[HackerNews] Microsoft Urges Azure Users to Update PowerShell to Patch RCE Flaw

Microsoft is urging Azure users to update the PowerShell command-line tool as soon as possible to protect against a critical remote code execution vulnerability impacting .NET Core.
The issue, tracked as CVE-2021-26701 (CVSS score: 8.1), affects PowerShell versions 7.0 and 7.1 and have been remediated in versions 7.0.6 and 7.1.3, respectively. Windows PowerShell 5.1 isn’t impacted by the flaw.

Source: Read More (The Hacker News)

You might be interested in …

[SANS ISC] Arkei Variants: From Vidar to Mars Stealer, (Wed, Mar 23rd)

All posts, Sans-ISC

Introduction Sometime in 2018, a new information stealer named Vidar appeared.  Analysis revealed Vidar is an information stealer that is a copycat or fork of Arkei malware.  Since that time, Vidar has led to other Arkei-based variants.  Today’s diary reviews Vidar and two additional variants: Oski Stealer and Mars Stealer based on analysis of their […]

Read More

[SANS ISC] Xmount for Disk Images, (Thu, Nov 4th)

All posts, Sans-ISC

Recently I’ve been doing a lot of imaging and mounting different image format types. Xmount(1) has been very handy and not something I’ve used a lot in the past.  Xmount can do DD, EWF (Expert Witness Compression Format), or AFF. While mount disks haven’t changed a lot, having a combined utility that can do the […]

Read More

[TheRecord] Google touts new tool that scans for malicious packages in popular open-source repositories

The Open Source Security Foundation (OpenSSF) announced the creation of a tool that can be used to scan popular open-source repositories for malicious packages.  The Package Analysis project was touted by Google, which is a member of OpenSSF and has worked closely with the foundation on a variety of security-related projects.  The program performs dynamic […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.