βΌ CVE-2022-40633 βΌ
π Read
via "National Vulnerability Database".
A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks.π Read
via "National Vulnerability Database".
βοΈ Highlights from the New U.S. Cybersecurity Strategy βοΈ
π Read
via "Krebs on Security".
The Biden administration today issued its vision for beefing up the nation's collective cybersecurity posture, including calls for legislation establishing liability for software products and services that are sold with little regard for security. The White House's new national cybersecurity strategy also envisions a more active role by cloud providers and the U.S. military in disrupting cybercriminal infrastructure, and names China as the single biggest cyber threat to U.S. interests.π Read
via "Krebs on Security".
Krebs on Security
Highlights from the New U.S. Cybersecurity Strategy
The Biden administration today issued its vision for beefing up the nation's collective cybersecurity posture, including calls for legislation establishing liability for software products and services that are sold with little regard for security. The Whiteβ¦
π₯1
π΄ IBM Contributes Supply Chain Security Tools to OWASP π΄
π Read
via "Dark Reading".
License Scanner and SBOM Utility will boost the capabilities of OWASP's CycloneDX Software Bill of Materials standard.π Read
via "Dark Reading".
Dark Reading
IBM Contributes Supply Chain Security Tools to OWASP
License Scanner and SBOM Utility will boost the capabilities of OWASP's CycloneDX Software Bill of Materials standard.
βΌ CVE-2023-1160 βΌ
π Read
via "National Vulnerability Database".
Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0457 βΌ
π Read
via "National Vulnerability Database".
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U(C) CPU modules all models all versions, FX5UJ CPU modules all models all versions, FX5S CPU modules all models all versions, FX5-ENET all versions and FX5-ENET/IP all versions allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server.π Read
via "National Vulnerability Database".
π’ CISA: Tech industry 'shouldn't tolerate' Patch Tuesday π’
π Read
via "ITPro".
CISA director Jen Easterly said the tech industry has allowed the widespread acceptance of "deviant behaviours" to make a mockery of cyber securityπ Read
via "ITPro".
ITPro
CISA: Tech industry 'shouldn't tolerate' Patch Tuesday, unsecured software
CISA director Jen Easterly said the tech industry has allowed the widespread acceptance of "deviant behaviours" to make a mockery of cyber security
π’ Uncovering the ransomware threat from global supply chains π’
π Read
via "ITPro".
Everything is connectedπ Read
via "ITPro".
ITPro
Uncovering the ransomware threat from global supply chains
Everything is connected
π1
π’ Leaked today, exploited for life π’
π Read
via "ITPro".
How social media biometric patterns affect your futureπ Read
via "ITPro".
ITPro
Leaked today, exploited for life
How social media biometric patterns affect your future
π’ The near and far future of ransomware business models π’
π Read
via "ITPro".
What would make ransomware actors change their criminal business models?π Read
via "ITPro".
ITPro
The near and far future of ransomware business models
What would make ransomware actors change their criminal business models?
π’ Trend Micro security predictions for 2023 π’
π Read
via "ITPro".
Prioritise cyber security strategies on capabilities rather than costsπ Read
via "ITPro".
ITPro
Trend Micro security predictions for 2023
Prioritise cyber security strategies on capabilities rather than costs
π’ Bitdefender releases free MortalKombat ransomware decryptor tool π’
π Read
via "ITPro".
While still a relatively new strain, MortalKombat has been used extensively to target users and steal cryptocurrencyπ Read
via "ITPro".
ITPro
Bitdefender releases free MortalKombat ransomware decryptor tool
While still a relatively new strain, MortalKombat has been used extensively to target users and steal cryptocurrency
π’ Naoris Protocol snaps up former IBM chief scientist to lead its strategy π’
π Read
via "ITPro".
David Holtzman will lead the mesh security playerβs growth strategy across both Web2 and Web3π Read
via "ITPro".
channelpro
Naoris Protocol snaps up former IBM chief scientist to lead its strategy
David Holtzman will lead the mesh security playerβs growth strategy across both Web2 and Web3
π’ Checkmarx appoints Sandeep Johri as its new CEO π’
π Read
via "ITPro".
Experienced Silicon Valley executive will lead the applications security provider into its next phase of growthπ Read
via "ITPro".
channelpro
Checkmarx appoints Sandeep Johri as its new CEO
Experienced Silicon Valley executive will lead the applications security provider into its next phase of growth
π’ WH Smith hit by cyber attack, current and former staff data accessed π’
π Read
via "ITPro".
The company stated that it is notifying staff members who have been affectedπ Read
via "ITPro".
ITPro
WH Smith hit by cyber attack, current and former staff data accessed
The company stated that it is notifying staff members who have been affected
π’ Mapping the digital attack surface π’
π Read
via "ITPro".
Why global organisations are struggling to manage cyber riskπ Read
via "ITPro".
ITPro
Mapping the digital attack surface
Why global organisations are struggling to manage cyber risk
π1
π΄ It's Time to Assess the Potential Dangers of an Increasingly Connected World π΄
π Read
via "Dark Reading".
With critical infrastructures ever more dependent on the cloud connectivity, the world needs a more stable infrastructure to avoid a crippling cyberattack.π Read
via "Dark Reading".
Dark Reading
It's Time to Assess the Potential Dangers of an Increasingly Connected World
With critical infrastructures ever more dependent on the cloud connectivity, the world needs a more stable infrastructure to avoid a crippling cyberattack.
βΌ CVE-2022-45552 βΌ
π Read
via "National Vulnerability Database".
An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45551 βΌ
π Read
via "National Vulnerability Database".
An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45553 βΌ
π Read
via "National Vulnerability Database".
An issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router v 21.06.18 allows attacker to execute arbitrary commands via serial connection to the UART port.π Read
via "National Vulnerability Database".
π Wireshark Analyzer 4.0.4 π
π Read
via "Packet Storm Security".
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Wireshark Analyzer 4.0.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers