📢 Microsoft Defender causes 'mass confusion' after legitimate apps trigger ransomware alerts 📢
📖 Read
via "ITPro".
The broken update pushed to users on Sunday morning saw the likes of Teams, Slack, Chrome, and Edge all being confused with the dangerous Hive ransomware payloads📖 Read
via "ITPro".
ITPro
Microsoft Defender causes 'mass confusion' after legitimate apps trigger ransomware alerts
The broken update pushed to users on Sunday morning saw the likes of Teams, Slack, Chrome, and Edge all being confused with the dangerous Hive ransomware payloads
‼ CVE-2022-2714 ‼
📖 Read
via "National Vulnerability Database".
Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2901 ‼
📖 Read
via "National Vulnerability Database".
Improper Authorization in GitHub repository chatwoot/chatwoot prior to 2.8.📖 Read
via "National Vulnerability Database".
👍1
🕴 Defenders Be Prepared: Cyberattacks Surge Against Linux Amid Cloud Migration 🕴
📖 Read
via "Dark Reading".
Ransomware in particular poses a major threat, but security vendors say there has been an increase in Linux-targeted cryptojacking, malware, and vulnerability exploits as well, and defenders need to be ready.📖 Read
via "Dark Reading".
Dark Reading
Defenders Be Prepared: Cyberattacks Surge Against Linux Amid Cloud Migration
Ransomware in particular poses a major threat, but security vendors say there has been an increase in Linux-targeted cryptojacking, malware, and vulnerability exploits as well, and defenders need to be ready.
❤1
🕴 Botnets in the Age of Remote Work 🕴
📖 Read
via "Dark Reading".
Here are some strategies for protecting the business against botnets poised to take advantage of remote-work vulnerabilities.📖 Read
via "Dark Reading".
Dark Reading
Botnets in the Age of Remote Work
Here are some strategies for protecting the business against botnets poised to take advantage of remote-work vulnerabilities.
🕴 Cymulate Raises $70M Series D Funding for Continuous Security Posture Testing 🕴
📖 Read
via "Dark Reading".
Investor participation from prior round demonstrates confidence in the company's current and future performance.📖 Read
via "Dark Reading".
Dark Reading
Cymulate Raises $70M Series D Funding for Continuous Security Posture Testing
Investor participation from prior round demonstrates confidence in the company's current and future performance.
⚠ Chrome and Edge fix zero-day security hole – update now! ⚠
📖 Read
via "Naked Security".
This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.📖 Read
via "Naked Security".
Sophos News
Naked Security – Sophos News
🕴 The 3 Fundamentals of Building an Effective IoMT Security Strategy 🕴
📖 Read
via "Dark Reading".
The high stakes and unique priorities for Internet of Medical Things devices require specialized cybersecurity strategies.📖 Read
via "Dark Reading".
Dark Reading
The 3 Fundamentals of Building an Effective IoMT Security Strategy
The high stakes and unique priorities for Internet of Medical Things devices require specialized cybersecurity strategies.
🕴 Internet Security & Encryption Pioneer Peter Eckersley Passes at 43 🕴
📖 Read
via "Dark Reading".
The founder of Let's Encrypt and an EFF technologist, Eckersley devoted his life's work to making the Internet safer and more secure.📖 Read
via "Dark Reading".
Dark Reading
Internet Security & Encryption Pioneer Peter Eckersley Passes at 43
The founder of Let's Encrypt and an EFF technologist, Eckersley devoted his life's work to making the Internet safer and more secure.
‼ CVE-2022-40111 ‼
📖 Read
via "National Vulnerability Database".
In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37841 ‼
📖 Read
via "National Vulnerability Database".
In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow.sample.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37839 ‼
📖 Read
via "National Vulnerability Database".
TOTOLINK A860R V4.1.2cu.5182_B20201027 is vulnerable to Buffer Overflow via Cstecgi.cgi.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36584 ‼
📖 Read
via "National Vulnerability Database".
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40110 ‼
📖 Read
via "National Vulnerability Database".
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26114 ‼
📖 Read
via "National Vulnerability Database".
An improper neutralization of input during web page generation vulnerability [CWE-79] in the Webmail of FortiMail before 7.2.0 may allow an unauthenticated attacker to trigger a cross-site scripting (XSS) attack via sending specially crafted mail messages.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37842 ‼
📖 Read
via "National Vulnerability Database".
In TOTOLINK A860R V4.1.2cu.5182_B20201027, the parameters in infostat.cgi are not filtered, causing a buffer overflow vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43076 ‼
📖 Read
via "National Vulnerability Database".
An improper privilege management vulnerability [CWE-269] in FortiADC versions 6.2.1 and below, 6.1.5 and below, 6.0.4 and below, 5.4.5 and below and 5.3.7 and below may allow a remote authenticated attacker with restricted user profile to modify the system files using the shell access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37840 ‼
📖 Read
via "National Vulnerability Database".
In TOTOLINK A860R V4.1.2cu.5182_B20201027, the main function in downloadfile.cgi has a buffer overflow vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40112 ‼
📖 Read
via "National Vulnerability Database".
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/boa.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37843 ‼
📖 Read
via "National Vulnerability Database".
In TOTOLINK A860R V4.1.2cu.5182_B20201027 in cstecgi.cgi, the acquired parameters are directly put into the system for execution without filtering, resulting in a command injection vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40109 ‼
📖 Read
via "National Vulnerability Database".
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions via binary /bin/boa.📖 Read
via "National Vulnerability Database".