[SecurityWeek] Remote Code Execution Vulnerability Found in AWS WorkSpaces

Rhino Security Labs researchers have identified a vulnerability in the AWS WorkSpaces desktop client that could allow an attacker to execute arbitrary code remotely.

Tracked as CVE-2021-38112, the security bug could be triggered when the user opens a malicious WorkSpaces URI from the browser, allowing a remote attacker to execute arbitrary code on the vulnerable system.

read more

Source: Read More (SecurityWeek RSS Feed)

You might be interested in …

[ZDNet] Thanks, dad: jammer used to stop kids going online, wipes out a town’s internet by mistake

All posts, ZDNet

The -interesting- control method could lead to a hefty fine and jail time. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SANS ISC] 10 Most Popular Targeted Ports in the Past 3 Weeks, (Sun, Jan 16th)

All posts, Sans-ISC

A review of all inbound connection over the past 3 weeks against my honeypot shows the top 2 targeted services were no surprise; a large amount of SSH (22, 2222) activity followed by Telnet (23) which Shodan still identifies over 2.7M hosts exposed to the Internet. I previous did a diary [5,6] comparing SSH ports & […]

Read More

Daily NCSC-FI news followup 2019-08-30

Phishers are Angling for Your Cloud Providers krebsonsecurity.com/2019/08/phishers-are-angling-for-your-cloud-providers/ Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the clients brand and their customers. Heres a look at a recent CRM-based phishing […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.