π΄ Ducktail Infostealer, DarkGate RAT Linked to Same Threat Actors π΄
π Read
via "Dark Reading".
Vietnamese cybercrime groups are using multiple different MaaS infostealers and RATs to target the digital marketing sector.π Read
via "Dark Reading".
Dark Reading
Ducktail Infostealer, DarkGate RAT Linked to Same Threat Actors
Vietnamese cybercrime groups are using multiple different MaaS infostealers and RATs to target the digital marketing sector.
π΄ SIM Card Ownership Slashed in Burkina Faso π΄
π Read
via "Dark Reading".
Users could hold up to five SIM cards previously, but now they can only have two; it's a move that the government says is intended to cut down mobile spam levels.π Read
via "Dark Reading".
Dark Reading
SIM Card Ownership Slashed in Burkina Faso
Users could hold up to five SIM cards previously, but now they can only have two; it's a move that the government says is intended to cut down mobile spam levels.
βΌ CVE-2023-5689 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - DOM in GitHub repository modoboa/modoboa prior to 2.2.2.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5686 βΌ
π Read
via "National Vulnerability Database".
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5688 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - DOM in GitHub repository modoboa/modoboa prior to 2.2.2.π Read
via "National Vulnerability Database".
β€1
βΌ CVE-2023-3933 βΌ
π Read
via "National Vulnerability Database".
The Your Journey theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5687 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) in GitHub repository mosparo/mosparo prior to 1.0.3.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3965 βΌ
π Read
via "National Vulnerability Database".
The nsc theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23373 βΌ
π Read
via "National Vulnerability Database".
An OS command injection vulnerability has been reported to affect QUSBCam2. If exploited, the vulnerability could allow users to execute commands via a network.We have already fixed the vulnerability in the following version:QUSBCam2 2.0.3 ( 2023/06/15 ) and laterπ Read
via "National Vulnerability Database".
βΌ CVE-2023-3962 βΌ
π Read
via "National Vulnerability Database".
The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5690 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.2.2.π Read
via "National Vulnerability Database".
βοΈ Hackers Stole Access Tokens from Oktaβs Support Unit βοΈ
π Read
via "Krebs on Security".
Okta, a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Okta says the incident affected a "very small number" of customers, however it appears the hackers responsible had access to Okta's support platform for at least two weeks before the company fully contained the intrusion.π Read
via "Krebs on Security".
Krebs on Security
Hackers Stole Access Tokens from Oktaβs Support Unit
Okta, a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Okta says the incidentβ¦
π¦Ώ NordVPN vs. ExpressVPN: Which VPN Is Best for 2023? π¦Ώ
π Read
via "Tech Republic".
NordVPN or ExpressVPN? Read this in-depth comparison to find out which VPN provider comes out on top in terms of features, security, speed, and more.π Read
via "Tech Republic".
TechRepublic
NordVPN vs ExpressVPN: Which VPN Should You Choose?
NordVPN or ExpressVPN? Read this in-depth comparison to find out which VPN provider comes out on top in terms of features, security, speed, and more.
π΄ DoD Gets Closer to Nominating Cyber Policy Chief π΄
π Read
via "Dark Reading".
Though there is speculation regarding potential candidates, the Department of Defense will likely not nominate someone in the near term.π Read
via "Dark Reading".
Dark Reading
DoD Gets Closer to Nominating Cyber Policy Chief
Though there is speculation regarding potential candidates, the Department of Defense will likely not nominate someone in the near term.
π΄ Cisco Finds New Zero Day Bug, Pledges Patches in Days π΄
π Read
via "Dark Reading".
A patch for the max severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.π Read
via "Dark Reading".
Dark Reading
Cisco Finds New Zero-Day Bug, Pledges Patches in Days
A patch for the max-severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.
βΌ CVE-2023-45805 βΌ
π Read
via "National Vulnerability Database".
pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious `pdm.lock` file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project `foo` can be targeted by creating the project `foo-2` and uploading the file `foo-2-2.tar.gz` to pypi.org. PyPI will see this as project `foo-2` version `2`, while PDM will see this as project `foo` version `2-2`. The version must only be `parseable as a version` and the filename must be a prefix of the project name, but it's not verified to match the version being installed. Version `2-2` is also not a valid normalized version per PEP 440. Matching the project name exactly (not just prefix) would fix the issue. When installing dependencies with PDM, what's actually installed could differ from what's listed in `pyproject.toml` (including arbitrary code execution on install). It could also be used for downgrade attacks by only changing the version. This issue has been addressed in commit `6853e2642df` which is included in release version `2.9.4`. Users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-46117 βΌ
π Read
via "National Vulnerability Database".
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. A vulnerability has been identified in reconftw where inadequate validation of retrieved subdomains may lead to a Remote Code Execution (RCE) attack. An attacker can exploit this vulnerability by crafting a malicious CSP entry on it's own domain. Successful exploitation can lead to the execution of arbitrary code within the context of the application, potentially compromising the system. This issue has been addressed in version 2.7.1.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
π1
π΄ Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover π΄
π Read
via "Dark Reading".
SolarWinds' access controls contain five high and three critical-severity security vulnerabilities that need to be patched yesterday.π Read
via "Dark Reading".
Dark Reading
Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover
SolarWinds' access controls contain five high-severity and three critical-severity security vulnerabilities that need to be patched yesterday.
π¦Ώ Five Eyes Release Guidelines for Business Leaders on Securing Intellectual Property π¦Ώ
π Read
via "Tech Republic".
The Five Eyes coalition's principles focus on reducing the possibility of IP theft, particularly from nation-state-sponsored threat actors.π Read
via "Tech Republic".
TechRepublic
Five Eyes Coalition Release Guidelines for Business Leaders on Securing Intellectual Property
The Five Eyes coalition's principles focus on reducing the possibility of IP theft, particularly from nation-state-sponsored threat actors.
π΄ From Snooze to Enthuse: Security Awareness Training That Sticks π΄
π Read
via "Dark Reading".
Most companies offer some kind of awareness training these days. But how much of those lessons are employees actually retaining?π Read
via "Dark Reading".
Dark Reading
From Snooze to Enthuse: Making Security Awareness Training 'Sticky'
Most companies offer some kind of awareness training these days. But how much of those lessons are employees actually retaining?
π΄ More Okta Customers Hacked π΄
π Read
via "Dark Reading".
Attackers compromised customer support files containing cookies and session tokens, which could result in malicious impersonation of valid Okta users. π Read
via "Dark Reading".
Dark Reading
More Okta Customers Hacked
Attackers compromised customer support files containing cookies and session tokens, which could result in malicious impersonation of valid Okta users.