handful of groups conducted more than two dozen attacks.π Read
via "Dark Reading".
Dark Reading
5 Russia-Linked Groups Target Ukraine in Cyberwar
Information on the attributed cyberattacks conducted since the beginning of the Russia-Ukraine war shows that a handful of groups conducted more than two dozen attacks.
βΌ CVE-2022-37060 βΌ
π Read
via "National Vulnerability Database".
FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files located outside of the server's restricted path.π Read
via "National Vulnerability Database".
π΄ Mac Attack: North Korea's Lazarus APT Targets Apple's M1 Chip π΄
π Read
via "Dark Reading".
Lazarus continues to expand an aggressive, ongoing spy campaign, using fake Coinbase job openings to lure in victims.π Read
via "Dark Reading".
Dark Reading
Mac Attack: North Korea's Lazarus APT Targets Apple's M1 Chip
Lazarus continues to expand an aggressive, ongoing spy campaign, using fake Coinbase job openings to lure in victims.
βΌ CVE-2022-36023 βΌ
π Read
via "National Vulnerability Database".
Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. Version 2.4.6 checks for the malformed gateway request and returns an error to the gateway client. There are no known workarounds, users must upgrade to version 2.4.6.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2874 βΌ
π Read
via "National Vulnerability Database".
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0223.π Read
via "National Vulnerability Database".
π΄ China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload π΄
π Read
via "Dark Reading".
The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access.π Read
via "Dark Reading".
Dark Reading
China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload
The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access.
π1
βΌ CVE-2020-27787 βΌ
π Read
via "National Vulnerability Database".
A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35174 (starterkit) βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37061 (flir_ax8_firmware) βΌ
π Read
via "National Vulnerability Database".
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2625 βΌ
π Read
via "National Vulnerability Database".
A vulnerability found in postgresql. On this security issue an attack requires permission to create non-temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there's no need to modify individual extensions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32862 βΌ
π Read
via "National Vulnerability Database".
The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer).π Read
via "National Vulnerability Database".
βΌ CVE-2020-27790 βΌ
π Read
via "National Vulnerability Database".
A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service. The highest impact is to Availability.π Read
via "National Vulnerability Database".