π’ What is HTTP error 503 and how do you fix it? π’
π Read
via "ITPro".
It may not always be obvious what's behind a HTTP error 503, but there are steps you can take to get back onlineπ Read
via "ITPro".
ITPro
What is HTTP error 503 and how do you fix it?
The cause of HTTP error 503 might be hard to find, but there are steps you can take to resume website access
βΌ CVE-2022-4506 βΌ
π Read
via "National Vulnerability Database".
Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4505 βΌ
π Read
via "National Vulnerability Database".
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4504 βΌ
π Read
via "National Vulnerability Database".
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4502 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4503 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.0.2.π Read
via "National Vulnerability Database".
ποΈ Critical IP spoofing bug patched in Cacti ποΈ
π Read
via "The Daily Swig".
βNot that hard to execute if attacker has access to a monitoring platform running Cactiβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Critical IP spoofing bug patched in Cacti
βNot that hard to execute if attacker has access to a monitoring platform running Cactiβ
π΄ Data Destruction Policies in the Age of Cloud Computing π΄
π Read
via "Dark Reading".
It's time for on-the-record answers to questions about data destruction in cloud environments. Without access, how do you verify data has been destroyed? Do processes meet DoD standards, or do we need to adjust standards to meet reality?π Read
via "Dark Reading".
Dark Reading
Data Destruction Policies in the Age of Cloud Computing
It's time for on-the-record answers to questions about data destruction in cloud environments. Without access, how do you verify data has been destroyed? Do processes meet DoD standards, or do we need to adjust standards to meet reality?
π΄ Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps π΄
π Read
via "Dark Reading".
Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail.π Read
via "Dark Reading".
Dark Reading
Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps
Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail.
β Apple patches everything, finally reveals mystery of iOS 16.1.2 β
π Read
via "Naked Security".
There's an update for everything this time, not just for iOS.π Read
via "Naked Security".
Naked Security
Apple patches everything, finally reveals mystery of iOS 16.1.2
Thereβs an update for everything this time, not just for iOS.
β Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware β
π Read
via "Naked Security".
Tales of derring-do in the cyberunderground! (And some zero-days.)π Read
via "Naked Security".
Naked Security
Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware
Tales of derring-do in the cyberunderground! (And some zero-days.)
β S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text] β
π Read
via "Naked Security".
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Adversary3 3.0 π
π Read
via "Packet Storm Security".
Adversary3 is a tool to navigate the vast www.malvuln.com malware vulnerability dataset.π Read
via "Packet Storm Security".
Packetstormsecurity
Adversary3 3.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook π΄
π Read
via "Dark Reading".
Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR.π Read
via "Dark Reading".
Dark Reading
Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook
Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR.
π΄ WatchGuard Threat Lab Report Finds Top Threat Arriving Exclusively Over Encrypted Connections π΄
π Read
via "Dark Reading".
New research also analyzes the commoditization of adversary-in-the-middle attacks, JavaScript obfuscation in exploit kits, and a malware family with Gothic Panda ties.π Read
via "Dark Reading".
Dark Reading
WatchGuard Threat Lab Report Finds Top Threat Arriving Exclusively Over Encrypted Connections
New research also analyzes the commoditization of adversary-in-the-middle attacks, JavaScript obfuscation in exploit kits, and a malware family with Gothic Panda ties.
π΄ Axonius Bolsters SaaS Management Offering With New Behavioral Analytics and SaaS User-Device Association Capabilities to Help Teams Address SaaS Application Risk π΄
π Read
via "Dark Reading".
New features bring greater visibility and context into SaaS applications access and activity.π Read
via "Dark Reading".
Dark Reading
Axonius Bolsters SaaS Management Offering With Behavioral Analytics and SaaS User-Device Association Capabilities
New features bring greater visibility and context into SaaS applications access and activity.
π1
βΌ CVE-2022-39929 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22063 βΌ
π Read
via "National Vulnerability Database".
Memory corruption in Core due to improper configuration in boot remapper.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23474 βΌ
π Read
via "National Vulnerability Database".
Editor.js is a block-style editor with clean JSON output. Versions prior to 2.26.0 are vulnerable to Code Injection via pasted input. The processHTML method passes pasted input into wrapperΓ’β¬β’s innerHTML. This issue is patched in version 2.26.0.π Read
via "National Vulnerability Database".
βΌ CVE-2020-20588 βΌ
π Read
via "National Vulnerability Database".
File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36607 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.π Read
via "National Vulnerability Database".