π΄ Placing People & Realism at the Center of Your Cybersecurity Strategy π΄
π Read
via "Dark Reading".
While it's impossible for an organization to be completely secure, there's no reason to be defenseless.π Read
via "Dark Reading".
Dark Reading
Placing People & Realism at the Center of Your Cybersecurity Strategy
While it's impossible for an organization to be completely secure, there's no reason to be defenseless.
βΌ CVE-2023-27450 βΌ
π Read
via "National Vulnerability Database".
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka pluginΓ <= 3.29.2 versions.π Read
via "National Vulnerability Database".
β€1
βΌ CVE-2023-27443 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Grant Kimball Simple Vimeo Shortcode plugin <=Γ 2.9.1 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27432 βΌ
π Read
via "National Vulnerability Database".
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WpSimpleTools Manage Upload Limit plugin <=Γ 1.0.4 versions.π Read
via "National Vulnerability Database".
β€2
π΄ Cyberattacks on OT, ICS Lay Groundwork for Kinetic Warfare π΄
π Read
via "Dark Reading".
Organizations need to start taking critical infrastructure threats seriously, as they could be a precursor to future, hybrid cyber-kinetic warfare attacks, experts warn.π Read
via "Dark Reading".
Dark Reading
Cyberattacks on OT, ICS Lay Groundwork for Kinetic Warfare
Organizations need to start taking critical infrastructure threats seriously, as they could be a precursor to future, hybrid cyber-kinetic warfare attacks, experts warn.
β Beware bad passwords as attackers co-opt Linux servers into cybercrime β
π Read
via "Naked Security".
Did you prevent password-only logins on your SSH servers? On ALL of them? Are you sure about that?π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Emerging Ransomware Group 8Base Doxxes SMBs Globally π΄
π Read
via "Dark Reading".
A threat you've never heard of is using double extortion attacks on mom-and-pop shops around the globe.π Read
via "Dark Reading".
Dark Reading
Emerging Ransomware Group 8Base Doxxes SMBs Globally
A threat you've never heard of is using double extortion attacks on mom-and-pop shops around the globe.
βΌ CVE-2023-0026 βΌ
π Read
via "National Vulnerability Database".
An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute can propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Some customers have experienced these BGP session flaps which prompted Juniper SIRT to release this advisory out of cycle before fixed releases are widely available as there is an effective workaround. This issue affects: Juniper Networks Junos OS 15.1R1 and later versions prior to 20.4R3-S8; 21.1 version 21.1R1 and later versions prior to 21.2R3-S6; 21.3 versions prior to 21.3R3-S5; 21.4 versions prior to 21.4R3-S4; 22.1 versions prior to 22.1R3-S4; 22.2 versions prior to 22.2R3-S2; 22.3 versions prior to 22.2R3-S2; 22.4 versions prior to 22.4R2-S1, 22.4R3; 23.1 versions prior to 23.1R1-S1, 23.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S8-EVO; 21.1 version 21.1R1-EVO and later versions prior to 21.2R3-S6-EVO; 21.3 versions prior to 21.3R3-S5-EVO; 21.4 versions prior to 21.4R3-S4-EVO; 22.1 versions prior to 22.1R3-S4-EVO; 22.2 versions prior to 22.2R3-S2-EVO; 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO; 23.1 versions prior to 23.1R1-S1-EVO, 23.1R2-EVO.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2911 βΌ
π Read
via "National Vulnerability Database".
If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow.This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.π Read
via "National Vulnerability Database".
βοΈ Why Malware Crypting Services Deserve More Scrutiny βοΈ
π Read
via "Krebs on Security".
If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or "crypt" your malware so that it appears benign to antivirus and security products. In fact, the process of "crypting" malware is sufficiently complex and time-consuming that most serious cybercrooks will outsource this critical function to a handful of trusted third parties. This story explores the history and identity behind Cryptor[.]biz, a long-running crypting service that is trusted by some of the biggest names in cybercrime.π Read
via "Krebs on Security".
Krebs on Security
Why Malware Crypting Services Deserve More Scrutiny
If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or "crypt" your malware so that it appears benign to antivirus and security products. In fact,β¦
π΄ SMB Edge Devices Walloped With Asus, Zyxel Patch Warnings π΄
π Read
via "Dark Reading".
A slew of critical advisories this week showcase an exploding edge device attack surface for SMBs, which have limited cybersecurity protection, visibility, and maintenance available.π Read
via "Dark Reading".
Dark Reading
SMB Edge Devices Walloped With Asus, Zyxel Patch Warnings
A slew of critical advisories this week showcase an exploding edge device attack surface for SMBs, which have limited cybersecurity protection, visibility, and maintenance available.
π΄ Keep Job Scams From Hurting Your Organization π΄
π Read
via "Dark Reading".
From fake job listings that ding your reputation to fake job applicants who hack your network, job scams are a major threat.π Read
via "Dark Reading".
Dark Reading
Keep Job Scams From Hurting Your Organization
From fake job listings that ding your reputation to fake job applicants who hack your network, job scams are a major threat.
π΄ Ransomware Misconceptions Abound, To the Benefit of Attackers π΄
π Read
via "Dark Reading".
INFOSEC23 β London β It's time to update what we think we understand about ransomware, including new defensive measures and how fast the attack response should be.π Read
via "Dark Reading".
Dark Reading
Ransomware Misconceptions Abound, to the Benefit of Attackers
It's time to update what we think we understand about ransomware, including new defensive measures and how fast the attack response should be.
π΄ New DOJ Cyber Prosecution Team Will Go After Nation-State Threat Actors π΄
π Read
via "Dark Reading".
The US Department of Justice adds litigators under its National Security Division to take on sophisticated cyber threats from adversarial nation-states. π Read
via "Dark Reading".
Dark Reading
New DoJ Cyber Prosecution Team Will Go After Nation-State Threat Actors
The US Department of Justice adds litigators under its National Security Division to take on sophisticated cyber threats from adversarial nation-states.
π΄ 20 Year-Old Chinese APT15 Finds New Life in Foreign Ministry Attacks π΄
π Read
via "Dark Reading".
The notorious APT15 used common malware tools and a third-generation custom 'Graphican' backdoor to continue its information gathering exploits, this time against foreign ministries.π Read
via "Dark Reading".
Dark Reading
20-Year-Old Chinese APT15 Finds New Life in Foreign Ministry Attacks
The notorious APT15 used common malware tools and a third-generation custom "Graphican" backdoor to continue its information gathering exploits, this time against foreign ministries.
βΌ CVE-2023-0972 βΌ
π Read
via "National Vulnerability Database".
Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24261 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3110 βΌ
π Read
via "National Vulnerability Database".
Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0970 βΌ
π Read
via "National Vulnerability Database".
Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0971 βΌ
π Read
via "National Vulnerability Database".
A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25435 βΌ
π Read
via "National Vulnerability Database".
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753.π Read
via "National Vulnerability Database".