Share

RSS

More Articles…

• Hadoop Open Data Model: “open” data collection
• Pass the Ticket: how to mitigate it with a SOCaaS
• Use cases of a SOCaaS for companies part 2
• Use cases of a SOCaaS for companies part 1
• NIST Cybersecurity Framework
• “Left of boom” and “right of boom”: having a winning strategy
• Smishing: a fraud similar to phishing
• Network Traffic Analyzer: an extra gear for the Next Gen SIEM

Categories …

• Backup as a Service (2)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (20)
• Conferenza Cloud (4)
• ICT Monitoring (4)
• Log Management (2)
• News (18)
• ownCloud (4)
• Privacy (7)
• Secure Online Desktop (14)
• Security (14)
  • Cyber Threat Intelligence (CTI) (3)
  • Ethical Phishing (8)
  • SOCaaS (24)
    • SIEM (10)
    • SOAR (2)
    • UEBA (7)
  • Vulnerabilities (84)
• Web Hosting (15)

Tags

Dark Reading

• Ransomware Rise Pushes Organizations to Prepare for Attack October 23, 2021
  Ransomware attacks continue to grow in number and severity, data shows, but organizations are stepping up to prepare for the threat.
• aDolus Raises $2.5M to Secure Critical Infrastructure and Grow Sales and Marketing Team October 22, 2021
  Software supply chain security experts to drive aggressive go-to-market strategy
• 'TodayZoo' Phishing Kit Cobbled Together From Other Malware October 22, 2021
  Microsoft's analysis of a recent phishing attack shows how cybercriminals are mixing and matching to efficiently develop their attack frameworks.
• 7 Ways to Lock Down Enterprise Printers October 22, 2021
  Following the PrintNightmare case, printer security has become a hot issue for security teams. Here are seven ways to keep printers secure on enterprise networks.
• What Does Better Insider Risk Management Look Like? October 22, 2021
  Conventional data security tools do not address insider risk — a growing problem in today's remote-hybrid world. We need a better way to manage insider risk.
• What Squid Game Teaches Us About Cybersecurity October 22, 2021
  When life inside the security operations center feels treacherous, here are some suggestions for getting out alive.
• Google Buckles Down on Android Enterprise Security October 21, 2021
  The launch of Android 12 brings several new default security features, along with new security efforts for Android Enterprise.
• Malware Abuses Core Features of Discord October 21, 2021
  Researchers warn that Discord's bot framework can be easily weaponized.
• Cybrary Launches New Partnership with Check Point Software to Make Cybersecurity Training Accessible to All October 21, 2021
  Online cybersecurity professional development platform bolsters the Check Point Education Initiative.
• Security Teams Still Favor Prevention Over Detection October 21, 2021
  Security leaders are adopting a multilayered approach to address new security threats and risks.

Full Disclosure

• [CSA-2021-003] Remote Code Execution in GridPro Request Management for Windows Azure Pack October 22, 2021
  Posted by Certitude - Advisories on Oct 22~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~ Certitude Securtiy Advisory - CSA-2021-003 ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ PRODUCT […]
• Onapsis Security Advisory 2021-0020: SAP Enterprise Portal - Exposed sensitive data in html body October 22, 2021
  Posted by Onapsis Research via Fulldisclosure on Oct 22# Onapsis Security Advisory 2021-0020: SAP Enterprise Portal - Exposed sensitive data in html body ## Impact on Business One HTTP endpoint of the portal exposes sensitive information that could be used by an attacker with administrator privileges, in conjunction with other attacks (e.g. XSS). ## Advisory […]
• Onapsis Security Advisory 2021-0019: [Multiple CVEs] Memory Corruption vulnerability in SAP NetWeaver ABAP IGS service October 22, 2021
  Posted by Onapsis Research via Fulldisclosure on Oct 22# Onapsis Security Advisory 2021-0019: [Multiple CVEs] Memory Corruption vulnerability in SAP NetWeaver ABAP IGS service ## Impact on Business An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error in the system […]
• Onapsis Security Advisory 2021-0018: [Multiple CVEs] Memory Corruption vulnerability in SAP NetWeaver ABAP Gateway service October 22, 2021
  Posted by Onapsis Research via Fulldisclosure on Oct 22# Onapsis Security Advisory 2021-0018: [Multiple CVEs] Memory Corruption vulnerability in SAP NetWeaver ABAP Gateway service ## Impact on Business An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error in the system […]
• Onapsis Security Advisory 2021-0017: [Multiple CVEs] Memory Corruption vulnerability in SAP NetWeaver ABAP Enqueue service October 22, 2021
  Posted by Onapsis Research via Fulldisclosure on Oct 22# Onapsis Security Advisory 2021-0017: [Multiple CVEs] Memory Corruption vulnerability in SAP NetWeaver ABAP Enqueue service ## Impact on Business An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error in the system […]
• Onapsis Security Advisory 2021-0016: XXE in SAP JAVA NetWeaver System Connections October 22, 2021
  Posted by Onapsis Research via Fulldisclosure on Oct 22# Onapsis Security Advisory 2021-0016: XXE in SAP JAVA NetWeaver System Connections ## Impact on Business A high-privileged SAP JAVA NetWeaver user is able to abuse an XXE vulnerability with the goal of reading files from the OS (compromising confidentiality) and/or making system processes crash (compromising availability). […]
• Onapsis Security Advisory 2021-0015: [Multiple CVEs] Memory Corruption vulnerability in SAP NetWeaver ABAP Dispatcher service October 22, 2021
  Posted by Onapsis Research via Fulldisclosure on Oct 22# Onapsis Security Advisory 2021-0015: [Multiple CVEs] Memory Corruption vulnerability in SAP NetWeaver ABAP Dispatcher service ## Impact on Business An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error in the system […]
• Backdoor.Win32.LanaFTP.k / Heap Corruption October 19, 2021
  Posted by malvuln on Oct 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/e2660742a80433e027ee9bdedc40e190.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.LanaFTP.k Vulnerability: Heap Corruption Description: The malware listens on TCP port 1075. Third-party attackers who can reach the server can send a specially crafted sequential payload causing a heap corruption. Type: […]
• Backdoor.Win32.LanFiltrator.11.b / Unauthenticated Remote Command Execution October 19, 2021
  Posted by malvuln on Oct 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/9f87546e667e5af59a8580ddf7fd43c7.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.LanFiltrator.11.b Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP ports 999, 888. Third-party attackers who can reach the system can execute commands made available by the malware....
• Virus.Win32.Ipamor.c / Unauthenticated Remote System Reboot October 19, 2021
  Posted by malvuln on Oct 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/bbf032a3aa288f02403295f0472d1f05.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Virus.Win32.Ipamor.c Vulnerability: Unauthenticated Remote System Reboot Description: The malware listens on UDP port 139. Third-party attackers can send a single uppercase char "D" datagram packet to the infected machine causing it […]