‼ CVE-2022-41443 ‼
📖 Read
via "National Vulnerability Database".
phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component /admin/subnets/ripe-query.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42247 ‼
📖 Read
via "National Vulnerability Database".
pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.📖 Read
via "National Vulnerability Database".
🕴 Bumblebee Malware Loader's Payloads Significantly Vary by Victim System 🕴
📖 Read
via "Dark Reading".
On some systems the malware drops infostealers and banking Trojans; on others it installs sophisticated post-compromise tools, new analysis shows.📖 Read
via "Dark Reading".
Dark Reading
Bumblebee Malware Loader's Payloads Significantly Vary by Victim System
On some systems the malware drops infostealers and banking Trojans; on others it installs sophisticated post-compromise tools, new analysis shows.
🕴 Vice Society Publishes LA Public School Student Data, Psych Evals 🕴
📖 Read
via "Dark Reading".
After a flat refusal to pay the ransom, Los Angeles Unified School District's stolen data has been dumped on the Dark Web by a ransomware gang.📖 Read
via "Dark Reading".
Dark Reading
Vice Society Publishes LA Public School Student Data, Psych Evals
After a flat refusal to pay the ransom, Los Angeles Unified School District's stolen data has been dumped on the Dark Web by a ransomware gang.
👍1
🕴 First 72 Hours of Incident Response Critical to Taming Cyberattack Chaos 🕴
📖 Read
via "Dark Reading".
Responding to cyberattacks is extraordinarily stressful, but better planning, frequent practice, and the availability of mental health services can help IR professionals, a survey finds.📖 Read
via "Dark Reading".
Dark Reading
First 72 Hours of Incident Response Critical to Taming Cyberattack Chaos
Responding to cyberattacks is extraordinarily stressful, but better planning, frequent practice, and the availability of mental health services can help IR professionals, a survey finds.
👍2
⚠ Scammers and rogue callers – can anything ever stop them? ⚠
📖 Read
via "Naked Security".
Some thoughts for Cybersecurity Awareness Month: Is is worth reporting nuisance calls? Is it even worth reporting outright scams?📖 Read
via "Naked Security".
Naked Security
Scammers and rogue callers – can anything ever stop them?
Some thoughts for Cybersecurity Awareness Month: Is is worth reporting nuisance calls? Is it even worth reporting outright scams?
👍2
🗓️ Researchers net $46k for Akamai misconfiguration vulnerability 🗓️
📖 Read
via "The Daily Swig".
A lesson in how to achieve maximum value for your discoveries📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Researchers net $46k for Akamai misconfiguration vulnerability
A lesson in how to achieve maximum value for your discoveries
🗓️ JavaScript sandbox vm2 remediates remote code execution risk 🗓️
📖 Read
via "The Daily Swig".
Affected firms alerted to bug whose potential impact is heightened by vm2’s use in production environments📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
JavaScript sandbox vm2 remediates remote code execution risk
Affected firms alerted to bug whose potential impact is heightened by vm2’s use in production environments
👍1
🕴 Aryaka Delivers Zero-Trust WAN Based on Unified SASE Architecture 🕴
📖 Read
via "Dark Reading".
The new offering integrates firewall-as-a-service and secure web gateway into cloud-managed networking and security services.📖 Read
via "Dark Reading".
Dark Reading
Aryaka Delivers Zero-Trust WAN Based on Unified SASE Architecture
The new offering integrates firewall-as-a-service and secure web gateway into cloud-managed networking and security services.
🕴 Tidal Cyber Closes $4M Funding Round To Expand Threat-Informed Defense Tech 🕴
📖 Read
via "Dark Reading".
.📖 Read
via "Dark Reading".
Dark Reading
Tidal Cyber Closes $4M Funding Round To Expand Threat-Informed Defense Tech
.
🕴 Ransomware 3.0: The Next Frontier 🕴
📖 Read
via "Dark Reading".
Attackers are already circling back to reselling stolen data instead of — and in addition to — extortion.📖 Read
via "Dark Reading".
Darkreading
Ransomware 3.0: The Next Frontier
Attackers are already circling back to reselling stolen data instead of — and in addition to — extortion.
