Share

RSS

More Articles…

• NIS: what it is and how it protects cybersecurity
• Advanced persistent threats (APTs): what they are and how to defend yourself
• Penetration Testing and MFA: A Dual Strategy to Maximize Security
• Penetration Testing: Where to Strike to Protect Your IT Network
• Ransomware: a plague that brings companies and institutions to their knees. Should you pay the ransom? Here is the answer.
• Why IT audit and log management are important for Cybersecurity
• Red Team, Blue Team and Purple Team: what are the differences?
• Mercedes’ Oversight Puts Company Secrets at Risk: Why Cyber Threat Intelligence is Critical

Categories …

• Backup as a Service (18)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (22)
• Conferenza Cloud (4)
• ICT Monitoring (5)
• Log Management (2)
• News (24)
• ownCloud (4)
• Privacy (7)
• Secure Online Desktop (14)
• Security (203)
  • Cyber Threat Intelligence (CTI) (8)
  • Deception (4)
  • Ethical Phishing (11)
  • Netwrix Auditor (2)
  • Penetration Test (11)
  • Posture Guard (3)
  • SOCaaS (65)
    • EDR (3)
    • SIEM (13)
    • SOAR (5)
    • UEBA (10)
  • Vulnerabilities (84)
• Web Hosting (15)

Tags

darkreading

• REvil Affiliate Off to Jail for Multimillion-Dollar Ransomware Scheme May 3, 2024
  Charges against the ransomware gang member included damage to computers, conspiracy to commit fraud, and conspiracy to commit money laundering.
• Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns May 3, 2024
  Patch now: Cyberattackers are exploiting CVE-2023-7028 (CVSS 10) to take over and lock users out of GitLab accounts, steal source code, and more.
• Innovation, Not Regulation, Will Protect Corporations From Deepfakes May 3, 2024
  If CEOs want to prevent their firm from being the next victim of a high-profile deepfake scam, they need to double cybersecurity funding immediately.
• New AI Security Startup Apex Secures AI Models, Apps May 3, 2024
  The AI security startup's platform will allow organizations to define appropriate AI usage and enforce security policies.
• Mimic Launches With New Ransomware Defense Platform May 2, 2024
  The startup says its SaaS platform helps organizations detect and recover from ransomware attacks faster than "traditional" methods.
• Billions of Android Devices Open to 'Dirty Stream' Attack May 2, 2024
  Microsoft has uncovered a common vulnerability pattern in several apps allowing code execution; at least four of the apps have more than 500 million installations each; and one, Xiaomi's File Manager, has at least 1 billion installations.
• DPRK's Kimsuky APT Abuses Weak DMARC Policies, Feds Warn May 2, 2024
  Organizations can go a long way toward preventing spoofing attacks by changing one basic parameter in their DNS settings.
• Software Security: Too Little Vendor Accountability, Experts Say May 2, 2024
  Actual legislation is a long shot and a decade away, but policy experts are looking to jump-start the conversation around greater legal liability for insecure software products.
• Hacker Sentenced After Years of Extorting Psychotherapy Patients May 2, 2024
  Two years after a warrant went out for his arrest, Aleksanteri Kivimäki finally has been found guilty of thousands of counts of aggravated attempted blackmail, among other charges.
• Dropbox Breach Exposes Customer Credentials, Authentication Data May 2, 2024
  Threat actor dropped in to Dropbox Sign production environment and accessed emails, passwords, and other PII, along with APIs, OAuth, and MFA info.

Full Disclosure

• Live2D Cubism refusing to fix validation issue leading to heap corruption. May 3, 2024
  Posted by PT via Fulldisclosure on May 03Live2D Cubism is the dominant "vtuber" software suite for 2D avatars for use in livestreaming and integrating them in other software. They publish various SDKs and a frameworks for integrating their libraries with your own program. You're supposed to use those to deserialize and render/animate the models created […]
• Microsoft PlayReady white-box cryptography weakness May 1, 2024
  Posted by Security Explorations on May 01Hello All, There is yet another attack possible against Protected Media Path process beyond the one involving two global XOR keys [1]. The new attack may also result in the extraction of a plaintext content key value. The attack has its origin in a white-box crypto [2] implementation. More […]
• Defense in depth -- the Microsoft way (part 87): shipping more rotten software to billions of unsuspecting customers April 24, 2024
  Posted by Stefan Kanthak on Apr 24Hi @ll, this post is a continuation of and With the release of .NET Framework 4.8 in April 2019, Microsoft updated the following paragraph of the MSDN article "What's new in .NET Framework" | Starting with .NET Framework 4.5, the clrcompression.dll assembly...
• Response to CVE-2023-26756 - Revive Adserver April 24, 2024
  Posted by Matteo Beccati on Apr 24CVE-2023-26756 has been recently filed against the Revive Adserver project. The action was taken without first contacting us, and it did not follow the security process that is thoroughly documented on our website. The project team has been given no notice before or after the disclosure. Our team has […]
• BACKDOOR.WIN32.DUMADOR.C / Remote Stack Buffer Overflow (SEH) April 19, 2024
  Posted by malvuln on Apr 19Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/6cc630843cabf23621375830df474bc5.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Dumador.c Vulnerability: Remote Stack Buffer Overflow (SEH) Description: The malware runs an FTP server on TCP port 10000. Third-party adversaries who can reach the server can send a specially […]
• SEC Consult SA-20240418-0 :: Broken authorization in Dreamehome app April 19, 2024
  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 19SEC Consult Vulnerability Lab Security Advisory < 20240418-0 > ======================================================================= title: Broken authorization product: Dreamehome app vulnerable version:
• MindManager 23 - full disclosure April 19, 2024
  Posted by Pawel Karwowski via Fulldisclosure on Apr 19Resending! Thank you for your efforts. GitHub - pawlokk/mindmanager-poc: public disclosure Affected application: MindManager23_setup.exe Platform: Windows Issue: Local Privilege Escalation via MSI installer Repair Mode (EXE hijacking race condition) Discovered and reported by: Pawel Karwowski and Julian Horoszkiewicz (Eviden Red Team) Proposed mitigation:...
• CVE-2024-31705 April 14, 2024
  Posted by V3locidad on Apr 14CVE ID: CVE-2024-31705 Title : RCE to Shell Commands" Plugin / GLPI Shell Command Management Interface Affected Product : GLPI - 10.X.X and last version Description: An issue in Infotel Conseil GLPI v.10.X.X and after allows a remote attacker to execute arbitrary code via the insufficient validation of user-supplied input. […]
• SEC Consult SA-20240411-0 :: Database Passwords in Server Response in Amazon AWS Glue April 14, 2024
  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 14SEC Consult Vulnerability Lab Security Advisory < 20240411-0 > ======================================================================= title: Database Passwords in Server Response product: Amazon AWS Glue vulnerable version: until 2024-02-23 fixed version: as of 2024-02-23 CVE number: - impact: medium homepage: https://aws.amazon.com/glue/ found:...
• [KIS-2024-03] Invision Community <= 4.7.16 (toolbar.php) Remote Code Execution Vulnerability April 11, 2024
  Posted by Egidio Romano on Apr 10------------------------------------------------------------------------------ Invision Community