Instructions

Share

RSS

More Articles…

• Secure Online Desktop 10 years later: our corporate anniversary
• Air-Fi: attacking computers that are disconnected and without network hardware is possible
• Examples of phishing: the latest campaigns mentioned by the CSIRT
• Event Overload? Our SOCaaS can help!
• Business email compromise (BEC) schemes
• XDR as an approach to security
• What is threat intelligence?
• Data Loss Prevention: definition and uses

Categories …

• Backup as a Service (2)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (20)
• Conferenza Cloud (4)
• ICT Monitoring (4)
• Log Management (2)
• News (18)
• ownCloud (4)
• Privacy (6)
• Secure Online Desktop (14)
• Security (11)
  • Ethical Phishing (6)
  • SOCaaS (18)
    • SIEM (8)
    • SOAR (2)
    • UEBA (5)
  • Vulnerabilities (83)
• Web Hosting (15)

Tags

Dark Reading:

• Don't Get Stymied by Security Indecision June 16, 2021
  You might be increasing cyber-risk by not actively working to reduce it.
• Thousands of VMware vCenter Servers Remain Open to Attack Over the Internet June 15, 2021
  Three weeks after company disclosed two critical vulnerabilities in the workload management utility, many organizations have not patched the technology yet, security vendor says.
• Microsoft Disrupts Large-Scale BEC Campaign Across Web Services June 15, 2021
  Attackers had used the cloud-based infrastructure to target mailboxes and add forwarding rules to learn about financial transactions.
• Security Experts Scrutinize Apple, Amazon IoT Networks June 15, 2021
  Both companies have done their due diligence in creating connected-device networks, but the pervasiveness of the devices worries some security researchers.
• Andariel Group Targets South Korean Entities in New Campaign June 15, 2021
  Andariel, designated as a sub-group of the Lazarus Group APT, has historically targeted South Korean organzations.
• Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities June 15, 2021
  Terbium Labs' products and services will become part of Deloitte's Detect & Respond lineup, the company confirms.
• What Industrial Control System Vulnerabilities Can Teach Us About Protecting the Supply Chain June 15, 2021
  Older technologies used in industrial and critical infrastructure leave the sector highly vulnerable to attack, but organizations can take steps to better protect themselves.
• How President Biden Can Better Defend the US From Russian Hacks June 15, 2021
  Wilson Center cybersecurity expert Meg King pinpoints five ambitious steps the administration should take, including a comprehensive national data breach notification protocol.
• How Does the Government Buy Its Cybersecurity? June 15, 2021
  The federal government is emphasizing cybersecurity regulation, education, and defense strategies this year.
• VPN Attacks Surged in First Quarter June 14, 2021
  But volume of malware, botnet, and other exploit activity declined because of the Emotet botnet takedown.

Full Disclosure

• Backdoor.Win32.Zombam.gen / Information Disclosure June 15, 2021
  Posted by malvuln on Jun 15Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ff6516c881dee555b0cd253408b64404_D.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.gen Vulnerability: Information Disclosure Description: Zombam malware listens on TCP port 80 and deploys an unsecured HTML Web UI for basic remote administration capability. Third-party attackers who can reach an infected...
• Backdoor.Win32.VB.pld / Unauthenticated Remote Command Execution June 15, 2021
  Posted by malvuln on Jun 15Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6ff35087d789f7aca6c0e3396984894e_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.pld Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP port 4000. Third-party attackers who can reach infected systems can connect to port 4000 and run commands made available […]
• Backdoor.Win32.VB.pld / Insecure Transit June 15, 2021
  Posted by malvuln on Jun 15Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6ff35087d789f7aca6c0e3396984894e.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.pld Vulnerability: Insecure Transit Description: The malware listens on TCP port 4000 and has a chat feature "Hnadle-X Pro V1.0 Text Chat". Messages are passed in unencrypted plaintext across the network. […]
• popo2, kernel/tun driver bufferoverflow. June 15, 2021
  Posted by KJ Jung on Jun 15Linux kernel 5.4 version. latest. __tun_chr_ioctl function of ~/drivers/net/tun.c has a stack buffer overflow vulnerability. it get's arg, ifreq_len, and copy the arg(argp) to ifr(ifreq struct) and this steps are no bounds-checking. if cmd == TUNSETIFF or TUNSETQUEUE or and so on condition then it's enter copy_from_user function area.
• Onapsis Security Advisory 2021-0014: Missing authorization check in SAP Solution Manager LM-SERVICE Component SP 11 PL 2 June 14, 2021
  Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0014: Missing authorization check in SAP Solution Manager LM-SERVICE Component SP 11 PL 2 ## Impact on Business Due to a missing authorization check in SAP Solution Manager LM-SERVICE component a remote authenticated attacker could be able to execute privileged actions in the […]
• Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication June 14, 2021
  Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication ## Impact on Business A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication, in order to connect to the respective TCP […]
• Onapsis Security Advisory 2021-0012: SAP Manufacturing Integration and Intelligence lack of server side validations leads to RCE June 14, 2021
  Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0012: SAP Manufacturing Integration and Intelligence lack of server side validations leads to RCE ## Impact on Business By abusing a Code Injection in SAP MII, an authenticated user with SAP XMII Developer privileges could execute code (including OS commands) on the server. […]
• Onapsis Security Advisory 2021-0011 Missing authorization check in SolMan End-User Experience Monitoring June 14, 2021
  Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0011: Missing authorization check in SolMan End-User Experience Monitoring ## Impact on Business Any authenticated user of the Solution Manager is able to craft/upload and execute EEM scripts on the SMDAgents affecting its Integrity, Confidentiality and Availability. ## Advisory Information - Public Release […]
• Onapsis Security Advisory 2021-0010: File exfiltration and DoS in SolMan End-User Experience Monitoring June 14, 2021
  Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0010: File exfiltration and DoS in SolMan End-User Experience Monitoring ## Impact on Business The End-User Experience Monitoring (EEM) application, part of the SAP Solution Manager, is vulnerable to path traversal. As a consequence, an unauthorized attacker would be able to read sensitive […]
• Onapsis Security Advisory 2021-0009: Hard-coded Credentials in CA Introscope Enterprise Manager June 14, 2021
  Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0009: Hard-coded Credentials in CA Introscope Enterprise Manager ## Impact on Business Unauthenticated attackers can bypass the authentication if the default passwords for Admin and Guest have not been changed by the administrator. This may impact the confidentiality of the service. ## Advisory […]