[HackerNews] 14 New Security Flaws Found in BusyBox Linux Utility for Embedded Devices

Cybersecurity researchers on Tuesday disclosed 14 critical vulnerabilities in the BusyBox Linux utility that could be exploited to result in a denial-of-service (DoS) condition and, in select cases, even lead to information leaks and remote code execution.
The security weaknesses, tracked from CVE-2021-42373 through CVE-2021-42386, affect multiple versions of the tool ranging from 1.16-1.33.1,

Source: Read More (The Hacker News)

You might be interested in …

[SANS ISC] And Ransomware Just Got a Bit Meaner (yes… it is possible), (Thu, May 20th)

All posts, Sans-ISC

Ransomware has been evolving, and each evolution appears to be a bit “meaner” than the first. Early ransomware targeted consumers. Encrypting baby pictures, or tax records, motivated users to pay in some cases a few hundred dollars to get their data back. The attacker went for easy targets and with that for easy money. But […]

Read More

[SecurityWeek] Email Security Firm Tessian Raises $65 Million at $500 Million Valuation

All posts, Security Week

Tessian, an email security company that focuses on human error, today announced that it raised $65 million in Series C funding. The company has raised $123.7 million in total and its valuation is now $500 million. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Daily NCSC-FI news followup 2021-03-28

Krebs: No, I Did Not Hack Your MS Exchange Server krebsonsecurity.com/2021/03/no-i-did-not-hack-your-ms-exchange-server/ The Shadowserver Foundation says it has found 21, 248 different Exchange servers which appear to be compromised by a backdoor and communicating with brian[.]krebsonsecurity[.]top. The malware runs Windows Defender, which is a security product Microsoft ships with Windows devices that can help block attacks […]

Read More