🕴 After the Uber Breach: 3 Questions All CISOs Should Ask Themselves 🕴
📖 Read
via "Dark Reading".
How CISOs handle the ethical issues around data breaches can make or break their careers. Don't wait until a breach happens to plot the course forward.📖 Read
via "Dark Reading".
Dark Reading
After the Uber Breach: 3 Questions All CISOs Should Ask Themselves
How CISOs handle the ethical issues around data breaches can make or break their careers. Don't wait until a breach happens to plot the course forward.
👍2
🕴 3 Industries, 3 Security Programs 🕴
📖 Read
via "Dark Reading".
Security leaders from a media corporation, a commercial real estate company, and an automotive technology company share how they address cyber-risk.📖 Read
via "Dark Reading".
Dark Reading
3 Industries, 3 Security Programs
Security leaders from a media corporation, a commercial real estate company, and an automotive technology company share how they address cyber-risk.
👍1🤔1
🕴 Extracting Encrypted Credentials From Common Tools 🕴
📖 Read
via "Dark Reading".
Attackers are harvesting credentials from compromised systems. Here's how some commonly used tools can enable this.📖 Read
via "Dark Reading".
Dark Reading
Extracting Encrypted Credentials From Common Tools
Attackers are harvesting credentials from compromised systems. Here's how some commonly used tools can enable this.
‼ CVE-2022-4849 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4840 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4839 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4846 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4843 ‼
📖 Read
via "National Vulnerability Database".
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4848 ‼
📖 Read
via "National Vulnerability Database".
Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4851 ‼
📖 Read
via "National Vulnerability Database".
Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4850 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4847 ‼
📖 Read
via "National Vulnerability Database".
Incorrectly Specified Destination in a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4845 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4844 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4841 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.📖 Read
via "National Vulnerability Database".
🔥2
♟️ Happy 12th Birthday, KrebsOnSecurity! ♟️
📖 Read
via "Krebs on Security".
KrebsOnSecurity turns 12 years old today. That's a crazy long time for an independent media outlet these days, but then again I'm liable to keep doing this as long as they keep letting me! Thanks to your readership and support, I was able to spend more time in 2022 on in-depth investigative stories -- the really satisfying kind with the potential to affect positive change. Some of that work is highlighted in the 2022 Year in Breaches review below.📖 Read
via "Krebs on Security".
Krebsonsecurity
Happy 13th Birthday, KrebsOnSecurity!
KrebsOnSecurity turns 12 years old today. That's a crazy long time for an independent media outlet these days, but then again I'm liable to keep doing this as long as they keep letting me! Thanks to your readership and support,…
‼ CVE-2022-30519 ‼
📖 Read
via "National Vulnerability Database".
XSS in signing form in Reprise Software RLM License Administration v14.2BL4 allows remote attacker to inject arbitrary code via password field.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36437 ‼
📖 Read
via "National Vulnerability Database".
The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affected Hazelcast Jet versions are through 4.5.3.📖 Read
via "National Vulnerability Database".
🕴 6 Ways to Protect Your Organization Against LAPSUS$ 🕴
📖 Read
via "Dark Reading".
Businesses need to educate employees the type of social engineering attacks used by hacking group DEV-0537 (LAPSUS$) and strengthen their security posture.📖 Read
via "Dark Reading".
Dark Reading
6 Ways to Protect Your Organization Against LAPSUS$
Businesses need to educate employees the type of social engineering attacks used by hacking group DEV-0537 (LAPSUS$) and strengthen their security posture.
‼ CVE-2022-44137 ‼
📖 Read
via "National Vulnerability Database".
SourceCodester Sanitization Management System 1.0 is vulnerable to SQL Injection.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4857 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Modbus Tools Modbus Poll up to 9.10.0 and classified as critical. Affected by this issue is some unknown functionality of the file mbpoll.exe of the component mbp File Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-217022 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
👍1