Be Careful with RPMSG Files
https://isc.sans.edu/forums/diary/Be+careful+with+RPMSG+files/28292/
QNAP Auto Update Clarification
https://www.qnap.com/en/security-news/2022/descriptions-and-explanations-of-the-qts-quts-hero-recommended-version-feature
Samba Vulnerability
https://kb.cert.org/vuls/id/119678
Exposed Datacenter Management
https://www.bleepingcomputer.com/news/security/over-20-000-data-center-management-systems-exposed-to-hackers/
Expat Vulnerability
https://github.com/libexpat/libexpat/blob/master/expat/Changes
A new eBook, Optimal Use of Video Systems for K-12 School Security, helps security leaders identify effective implementations of video surveillance in the educational sector.
Malicious ISO Embedded in an HTML Page
https://isc.sans.edu/forums/diary/Malicious+ISO+Embedded+in+an+HTML+Page/28282/
YARA Console Module
https://isc.sans.edu/forums/diary/YARAs+Console+Module/28288/
Attackers Attaching Devices to Azure AD
https://www.microsoft.com/security/blog/2022/01/26/evolved-phishing-device-registration-trick-adds-to-phishers-toolbox-for-victims-without-mfa/
QNAP Forced Updates
https://www.reddit.com/r/qnap/comments/sdsf02/i_just_suffered_what_i_believe_to_be_a_forced/huhfmjc/
One challenge for supply chain security practitioners is choosing which of the multitude of guidance documents and best practice frameworks to use when building a cyber supply chain risk management (C-SCRM) program. Let’s explore each framework.
Ellen Tannor, new Executive Director at the Overseas Security Advisory Council (OSAC), tells Security about her journey into security and diplomacy, the ambitions she has for OSAC and its growth, advice for advancing security careers and more!
Technical Analysis of CVE-2022-22583
https://perception-point.io/technical-analysis-of-cve-2022-22583-bypassing-macos-system-integrity-protection/
https://isc.sans.edu/forums/diary/Apple+Patches+Everything/28280/
Little Snitch Firewall Bypass
https://rhinosecuritylabs.com/network-security/bypassing-little-snitch-firewall/
DazzleSpy Malware
https://www.welivesecurity.com/2022/01/25/watering-hole-deploys-new-macos-malware-dazzlespy-asia/
Geoffrey Parker: Building an Intelligent, Automated Tiered Phishing System
https://www.sans.edu/cyber-research/building-an-intelligent-automated-tiered-phishing-system-matching-the-message-level-to-user-ability/
Implementing strong cyber hygiene will sharpen standardization throughout your organization will in turn bring about an increase in security and efficiency.
Over 20 Thousand Servers Have Their iLO Interfaces exposed to the Internet
https://isc.sans.edu/forums/diary/Over+20+thousand+servers+have+their+iLO+interfaces+exposed+to+the+internet+many+with+outdated+and+vulnerable+versions+of+FW/28276/
Apple Patches and Exploits
https://support.apple.com/en-us/HT201222
https://www.ryanpickren.com/safari-uxss
Let’s Encrypt Fixes Problems and Revoces Certificates
https://community.letsencrypt.org/t/changes-to-tls-alpn-01-challenge-validation/170427
With multi-million-dollar ransoms and threats to public safety, the stakes are high. Security leaders can no longer afford to leave vulnerabilities unaddressed for five months or five years.
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
PHPSESSID | session | This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed. |
pmpro_visit | session | The cookie is set by PaidMembership Pro plugin. The cookie is used to manage user memberships. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |