β S3 Ep137: 16th century crypto skullduggery β
π Read
via "Naked Security".
Lots to learn, clearly explained in plain English... listen now! (Full transcript inside.)π Read
via "Naked Security".
Naked Security
S3 Ep137: 16th century crypto skullduggery
Lots to learn, clearly explained in plain English⦠listen now! (Full transcript inside.)
β Serious Security: That KeePass βmaster password crackβ, and what we can learn from it β
π Read
via "Naked Security".
Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don't panic.)π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Where SBOMs Stand Today π΄
π Read
via "Dark Reading".
It's been two years since Executive Order 14028. By using SBOMs as a standard, organizations can manage software risks, protect their reputation, and improve their cybersecurity posture.π Read
via "Dark Reading".
Dark Reading
Where SBOMs Stand Today
It's been two years since Executive Order 14028. By using SBOMs as a standard, organizations can manage software risks, protect their reputation, and improve their cybersecurity posture.
π΄ Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection π΄
π Read
via "Dark Reading".
In an already fraught environment surrounding the popular Python programming language software package manager, hackers are coming up with new ways to sneak malicious goodies past cybersecurity buffers.π Read
via "Dark Reading".
Dark Reading
Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection
In an already fraught environment surrounding the popular Python programming language software package manager, hackers are coming up with new ways to sneak malicious goodies past cybersecurity buffers.
π΄ Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace π΄
π Read
via "Dark Reading".
No activity logging in the free subscription for Google's Web-based productivity suite exposes enterprises to insider and other threats, researchers say.π Read
via "Dark Reading".
Dark Reading
Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace
No activity logging in the free subscription for Google's Web-based productivity suite exposes enterprises to insider and other threats, researchers say.
π΄ Sustained 'Red Deer' Phishing Attacks Impersonate Israel Post, Drop RATs π΄
π Read
via "Dark Reading".
The "missed package" phishing messages, likely the work of a hacking-for-hire group, bounds into inboxes, bearing ASyncRAT.π Read
via "Dark Reading".
Dark Reading
Sustained 'Red Deer' Phishing Attacks Impersonate Israel Post, Drop RATs
The "missed package" phishing messages, likely the work of a hacking-for-hire group, bounds into inboxes, bearing ASyncRAT.
βΌ CVE-2023-32310 βΌ
π Read
via "National Vulnerability Database".
DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This could result in a user deleting another user's dashboard or messages or interfering with the interface for marking messages read. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32713 βΌ
π Read
via "National Vulnerability Database".
In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user.π Read
via "National Vulnerability Database".
π΄ How Do I Reduce Security Tool Sprawl in My Environment? π΄
π Read
via "Dark Reading".
When it comes to tool consolidation, focus on platforms over products.π Read
via "Dark Reading".
Dark Reading
How Do I Reduce Security Tool Sprawl in My Environment?
When it comes to tool consolidation, focus on platforms over products.
π΄ Jetpack WordPress Plug-in API Bug Triggers Mass Updates π΄
π Read
via "Dark Reading".
An audit uncovers an API-related security vulnerability dating back to Jetpack version 2.0 released in 2012 β and it affects millions of websites.π Read
via "Dark Reading".
Dark Reading
Jetpack WordPress Plug-in API Bug Triggers Mass Updates
An audit uncovers an API-related security vulnerability dating back to Jetpack version 2.0 released in 2012 β and it affects millions of websites.
β€1
βΌ CVE-2023-34339 βΌ
π Read
via "National Vulnerability Database".
In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's messageπ Read
via "National Vulnerability Database".
π΄ Amazon Pays $30.8M to Settle Ring Spying & Alexa Privacy Lawsuits π΄
π Read
via "Dark Reading".
The global e-commerce company will pay millions of dollars in two separate lawsuits because of privacy and security violations, the FTC says.π Read
via "Dark Reading".
Dark Reading
Amazon Pays $30.8M to Settle Ring Spying & Alexa Privacy Lawsuits
The global e-commerce company will pay millions of dollars in two separate lawsuits because of privacy and security violations, the FTC says.
π΄ Tel Aviv Stock Exchange Selects CardinalOps to Reduce Risk of Breaches Due to Undetected Attacks π΄
π Read
via "Dark Reading".
Enables financial services firm to operationalize MITRE ATT&CK with Splunk and eliminate detection coverage gaps based on organizational risk and priorities.π Read
via "Dark Reading".
Dark Reading
Tel Aviv Stock Exchange Selects CardinalOps to Reduce Risk of Breaches Due to Undetected Attacks
Enables financial services firm to operationalize MITRE ATT&CK with Splunk and eliminate detection coverage gaps based on organizational risk and priorities.
π΄ Cyversity and United Airlines to Provide Cybersecurity Training Scholarships to Cyversity Members π΄
π Read
via "Dark Reading".
Program designed to equip women and underrepresented individuals with the necessary skills and knowledge to succeed in cybersecurity.π Read
via "Dark Reading".
Dark Reading
Cyversity and United Airlines to Provide Cybersecurity Training Scholarships to Cyversity Members
Program designed to equip women and underrepresented individuals with the necessary skills and knowledge to succeed in cybersecurity.
βΌ CVE-2023-29723 βΌ
π Read
via "National Vulnerability Database".
The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opened. By injecting data, the attacker can force the application to load malicious image URLs and display them in the UI. As the amount of data increases, it will eventually cause the application to trigger an OOM error and crash, resulting in a persistent denial of service attack.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29736 βΌ
π Read
via "National Vulnerability Database".
Keyboard Themes 1.275.1.164 for Android contains a dictionary traversal vulnerability that allows unauthorized apps to overwrite arbitrary files in its internal storage and achieve arbitrary code execution.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-29725 βΌ
π Read
via "National Vulnerability Database".
The BT21 x BTS Wallpaper app 12 for Android allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opened. By injecting data, the attacker can force the application to load malicious image URLs and display them in the UI. As the amount of data increases, it will eventually cause the application to trigger an OOM error and crash, resulting in a persistent denial of service attack.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-29746 βΌ
π Read
via "National Vulnerability Database".
An issue found in The Thaiger v.1.2 for Android allows unauthorized apps to cause a code execution attack by manipulating the SharedPreference files.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2835 βΌ
π Read
via "National Vulnerability Database".
The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
π₯2
βΌ CVE-2023-2060 βΌ
π Read
via "National Vulnerability Database".
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing.π Read
via "National Vulnerability Database".
π₯1
π’ Horabot campaign targeted businesses for more than two years before finally being discovered π’
π Read
via "ITPro".
The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular π Read
via "ITPro".
Cloud Pro
Horabot campaign targeted businesses for more than two years before finally being discovered
The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
π1