π΄ In Memoriam: Remembering Those Who Passed π΄
π Read
via "Dark Reading".
Security stands on the shoulders of giants. We take a moment to remember their contributions toward keeping people, data, and systems safe.π Read
via "Dark Reading".
Dark Reading
In Memoriam: Remembering Those Who Passed
Security stands on the shoulders of giants. We take a moment to remember their contributions toward keeping people, data, and systems safe.
βΌ CVE-2022-45911 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur on the Classic UI login page by injecting arbitrary JavaScript code in the username field. This occurs before the user logs into the system, which means that even if the attacker executes arbitrary JavaScript, they will not get any sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45913 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur via one of attributes in webmail URLs to execute arbitrary JavaScript code, leading to information disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2014-125053 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Piwigo-Guest-Book up to 1.3.0. It has been declared as critical. This vulnerability affects unknown code of the file include/guestbook.inc.php of the component Navigation Bar. The manipulation of the argument start leads to sql injection. Upgrading to version 1.3.1 is able to address this issue. The name of the patch is 0cdd1c388edf15089c3a7541cefe7756e560581d. It is recommended to upgrade the affected component. VDB-217582 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
π’ Play ransomware gang behind recent cyber attack on Rackspace π’
π Read
via "ITPro".
Rackspace said that βmore than halfβ of affected customers have regained access to data in the wake of the attackπ Read
via "ITPro".
ITPro
Play ransomware gang behind recent cyber attack on Rackspace
Rackspace said that βmore than halfβ of affected customers have regained access to data in the wake of the attack
π’ The IT Pro Podcast: Going passwordless π’
π Read
via "ITPro".
Something you are, or something you have, could be more important than a password you know in the near futureπ Read
via "ITPro".
ITPro
The IT Pro Podcast: Going passwordless
Something you are, or something you have, could be more important than a password you know in the near future
π±1
π’ Research: Luxury cars and emergency services vehicles vulnerable to remote takeover π’
π Read
via "ITPro".
A "global API issue" has been highlighted through months-long research into brands such as Ferrari and Mercedes-Benz, leaving owners open to hacking, account takeovers, and moreπ Read
via "ITPro".
ITPro
Research: Luxury cars and emergency services vehicles vulnerable to remote takeover
A "global API issue" has been highlighted through months-long research into brands such as Ferrari and Mercedes-Benz, leaving owners open to hacking, account takeovers, and more
π’ Cyber attack on car dealership Arnold Clark forces systems offline π’
π Read
via "ITPro".
The company was notified on 23 December about the suspicious incident and IT systems remain down, impacting customer-facing servicesπ Read
via "ITPro".
ITPro
Cyber attack on car dealership Arnold Clark forces systems offline
The company was notified on 23 December about the suspicious incident and IT systems remain down, impacting customer-facing services
π’ Podcast transcript: Going passwordless π’
π Read
via "ITPro".
Read the full transcript for this episode of the IT Pro Podcastπ Read
via "ITPro".
ITPro
Podcast transcript: Going passwordless
Read the full transcript for this episode of the IT Pro Podcast
π’ Rapid7 hires whistleblower Peiter "Mudge" Zatko a year after Twitter sacking π’
π Read
via "ITPro".
Zatko will advise clients at the security firm, in his first public role since launching his whistleblower campaign against Twitterπ Read
via "ITPro".
ITPro
Rapid7 hires whistleblower Peiter "Mudge" Zatko a year after Twitter sacking
Zatko will advise clients at the security firm, in his first public role since launching his whistleblower campaign against Twitter
π1
π’ Shopify bets on 'Audiences' tool to combat Apple's tracking restrictions for retailers π’
π Read
via "ITPro".
The ecommerce giant hopes its millions of customers will benefit from the Apple-compliant customer-targeting capabilitiesπ Read
via "ITPro".
ITPro
Shopify bets on 'Audiences' tool to combat Apple's tracking restrictions for retailers
The ecommerce giant hopes its millions of customers will benefit from the Apple-compliant customer-targeting capabilities
π’ IDC MarketScape: Worldwide unified endpoint management services π’
π Read
via "ITPro".
2022 vendor assessmentπ Read
via "ITPro".
ITPro
IDC MarketScape: Worldwide unified endpoint management services
2022 vendor assessment
π’ Cyber attacks on UK organisations surged 77% in 2022, new research finds π’
π Read
via "ITPro".
The UK education sector saw a 237% increase in attacks compared to 2021π Read
via "ITPro".
ITPro
Cyber attacks on UK organisations surged 77% in 2022, new research finds
The UK education sector saw a 237% increase in attacks compared to 2021
π’ Unified Endpoint Management and Security in a work-from-anywhere world π’
π Read
via "ITPro".
Management and security activities are deeply intertwined, requiring integrated workflows between IT and security teamsπ Read
via "ITPro".
ITPro
Unified Endpoint Management and Security in a work-from-anywhere world
New ways to mitigate vulnerabilities and support threat detection & response
π’ WhatsApp to combat internet blackouts with proxy server support π’
π Read
via "ITPro".
The newest version of the world's most popular communications platform offers a new way for users to connect while bypassing blockades that aim to limit access to the outside worldπ Read
via "ITPro".
ITPro
WhatsApp to combat internet blackouts with proxy server support
The newest version of the communication platform offers a new way to bypass state-imposed internet limitations, but concerns remain over IP visibility
π’ Storage's role in addressing the challenges of ensuring cyber resilience π’
π Read
via "ITPro".
Understanding the role of data storage in cyber resiliencyπ Read
via "ITPro".
ITPro
Storage's role in addressing the challenges of ensuring cyber resilience
Understanding the role of data storage in cyber resiliency
π2
βΌ CVE-2023-0112 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0106 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0107 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0110 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.π Read
via "National Vulnerability Database".