You might be interested in …

[BleepingComputer] New unofficial Windows patch fixes more PetitPotam attack vectors

A second unofficial patch for the Windows PetitPotam NTLM relay attack has been released to fix further issues not addressed by Microsoft’s official security update. […] Source: Read More (BleepingComputer)

Read More

[SANS ISC] Correctly Validating IP Addresses: Why encoding matters for input validation., (Mon, May 10th)

All posts, Sans-ISC

Recently, a number of libraries suffered from a very similar security flaw: IP addresses expressed in octal were not correctly interpreted. The result was that an attacker was able to bypass input validation rules that restricted IP addresses to specific subnets.  The vulnerability was documented in (this list is unlikely to be complete): Node.js netmask […]

Read More

Daily NCSC-FI news followup 2021-01-06

FBI, CISA, NSA Officially Blame Russia for SolarWinds Cyber Attack thehackernews.com/2021/01/fbi-cisa-nsa-officially-blames-russia.html The U.S. government on Tuesday formally pointed fingers at the Russian government for orchestrating the massive SolarWinds supply chain attack that came to light early last month. Lisäksi: This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.