Share

RSS

More Articles…

• Predictive cybersecurity with our SOCaaS
• Secure Online Desktop 10 years later: our corporate anniversary
• Air-Fi: attacking computers that are disconnected and without network hardware is possible
• Examples of phishing: the latest campaigns mentioned by the CSIRT
• Event Overload? Our SOCaaS can help!
• Business email compromise (BEC) schemes
• XDR as an approach to security
• What is threat intelligence?

Categories …

• Backup as a Service (2)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (20)
• Conferenza Cloud (4)
• ICT Monitoring (4)
• Log Management (2)
• News (18)
• ownCloud (4)
• Privacy (6)
• Secure Online Desktop (14)
• Security (11)
  • Ethical Phishing (6)
  • SOCaaS (19)
    • SIEM (8)
    • SOAR (2)
    • UEBA (5)
  • Vulnerabilities (83)
• Web Hosting (15)

Tags

Dark Reading:

• Did Companies Fail to Disclose Being Affected by SolarWinds Breach? June 21, 2021
  The SEC has sent out letters to some investment firms and publicly listed companies seeking information, Reuters says.
• Software-Container Supply Chain Sees Spike in Attacks June 21, 2021
  Attackers target companies' container supply chain, driving a sixfold increase in a year, aiming to steal processing time for cryptomining and compromise cloud infrastructure.
• Data Leaked in Fertility Clinic Ransomware Attack June 21, 2021
  Reproductive Biology Associates says the data of 38,000 patients may have been compromised in the April cyberattack.
• Baltimore County Public Schools' Ransomware Recovery Tops $8M June 21, 2021
  The school district has spent seven months and a reported $8.1 million recovering from the November attack.
• Fintech at SaaS Speed June 21, 2021
• Are Ransomware Attacks the New Pandemic? June 21, 2021
  Ransomware has been a problem for decades, so why is government just now beginning to address it?
• Attackers Find New Way to Exploit Google Docs for Phishing June 18, 2021
  Tactic continues recent trend by attackers to use trusted cloud services to send and host malicious content.
• Accidental Insider Leaks Prove Major Source of Risk June 18, 2021
  Research reports highlight growing concerns around insider negligence that leads to data breaches.
• This Week in Database Leaks: Cognyte, CVS, Wegmans June 18, 2021
  Billions of records were found exposed this week due to unprotected databases owned by major corporations and third-party providers.
• 11 Security Certifications to Seek Out This Summer June 18, 2021
  The more you know, the more you grow. The Edge takes a fresh look at leading security certifications that can help advance your career.

Full Disclosure

• Trojan-Dropper.Win32.Googite.b / Unauthenticated Remote Command Execution June 18, 2021
  Posted by malvuln on Jun 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/4a8d6bc838c09c6701abfa8b283fd0de.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Googite.b Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP ports 3388, 4488 and 10002 and drops executables under both Windows and SysWOW64 dirs. Third-party attackers who can...
• Trojan.Win32.Alien.erf / Directory Traversal June 18, 2021
  Posted by malvuln on Jun 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68_C.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan.Win32.Alien.erf Vulnerability: Directory Traversal Description: The malware deploys a Web server AM6WebMgr.exe (JAO build 809) listening on TCP port 1789. Third-party attackers who can reach an infected host can read any […]
• Trovent Security Advisory 2105-01 / CVE-2021-32612: VeryFitPro unencrypted cleartext transmission of sensitive information June 18, 2021
  Posted by Stefan Pietsch on Jun 18# Trovent Security Advisory 2105-01 # ##################################### Unencrypted cleartext transmission of sensitive information ########################################################### Overview ######## Advisory ID: TRSA-2105-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2105-01 Affected product: VeryFitPro Android mobile application (com.veryfit2hr.second) Tested versions:...
• Trojan.Win32.Alien.erf / Remote Stack Buffer Overflow June 18, 2021
  Posted by malvuln on Jun 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan.Win32.Alien.erf Vulnerability: Remote Stack Buffer Overflow Description: The malware deploys a Web server AM6WebMgr.exe (JAO build 809) listening on TCP port 1789. Third-party attackers who can reach an infected host can […]
• Trojan.Win32.Alien.erf / Remote Denial of Service June 18, 2021
  Posted by malvuln on Jun 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan.Win32.Alien.erf Vulnerability: Remote Denial of Service Description: The malware deploys a SMTP server JAOSrv821.exe listening on TCP port 25. Third-party attackers who can reach an infected host can trigger a denial […]
• Email-Worm.Win32.Kipis.a / Unauthenticated Remote Code Execution June 18, 2021
  Posted by malvuln on Jun 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/aa703bc17e3177d3b24a57c5d2a91a0c.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Email-Worm.Win32.Kipis.a Vulnerability: Unauthenticated Remote Code Execution Description: The malware listens on TCP port 1029 and writes incoming packets to an executable file that is renamed as "winlogins.exe". Third-party attackers...
• Re: popo2, kernel/tun driver bufferoverflow. June 18, 2021
  Posted by Robert Święcki on Jun 18Hi, wt., 15 cze 2021 o 09:56 KJ Jung napisał(a): While I agree that it might be not the best of programming patterns to accept length of a local stack buffer from the parent function (this can easily be misused over time), there's probably no bug here, as all […]
• Re: popo/popo2 linux kernel vulns June 18, 2021
  Posted by RaziREKT via Fulldisclosure on Jun 18Hello KJ Jung, neither of the mails you sent contain bugs. The kernel code is sound and the vulnerabilities you reported don't seem to exist. In your first mail (popo:: linux kernel vulns of it), you point out a flaw in bond_do_ioctl() and bond_set_dev_addr(). It is impossible to […]
• [SYSS-2021-007]: Protectimus SLIM NFC - External Control of System or Configuration Setting (CWE-15) (CVE-2021-32033) June 18, 2021
  Posted by Matthias Deeg on Jun 18Advisory ID: SYSS-2021-007 Product: Protectimus SLIM NFC Manufacturer: Protectimus Affected Version(s): Hardware Scheme 70 / Software Version 10.01 Tested Version(s): Hardware Scheme 70 / Software Version 10.01 Vulnerability Type: External Control of System or Configuration Setting (CWE-15) "Time Traveler Attack" Risk Level: Medium Solution Status: Open Manufacturer Notification: 2021-02-04 […]
• Backdoor.Win32.Zombam.gen / Information Disclosure June 15, 2021
  Posted by malvuln on Jun 15Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ff6516c881dee555b0cd253408b64404_D.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.gen Vulnerability: Information Disclosure Description: Zombam malware listens on TCP port 80 and deploys an unsecured HTML Web UI for basic remote administration capability. Third-party attackers who can reach an infected...