🕴 Searchlight Security Changes Name to Searchlight Cyber and Launches New Brand 🕴
📖 Read
via "Dark Reading".
Searchlight Cyber announces rebrand that reflects its status as a fast-growing cybersecurity business.📖 Read
via "Dark Reading".
Dark Reading
Searchlight Security Changes Name to Searchlight Cyber and Launches New Brand
Searchlight Cyber announces rebrand that reflects its status as a fast-growing cybersecurity business.
👍1
🕴 How AI/ML Can Thwart DDoS Attacks 🕴
📖 Read
via "Dark Reading".
When properly designed and trained, artificial intelligence and machine learning can help improve the accuracy of DDoS detection and mitigation.📖 Read
via "Dark Reading".
Dark Reading
How AI/ML Can Thwart DDoS Attacks
When properly designed and trained, artificial intelligence and machine learning can help improve the accuracy of distributed denial-of-service detection and mitigation.
👍1
♟️ The Equifax Breach Settlement Offer is Real, For Now ♟️
📖 Read
via "Krebs on Security".
Millions of people likely just received an email or snail mail notice saying they're eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax. Given the high volume of reader inquiries about this, it seemed worth pointing out that while this particular offer is legit (if paltry), scammers are likely to soon capitalize on public attention to the settlement money.📖 Read
via "Krebs on Security".
Krebs on Security
The Equifax Breach Settlement Offer is Real, For Now
Millions of people likely just received an email or snail mail notice saying they're eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax. Given the high volume of reader inquiries about…
🕴 NATO-Member Oil Refinery Targeted in Russian APT Blitz Against Ukraine 🕴
📖 Read
via "Dark Reading".
Security Service-backed Trident Ursa APT group shakes up tactics in its relentless cyberattacks against Ukraine.📖 Read
via "Dark Reading".
Dark Reading
NATO-Member Oil Refinery Targeted in Russian APT Blitz Against Ukraine
Security Service-backed Trident Ursa APT group shakes up tactics in its relentless cyberattacks against Ukraine.
🕴 Raspberry Robin Worm Targets Telcos & Governments 🕴
📖 Read
via "Dark Reading".
With 10 layers of obfuscation and fake payloads, the Raspberry Robin worm is nesting its way deep into organizations.📖 Read
via "Dark Reading".
Dark Reading
Raspberry Robin Worm Targets Telcos & Governments
With 10 layers of obfuscation and fake payloads, the Raspberry Robin worm is nesting its way deep into organizations.
‼ CVE-2022-43875 ‼
📖 Read
via "National Vulnerability Database".
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46424 ‼
📖 Read
via "National Vulnerability Database".
An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v0.4.1.1 and earlier.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23537 ‼
📖 Read
via "National Vulnerability Database".
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1).📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46912 ‼
📖 Read
via "National Vulnerability Database".
An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46771 ‼
📖 Read
via "National Vulnerability Database".
IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.18, 7.0.5.0 through 7.0.5.13, 7.1.0.0 through 7.1.2.9, 7.2.0.0 through 7.2.3.2 and 7.3.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 242273.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46430 ‼
📖 Read
via "National Vulnerability Database".
TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46434 ‼
📖 Read
via "National Vulnerability Database".
An issue in the firmware update process of TP-Link TL-WA7510N v1 v3.12.6 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46432 ‼
📖 Read
via "National Vulnerability Database".
An exploitable firmware modification vulnerability was discovered on TP-Link TL-WR743ND V1. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v3.12.20 and earlier.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38873 ‼
📖 Read
via "National Vulnerability Database".
D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-3662 v1.05rc047 and earlier allows attackers to cause a Denial of Service (DoS) via uploading a crafted firmware after modifying the firmware header.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46422 ‼
📖 Read
via "National Vulnerability Database".
An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46914 ‼
📖 Read
via "National Vulnerability Database".
An issue in the firmware update process of TP-LINK TL-WA801N / TL-WA801ND V1 v3.12.16 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46139 ‼
📖 Read
via "National Vulnerability Database".
TP-Link TL-WR940N V4 3.16.9 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4515 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46423 ‼
📖 Read
via "National Vulnerability Database".
An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v1.2.3.7 and earlier.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46910 ‼
📖 Read
via "National Vulnerability Database".
An issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up to v3.12.16 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43872 ‼
📖 Read
via "National Vulnerability Database".
IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708.📖 Read
via "National Vulnerability Database".