👍1
🕴 Eclypsium Raises Series B to Protect Digital Supply Chain As Attacks Grow 🕴
📖 Read
via "Dark Reading".
The new round highlights market demand to protect global businesses from soaring breaches through supply chains of critical hardware, devices, firmware, and software.📖 Read
via "Dark Reading".
Darkreading
Eclypsium Raises Series B to Protect Digital Supply Chain As Attacks Grow
The new round highlights market demand to protect global businesses from soaring breaches through supply chains of critical hardware, devices, firmware, and software.
🕴 More Than 30% of All Malicious Attacks Target Shadow APIs 🕴
📖 Read
via "Dark Reading".
New research spotlights how attackers are capitalizing on API-driven innovation.📖 Read
via "Dark Reading".
Dark Reading
More Than 30% of All Malicious Attacks Target Shadow APIs
New research spotlights how attackers are capitalizing on API-driven innovation.
🗓️ Matrix address flaws that break message encryption assurances 🗓️
📖 Read
via "The Daily Swig".
Confidentiality and authentication flaws📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Matrix address flaws that break message encryption assurances
Confidentiality and authentication flaws uncovered by researchers
⚠ Romance scammer and BEC fraudster sent to prison for 25 years ⚠
📖 Read
via "Naked Security".
Two years of scamming + $10 million leeched = 25 years in prison. Just in time for #Cybermonth.📖 Read
via "Naked Security".
Naked Security
BEC fraudster and romance scammer sent to prison for 25 years
Two years of scamming + $10 million leeched = 25 years in prison. Just in time for #Cybermonth.
🕴 Steam Gaming Phish Showcases Browser-in-Browser Threat 🕴
📖 Read
via "Dark Reading".
Attackers are using the recently emerged browser-in-the-browser phishing technique to steal accounts from Valve's popular gaming platform, but it's a warning shot to businesses.📖 Read
via "Dark Reading".
Dark Reading
Steam Gaming Phish Showcases Browser-in-Browser Threat
Attackers are using the recently emerged browser-in-the-browser phishing technique to steal accounts from Valve's popular gaming platform, but it's a warning shot to businesses.
👍1
🛠 OpenSSH 9.1p1 🛠
📖 Read
via "Packet Storm Security".
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.📖 Read
via "Packet Storm Security".
Packetstormsecurity
OpenSSH 9.1p1 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🕴 Workforce Data Privacy in the Modern Work Era 🕴
📖 Read
via "Dark Reading".
It takes culture as well as individual and corporate responsibilities to ensure workforce data privacy and compliance.📖 Read
via "Dark Reading".
Darkreading
Workforce Data Privacy in the Modern Work Era
It takes culture as well as individual and corporate responsibilities to ensure workforce data privacy and compliance.
🕴 Former NSA Employee Faces Death Penalty for Selling Secrets 🕴
📖 Read
via "Dark Reading".
Suspect allegedly thought he was swapping secrets with a foreign government for crypto — but it turned out to be an FBI agent.📖 Read
via "Dark Reading".
Darkreading
Former NSA Employee Faces Death Penalty for Selling Secrets
Suspect allegedly thought he was swapping secrets with a foreign government for crypto — but the contact turned out to be an FBI agent.
🕴 Aussie Telco Telstra Breached, Reportedly Exposing 30,000 Employees' Data 🕴
📖 Read
via "Dark Reading".
The Telstra cyber incident comes just weeks after its main rival Optus suffered a major compromise of its customer database.📖 Read
via "Dark Reading".
Darkreading
Aussie Telco Telstra Breached, Reportedly Exposing 30,000 Employees' Data
The Telstra cyber incident comes just weeks after its main rival Optus suffered a major compromise of its customer database.
🕴 Microsoft Updates Mitigation for Exchange Server Zero-Days 🕴
📖 Read
via "Dark Reading".
Researchers had discovered that Microsoft's original mitigation steps for the so-called "ProxyNotShell" flaws was easily bypassed.📖 Read
via "Dark Reading".
Darkreading
Microsoft Updates Mitigation for Exchange Server Zero-Days
Researchers had discovered that Microsoft's original mitigation steps for the so-called "ProxyNotShell" flaws was easily bypassed.