π¦Ώ Abnormal Security: Microsoft Tops List of Most-Impersonated Brands in Phishing Exploits π¦Ώ
π Read
via "Tech Republic".
A new study found that 4.31% of phishing attacks mimicked Microsoft, far ahead of the second most-spoofed brand PayPal.π Read
via "Tech Republic".
TechRepublic
Abnormal Security: Microsoft Tops List of Most-Impersonated Brands in Phishing Exploits
A new study from Abnormal found that 4.31% of phishing attacks mimicked Microsoft, far ahead of second most-spoofed brand PayPal.
β Momβs Meals issues βNotice of Data Eventβ: What to know and what to do β
π Read
via "Naked Security".
It took six months for notifications to start, and we still don't know exactly what went down... but here's our advice on what to do.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Clam AntiVirus Toolkit 1.2.0 π
π Read
via "Packet Storm Security".
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Clam AntiVirus Toolkit 1.2.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π TOR Virtual Network Tunneling Tool 0.4.8.4 π
π Read
via "Packet Storm Security".
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
TOR Virtual Network Tunneling Tool 0.4.8.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Addressing Cybersecurity's Talent Shortage & Its Impact on CISOs π΄
π Read
via "Dark Reading".
CISOs need to educate all arms of the business on security best practices so it becomes part of the business culture, thus expanding who's keeping watch. Automating routine tasks will help scale security. π Read
via "Dark Reading".
Dark Reading
Addressing Cybersecurity's Talent Shortage & Its Impact on CISOs
CISOs need to educate all arms of the business on security best practices so it becomes part of the business culture, thus expanding who's keeping watch. Automating routine tasks will help scale security.
π¦Ώ Google Applies Generative AI Tools to Cloud Security π¦Ώ
π Read
via "Tech Republic".
At the Google Next '23 conference, the company announced a slew of AI-powered cybersecurity solutions for the cloud, featuring Duet AI, Mandiant and Chronicle Security Operations.π Read
via "Tech Republic".
TechRepublic
Google Applies Generative AI Tools to Cloud Security
At the Google Next conference, Google announced AI-powered cybersecurity solutions for the cloud with Duet AI, Mandiant and Chronicle Security Operations.
βΌ CVE-2023-41376 βΌ
π Read
via "National Vulnerability Database".
Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update-fault-tolerance is not enabled, mishandle BGP path attributes.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38283 βΌ
π Read
via "National Vulnerability Database".
In OpenBGPD before 8.1, incorrect handling of BGP update data (length of path attributes) set by a potentially distant remote actor may cause the system to incorrectly reset a session. This is fixed in OpenBSD 7.3 errata 006.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41037 βΌ
π Read
via "National Vulnerability Database".
OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header declaring the hash algorithm used to compute the signature digest. OpenPGP.js up to v5.9.0 ignored any data preceding the "Hash: ..." texts when verifying the signature. As a result, malicious parties could add arbitrary text to a third-party Cleartext Signed Message, to lead the victim to believe that the arbitrary text was signed. A user or application is vulnerable to said attack vector if it verifies the CleartextMessage by only checking the returned `verified` property, discarding the associated `data` information, and instead _visually trusting_ the contents of the original message. Since `verificationResult.data` would always contain the actual signed data, users and apps that check this information are not vulnerable. Similarly, given a CleartextMessage object, retrieving the data using `getText()` or the `text` field returns only the contents that are considered when verifying the signature. Finally, re-armoring a CleartextMessage object (using `armor()` will also result in a "sanitised" version, with the extraneous text being removed. This issue has been addressed in version 5.10.1 (current stable version) which will reject messages when calling `openpgp.readCleartextMessage()` and in version 4.10.11 (legacy version) which will will reject messages when calling `openpgp.cleartext.readArmored()`. Users are advised to upgrade. Users unable to upgrade should check the contents of `verificationResult.data` to see what data was actually signed, rather than visually trusting the contents of the armored message.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38802 βΌ
π Read
via "National Vulnerability Database".
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).π Read
via "National Vulnerability Database".
βΌ CVE-2023-3646 βΌ
π Read
via "National Vulnerability Database".
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39616 βΌ
π Read
via "National Vulnerability Database".
AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24548 βΌ
π Read
via "National Vulnerability Database".
On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39615 βΌ
π Read
via "National Vulnerability Database".
Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40889 βΌ
π Read
via "National Vulnerability Database".
A heap-based buffer overflow exists in the qr_reader_match_centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be physically scanned by the vulnerable scanner.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41362 βΌ
π Read
via "National Vulnerability Database".
MyBB before 1.8.36 allows Code Injection by users with certain high privileges. Templates in Admin CP intentionally use eval, and there was some validation of the input to eval, but type juggling interfered with this when using PCRE within PHP.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40890 βΌ
π Read
via "National Vulnerability Database".
A stack-based buffer overflow vulnerability exists in the lookup_sequence function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be physically scanned by the vulnerable scanner.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0654 βΌ
π Read
via "National Vulnerability Database".
Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim's device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker's app.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32050 βΌ
π Read
via "National Vulnerability Database".
Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed.Without due care, an application may inadvertently expose this sensitive information, e.g., by writing it to a log file. This issue only arises if an application enables the command listener feature (this is not enabled by default).This issue affects the MongoDB C Driver 1.0.0 prior to 1.17.7, MongoDB PHP Driver 1.0.0 prior to 1.9.2, MongoDB Swift Driver 1.0.0 prior to 1.1.1, MongoDB Node.js Driver 3.6 prior to 3.6.10, MongoDB Node.js Driver 4.0 prior to 4.17.0 and MongoDB Node.js Driver 5.0 prior to 5.8.0. This issue also affects users of the MongoDB C++ Driver dependent on the C driver 1.0.0 prior to 1.17.7 (C++ driver prior to 3.7.0).π Read
via "National Vulnerability Database".
π΄ Rackspace Faces Massive Cleanup Costs After Ransomware Attack π΄
π Read
via "Dark Reading".
Eight months after the cyberattack, the cloud hosting services company's remediation costs top $10 million as it tries to repair the damage caused by the Play ransomware gang.π Read
via "Dark Reading".
Dark Reading
Rackspace Faces Massive Cleanup Costs After Ransomware Attack
Eight months after the cyberattack, the cloud hosting services company's remediation costs top $10 million as it tries to repair the damage caused by the Play ransomware gang.
π΄ Somalia Orders ISPs to Block Telegram and TikTok π΄
π Read
via "Dark Reading".
Officials said the apps were used to "spread horrific content and misinformation to the public."π Read
via "Dark Reading".
Dark Reading
Somalia Orders ISPs to Block Telegram and TikTok
Officials said the apps were used to "spread horrific content and misinformation to the public."