[SecurityWeek] How to Spot an Ineffective Security Practitioner

The Cybersecurity and Infrastructure Security Agency (CISA) added seven vulnerabilities to its catalog of Known Exploited Vulnerabilities. The vulnerabilities added include an arbitrary file upload vulnerability in Trend Micro Apex Central; an insufficient access control issue in Dell’s dbutil driver; an improper authorization vulnerability in QNAP NAS instances running HBS 3; an authentication bypass vulnerability […]

CISA also sent out an alert saying 13 pipelines had been successfully attacked between 2011 and 2013. Source: Read More (Latest topics for ZDNet in Security)

Poliisi tutkii jälleen huijauksia Mieheltä vietiin lähes 300 000 euroa poliisi.fi/-/poliisi-tutkii-jalleen-huijauksia-miehelta-vietiin-lahes-300-000-euroa Helsingin poliisi tutkii kahta erillistä tapausta, joissa uhreilta huijattiin puhelimitse ja sähköpostitse rahaa. Also: www.is.fi/digitoday/art-2000007763427.html CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit The Qualys Research Team has discovered a heap overflow vulnerability in sudo, a near-ubiquitous utility available on major Unix-like operating […]