π΄ Phishing Surges Ahead, as ChatGPT & AI Loom π΄
π Read
via "Dark Reading".
AI and phishing-as-a-service (PaaS) kits are making it easier for threat actors to create malicious email campaigns, which continue to target high-volume applications using popular brand names.π Read
via "Dark Reading".
Dark Reading
Phishing Surges Ahead, as ChatGPT & AI Loom
AI and phishing-as-a-service (PaaS) kits are making it easier for threat actors to create malicious email campaigns, which continue to target high-volume applications using popular brand names.
π΄ Cryptographers Decode Secret Letters of Mary, Queen of Scots π΄
π Read
via "Dark Reading".
Nearly a half-millennium after her execution, encrypted letters from the imprisoned royal offer a fascinating look into early cryptography.π Read
via "Dark Reading".
Dark Reading
Cryptographers Decode Secret Letters of Mary, Queen of Scots
Nearly a half-millennium after her execution, encrypted letters from the imprisoned royal offer a fascinating look into early cryptography.
π΄ Kaspersky Finds Growing Number of Parents Experiencing Ransomware Attacks on Children's Schools π΄
π Read
via "Dark Reading".
Schools paying higher ransoms and seeing longer closures, according to survey of parents.π Read
via "Dark Reading".
Dark Reading
Kaspersky Finds Growing Number of Parents Experiencing Ransomware Attacks on Children's Schools
Schools paying higher ransoms and seeing longer closures, according to survey of parents.
βοΈ U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group βοΈ
π Read
via "Krebs on Security".
Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating "Trickbot," a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities.π Read
via "Krebs on Security".
Krebs on Security
U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group
Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating "Trickbot," a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeoversβ¦
π΄ SynSaber Releases ICS CVE Retrospective: 3 Years of CISA Advisories π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
SynSaber Releases ICS CVE Retrospective: 3 Years of CISA Advisories
CHANDLER, Ariz., Feb. 9, 2023 /PRNewswire/ -- SynSaber, an early-stage ICS/OT cybersecurity and asset monitoring company, announced today the release of the company's first Industrial Control Systems (ICS) CVE Retrospective: 3 Years of CISA Advisories, whichβ¦
π΄ 7 Critical Cloud Threats Facing the Enterprise in 2023 π΄
π Read
via "Dark Reading".
From shadow data to misconfigurations, and overpermissioning to multicloud sprawl, Dark Reading's cloud security slideshow helps security pros understand the threat horizon.π Read
via "Dark Reading".
Dark Reading
7 Critical Cloud Threats Facing the Enterprise in 2023
From shadow data to misconfigs, and overpermissioning to multicloud sprawl, our cloud security slideshow helps security pros understand the threat horizon.
π΄ Avast Threat Report: Consumers Plagued With Refund Fraud, Tech Support Scams, and Adware π΄
π Read
via "Dark Reading".
Avast researchers also discovered and reported two zero-day vulnerabilities, and observed the spread of information-stealing malware, remote access trojans, and botnets.π Read
via "Dark Reading".
Dark Reading
Avast Threat Report: Consumers Plagued With Refund Fraud, Tech Support Scams, and Adware
Avast researchers also discovered and reported two zero-day vulnerabilities, and observed the spread of information-stealing malware, remote access trojans, and botnets.
βΌ CVE-2023-21435 βΌ
π Read
via "National Vulnerability Database".
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21429 βΌ
π Read
via "National Vulnerability Database".
Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21423 βΌ
π Read
via "National Vulnerability Database".
Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22792 βΌ
π Read
via "National Vulnerability Database".
A regular expression based DoS vulnerability in Action Dispatch <6.0.6.1,< 6.1.7.1, and <7.0.4.1. Specially crafted cookies, in combination with a specially crafted X_FORWARDED_HOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21447 βΌ
π Read
via "National Vulnerability Database".
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43552 βΌ
π Read
via "National Vulnerability Database".
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24323 βΌ
π Read
via "National Vulnerability Database".
Mojoportal v2.7 was discovered to contain an authenticated XML external entity (XXE) injection vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21428 βΌ
π Read
via "National Vulnerability Database".
Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21436 βΌ
π Read
via "National Vulnerability Database".
Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22798 βΌ
π Read
via "National Vulnerability Database".
Prior to commit 51867e0d15a6d7f80d5b714fd0e9976b9c160bb0, https://github.com/brave/adblock-lists removed redirect interceptors on some websites like Facebook in which the redirect interceptor may have been there for security purposes. This could potentially cause open redirects on these websites. Brave's redirect interceptor removal feature is known as "debouncing" and is intended to remove unnecessary redirects that track users across the web.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-23912 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected device to create a remote code execution vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24687 βΌ
π Read
via "National Vulnerability Database".
Mojoportal v2.7.0.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Company Info Settings component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtCompanyName parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22796 βΌ
π Read
via "National Vulnerability Database".
A regular expression based DoS vulnerability in Active Support <6.1.7.1 and <7.0.4.1. A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24322 βΌ
π Read
via "National Vulnerability Database".
A reflected cross-site scripting (XSS) vulnerability in the FileDialog.aspx component of mojoPortal v2.7.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters.π Read
via "National Vulnerability Database".