Cities, states, federal and military agencies should patch the Laserfiche CMS post-haste, said the security researcher whose jaw dropped at 50 sites hosting porn and Viagra spam.
Source: Read More (Threatpost)
You might be interested in …
[SecurityWeek] FamousSparrow Cyberspies Exploit ProxyLogon in Attacks on Governments, Hotels
A cyberespionage group active since at least 2019 started exploiting ProxyLogon one day after the Microsoft Exchange vulnerability was publicly disclosed, ESET security researchers say. read more Source: Read More (SecurityWeek RSS Feed)
[ZDNet] Toll unsure if it lawyered up to avoid ASD assistance following ransomware attack
Logistics company said it might have been the company that was flouting assistance from the ASD, even though ASD Director-General in March last year said her organisation had been working with Toll. Source: Read More (Latest topics for ZDNet in Security)
[HackerNews] Critical ThroughTek SDK Bug Could Let Attackers Spy On Millions of IoT Devices
A security vulnerability has been found affecting several versions of ThroughTek Kalay P2P Software Development Kit (SDK), which could be abused by a remote attacker to take control of an affected device and potentially lead to remote code execution. Tracked as CVE-2021-28372 (CVSS score: 9.6) and discovered by FireEye Mandiant in late 2020, the weakness concerns an […]