ECHO Network

Subscribe to  ECHO Network hírcsatorna
RSS feed from the corresponding page on http://emm.newsbrief.eu/NewsBrief
Frissítve: 3 óra 32 perc
7 óra 48 perc

Security Bulletin: A vulnerability in Apache ActiveMQ affects IBM Operations Analytics Predictive Insights (CVE-2020-13947)

Share this post: Apache ActiveMQ is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. CVE(s): Affected product(s) and affected version(s): IBM Product Security Vulnerabilities.
8 óra 19 perc

Mageia 2021-0253: slurm security update>

MGASA-2021-0253 - Updated slurm packages fix a security vulnerability Publication date: 13 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0253.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-31215 SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.
8 óra 19 perc

Mageia 2021-0254: wpa_supplicant, hostapd security update>

MGASA-2021-0254 - Updated wpa_supplicant, hostapd packages fix security vulnerability Publication date: 13 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0254.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-30004 The wpa_supplicant and hostapd packages are updated to fix a....
8 óra 19 perc

Mageia 2021-0256: microcode security update>

MGASA-2021-0256 - Updated microcode packages fix security vulnerabilities Publication date: 13 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0256.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2020-24489, CVE-2020-24511, CVE-2020-24513 Updated microcodes for Intel processors,....
8 óra 19 perc

Mageia 2021-0258: kernel-linus security update>

MGASA-2021-0258 - Updated kernel-linus packages fix security vulnerabilities Publication date: 13 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0258.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139, CVE-2020-26141,....
8 óra 28 perc

Ransomware is biggest online threat to people in UK, spy agency chief to warn

via theguardian.com GCHQ cybersecurity boss sounds alarm over extortion by hackers who are mostly based in former Soviet statesRansomware represents the biggest threat to online security for most people and businesses in the UK, the head of GCHQ’s cybersecurity arm is to warn.
10 óra 13 perc

Observable discrepancy in aaugustin websockets

Security Advisory. This security advisory describes one low risk vulnerability. Description. CWE-203 - Observable discrepancy The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to observable timing discrepancy on server when HTTP Basic....
2021. június 13.

Blue Team Detection: DarkSide Ransomware Malware write-ups can be found in abundance online, they are often written from the point of view of a malware researcher who focuses on the deep internals of how malicious software works.

Malware write-ups can be found in abundance online, they are often written from the point of view of a malware researcher who focuses on the deep internals of how malicious software works, in some cases the information provided cannot be used to derive actionable interligience and defence mechanisms by cyber security blue teams.
2021. június 13.

GitHub Releases Key Findings of an Easy-to-Exploit Linux flaw

Kevin Backhouse, a researcher at GitHub Security Lab revealed the details of an easy-to-exploit Linux flaw that can be exploited to escalate privileges to root on the targeted system. The vulnerability, classified as highly critical and termed as CVE-2021-3560, affects polkit, a system service installed by default on many Linux distributions.
2021. június 13.

Vigil@nce - Mosquitto: Man-in-the-Middle, analyzed on 13/04/2021

The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them. Synthesis of the vulnerability An attacker can act as a Man-in-the-Middle on Mosquitto, in order to read or write data in the session.
2021. június 13.

REvil Hits US Nuclear Weapons Contractor: Report

The researchers noted that RDP “was implicated as one of the most common methods of breaching a network in cases we were called in to investigate, which is why shutting off the outside world’s access to RDP is one of the most effective defenses an IT admin can take.
2021. június 13.

TryHackMe: That’s The Ticket Walkthrough

IT Support are going to have a bad day, can you get into the admin account? You can access the room through this link: https://tryhackme.com/room/thatstheticket Hello everyone, this is Mrinal Prakash aka EMPHAY and today I am going to take you to the walkthrough of the room- “That’s The Ticket” which is a pretty beginner friendly room.
2021. június 13.

VulnHub — BlueMoon:2021 Walkthrough

VulnHub BlueMoon ( https://www.vulnhub.com/entry/bluemoon-2021,679/ ) is an easy level boot2root CTF challenge, where you have to grab 3 flags on your way towards root. Let us begin with finding the IP of the box. Nmap was used to find the IP of the BlueMoon VM as follows. Finding the IP of BlueMoon VM.
2021. június 13.

AI can now convincingly mimic cybersecurity experts and medical researchers

An independent news and commentary website produced by academics and journalists. An independent news and commentary website produced by academics and journalists. If you use such social media websites as Facebook and Twitter, you may have come across posts flagged with warnings about misinformation.
2021. június 13.

Vigil@nce - Node.js set-or-get: read-write access via Prototype Pollution, analyzed on 13/04/2021

Synthesis of the vulnerability An attacker can bypass access restrictions via Prototype Pollution of Node.js set-or-get, in order to read or alter data. Vulnerable systems: Severity of this threat: 2/4. Creation date: 13/04/2021. Références of this weakness: , VIGILANCE-VUL-35060.
2021. június 13.

Vigil@nce - Node.js mongodb-client-encryption: Man-in-the-Middle via Improper Certificate Validation, analyzed on 13/04/2021

Synthesis of the vulnerability An attacker can act as a Man-in-the-Middle via Improper Certificate Validation on Node.js mongodb-client-encryption, in order to read or write data in the session. Impacted products: Severity of this bulletin: 2/4. Creation date: 13/04/2021. Références of this threat: https://nvd.
2021. június 13.

No new COVID-19 cases for second time in a week

No new COVID-19 cases were detected over the past 24 hours, Health Minister Chris Fearne said on Sunday morning. In a post on Twitter, the minister said "Good morning. Zero day today." Malta has now been registering a low number of new cases daily for more than a month. There have also been no deaths for nearly three weeks.
2021. június 13.

L’hebdo des cyber-menaces (13 juin 2021)

This week the world saw the return of a depressing routine: new breathless headlines about another data breach … Also depressingly unsurprising? The claim of ” 8.4 billion leaked passwords” spread like wildfire among particularly shameless blogs and even a couple tabloids and majors; the hack was....
2021. június 13.

The M.T.A. Is Breached by Hackers as Cyberattacks Surge

A hacking group believed to have links to the Chinese government penetrated the Metropolitan Transportation Authority’s computer systems in April, exposing vulnerabilities in a vast transportation network that carries millions of people every day, according to an M.T.A. document that outlined the breach.
2021. június 13.

2021年6月のセキュリティアップデートレビュー解説

■Adobe社による2021年6月のセキュリティアップデート. 今月Adobe社は、「Adobe Connect」、「Acrobat および Reader」、「Photoshop」、「Photoshop Elements」、「Experience Manager」、「Creative Cloud」、「Photoshop Elements」、「Experience Manager」、「Creative Cloud」、「RoboHelp」、「Premiere Elements」、「Animate」、「After Effects」に確認された39件の脆弱性に対処する10件のパッチをリリースしました。確....