βΌ CVE-2020-26866 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26840 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41485 βΌ
π Read
via "National Vulnerability Database".
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47ce00 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2020-26849 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42160 βΌ
π Read
via "National Vulnerability Database".
D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the system_time_timezone parameter at function SetNTPServerSettings.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41481 βΌ
π Read
via "National Vulnerability Database".
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47de1c function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26856 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26862 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42156 βΌ
π Read
via "National Vulnerability Database".
D-Link COVR 1200,1203 v1.08 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter at function SetNetworkTomographySettings.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42159 βΌ
π Read
via "National Vulnerability Database".
D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator.π Read
via "National Vulnerability Database".
π΄ Feature-Rich 'Alchimist' Cyberattack Framework Targets Windows, Mac, Linux Environments π΄
π Read
via "Dark Reading".
The comprehensive, multiplatform framework comes loaded with weapons, and it is likely another effort by a China-based threat group to develop an alternative to Cobalt Strike and Sliver.π Read
via "Dark Reading".
Dark Reading
Feature-Rich 'Alchimist' Cyberattack Framework Targets Windows, Mac, Linux Environments
The comprehensive, multiplatform framework comes loaded with weapons, and it is likely another effort by a China-based threat group to develop an alternative to Cobalt Strike and Sliver.
π΄ Comprehensive Network Visibility Is Imperative for Zero-Trust Maturity π΄
π Read
via "Dark Reading".
Distrust and verify, because you can't protect what you can't see.π Read
via "Dark Reading".
Dark Reading
Comprehensive Network Visibility Is Imperative for Zero-Trust Maturity
Distrust and verify, because you can't protect what you can't see.
π1
π΄ Novel npm Timing Attack Allows Corporate Targeting π΄
π Read
via "Dark Reading".
A timing attack helps cyberattackers lob malicious code-bombs at corporate targets by cloning private package names.π Read
via "Dark Reading".
Dark Reading
Novel npm Timing Attack Allows Corporate Targeting
A timing attack helps cyberattackers lob malicious code-bombs at corporate targets by cloning private package names.
π΄ Quarter of Healthcare Ransomware Victims Forced to Halt Operations π΄
π Read
via "Dark Reading".
Trend Micro research reveals supply chains are key source of risk.π Read
via "Dark Reading".
Dark Reading
Quarter of Healthcare Ransomware Victims Forced to Halt Operations
Trend Micro research reveals supply chains are key source of risk.
π΄ Nexusguard Research Shows Total Number of DDoS Attacks Increased during First Half of 2022 While Maximum Attack Size Decreased Compared to Second Half of 2021 π΄
π Read
via "Dark Reading".
Nexusguard DDoS Statistical Report reveals key attack observations and analysis from the first half of 2022.π Read
via "Dark Reading".
Dark Reading
Nexusguard Research Shows Total Number of DDoS Attacks Increased during First Half of 2022 While Maximum Attack Size Decreasedβ¦
Nexusguard DDoS Statistical Report reveals key attack observations and analysis from the first half of 2022.
π΄ Armis Now Available on Google Cloud Marketplace π΄
π Read
via "Dark Reading".
Enterprises seeking asset visibility and security enabled to simplify the procurement process of Armis.π Read
via "Dark Reading".
Dark Reading
Armis Now Available on Google Cloud Marketplace
Enterprises seeking asset visibility and security enabled to simplify the procurement process of Armis.
π΄ HSBC and Silent Eight Expand Machine Learning Partnership π΄
π Read
via "Dark Reading".
Silent Eight announced an extension to its existing partnership with HSBC to tackle financial crime.π Read
via "Dark Reading".
Dark Reading
HSBC and Silent Eight Expand Machine Learning Partnership
Silent Eight announced an extension to its existing partnership with HSBC to tackle financial crime.
π΄ Google Cloud Advances Partnerships with 20-Plus Software Companies Focused on Digital Sovereignty and Cybersecurity π΄
π Read
via "Dark Reading".
At Next '22, Google Cloud announces updates to its trusted cloud ecosystem with new Sovereign Solutions initiative and partnerships spanning critical areas of cybersecurity.π Read
via "Dark Reading".
Dark Reading
Google Cloud Advances Partnerships with 20-Plus Software Companies Focused on Digital Sovereignty and Cybersecurity
At Next '22, Google Cloud announces updates to its trusted cloud ecosystem with new Sovereign Solutions initiative and partnerships spanning critical areas of cybersecurity.
βΌ CVE-2022-42719 βΌ
π Read
via "National Vulnerability Database".
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.14 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35612 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35944 βΌ
π Read
via "National Vulnerability Database".
October is a self-hosted Content Management System (CMS) platform based on the Laravel PHP Framework. This vulnerability only affects installations that rely on the safe mode restriction, commonly used when providing public access to the admin panel. Assuming an attacker has access to the admin panel and permission to open the "Editor" section, they can bypass the Safe Mode (`cms.safe_mode`) restriction to introduce new PHP code in a CMS template using a specially crafted request. The issue has been patched in versions 2.2.34 and 3.0.66.π Read
via "National Vulnerability Database".