MATLOCK.CA
108Articles
9Categories
2024-08-22Date
🚨
How do we patch the right things? - PSW #840Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such …
KEVYOUTUBE.COM — 2024-08-22
πŸ›
Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild
KEVTHEHACKERNEWS.COM — 22 Aug 2024
πŸ›
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
THEHACKERNEWS.COM — 22 Aug 2024
πŸ›
Critical Flaw in LiteSpeed Cache Plugin Actively Exploited: Over 30,000 Attacks Blocked in 24 Hours
KEVSECURITYONLINE.INFO — 22 Aug 2024
πŸ›
Google Fixes Ninth Chrome Zero-Day Exploited in Attacks This Year
BLEEPINGCOMPUTER.COM — 22 Aug 2024
πŸ›
Ingress-NGINX Annotation Validation Bypass Flaw (CVE-2024-7646) Allows Command Injection
ARMOSEC.IO — 22 Aug 2024
πŸ›
CVE-2024-7272: Critical Heap Overflow Vulnerability Discovered in FFmpeg, PoC Published
SECURITYONLINE.INFO — 22 Aug 2024
πŸ›
Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control
THEHACKERNEWS.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7967 Heap buffer overflow in Fonts
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7969 Type Confusion in V8
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7966 Out of bounds memory access in Skia
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7971 Type confusion in V8
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7965 Inappropriate implementation in V8
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7968 Use after free in Autofill
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7964 Use after free in Passwords
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7980 Insufficient data validation in Installer
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-8034 Inappropriate implementation in Custom Tabs
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-8033 Inappropriate implementation in WebApp Installs
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7981 Inappropriate implementation in Views
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-8035 Inappropriate implementation in Extensions
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
CVE-2024-41879 Adobe: CVE-2024-41879 Adobe PDF Viewer Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
CVE-2024-38209 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
CVE-2024-43477 Entra ID Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
CVE-2024-38208 Microsoft Edge for Android Spoofing Vulnerability
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
CVE-2024-38210 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7975 Inappropriate implementation in Permissions
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7976 Inappropriate implementation in FedCM
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7973 Heap buffer overflow in PDFium
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7979 Insufficient data validation in Installer
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7972 Inappropriate implementation in V8
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7978 Insufficient policy enforcement in Data Transfer
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7977 Insufficient data validation in Installer
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Chromium: CVE-2024-7974 Insufficient data validation in V8 API
MSRC.MICROSOFT.COM — 22 Aug 2024
πŸ›
Critical Flaw in LiteSpeed Cache WordPress Plugin Exposes Millions of Websites to Attack
GBHACKERS.COM — 22 Aug 2024
πŸ›
Scanning for CVE-2017-9841 Drops Precipitously
F5.COM — 22 Aug 2024
πŸ›
Scanning for CVE-2017-9841 Drops Precipitously
F5.COM — 22 Aug 2024
⚠️
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
THEHACKERNEWS.COM — 22 Aug 2024
⚠️
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access
THEHACKERNEWS.COM — 22 Aug 2024
⚠️
3 key strategies for mitigating non-human identity risks
CSOONLINE.COM — 22 Aug 2024
⚠️
How MFA gets hacked β€” and strategies to prevent it
CSOONLINE.COM — 22 Aug 2024
⚠️
Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites
SECURITYWEEK.COM — 22 Aug 2024
⚠️
Google Patches Sixth Exploited Chrome Zero-Day of 2024
KEVSECURITYWEEK.COM — 22 Aug 2024
⚠️
CISA Warns of Exploited Vulnerabilities Impacting Dahua Products
SECURITYWEEK.COM — 22 Aug 2024
⚠️
Cisco Patches High-Severity Vulnerability Reported by NSA
SECURITYWEEK.COM — 22 Aug 2024
⚠️
Experts disclosed a critical information-disclosure flaw in Microsoft Copilot Studio
SECURITYAFFAIRS.COM — 22 Aug 2024
⚠️
Man who hacked Hawaii state registry to forge his own death certificate sentenced to 81 months
LINKS.HACKLIBERTY.ORG — 22 Aug 2024
⚠️
Top US oilfield firm Halliburton hit by cyberattack, source says
REUTERS.COM — 22 Aug 2024
⚠️
Background-check giant confirms security incident leaked millions of SSNs
LINKS.HACKLIBERTY.ORG — 22 Aug 2024
⚠️
CISA Releases Five Industrial Control Systems Advisories
CISA.GOV — Thu, 22 Aug 24 1
⚠️
SolarWinds fixes hardcoded credentials flaw in Web Help Desk
BLEEPINGCOMPUTER.COM — 22 Aug 2024
⚠️
New 'ALBeast' Vulnerability Exposes Weakness in AWS Application Load Balancer
THEHACKERNEWS.COM — 22 Aug 2024
⚠️
Roast the security of my app
INFOSEC.PUB — 22 Aug 2024
⚠️
Oil Services Giant Halliburton Disrupted by Hack Attack
DATABREACHTODAY.CO.UK — 2024-08-22
⚠️
Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware
SECURITYWEEK.COM — 22 Aug 2024
⚠️
Incident Response by the Numbers
PALOALTONETWORKS.COM — 22 Aug 2024
⚠️
China-Linked β€˜Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches
SECURITYWEEK.COM — 22 Aug 2024
⚠️
Vulnerabilities, Vulnerabilities Everywhere - PSW #840
YOUTUBE.COM — 2024-08-22
⚠️
Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
THEHACKERNEWS.COM — 22 Aug 2024
⚠️
Oil Giant Halliburton Confirms Cyber Incident, Details Scarce
SECURITYWEEK.COM — 22 Aug 2024
⚠️
News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals
LASTWATCHDOG.COM — 22 Aug 2024
⚠️
Hackers are exploiting critical bug in LiteSpeed Cache plugin
BLEEPINGCOMPUTER.COM — 22 Aug 2024
⚠️
PG_MEM – A Malware Hide in Postgres Processes to Steal Data
GBHACKERS.COM — 22 Aug 2024
⚠️
Log4j Vulnerability Exploited Again To Deploy Crypto-Mining Malware
GBHACKERS.COM — 22 Aug 2024
⚠️
Developers Beware! Fake Job Offers from Legitimate Github Address
GBHACKERS.COM — 22 Aug 2024
πŸ“‹
Microsoft confirms August updates break Linux boot in dual-boot systems
BLEEPINGCOMPUTER.COM — 22 Aug 2024
πŸ“‹
Microsoft: August updates cause Windows Server boot issues, freezes
BLEEPINGCOMPUTER.COM — 22 Aug 2024
πŸ“’
Cisco security advisory (AV24-472)
CYBER.GC.CA — 2024-08-22
πŸ“’
Drupal security advisory (AV24-473)
CYBER.GC.CA — 2024-08-22
πŸ“’
Google Chrome security advisory (AV24-474)
CYBER.GC.CA — 2024-08-22
πŸ“’
SolarWinds security advisory (AV24-475)
CYBER.GC.CA — 2024-08-22
πŸ”₯
How Trend Micro Managed Detection and Response Pressed Pause on a Play Ransomware Attack
TRENDMICRO.COM — 22 Aug 2024
πŸ”₯
Qilin ransomware caught stealing credentials stored in Google Chrome
SOPHOS.COM — 22 Aug 2024
πŸ”₯
Over 100,000 Oregon Zoo visitors warned that their payment card details were stolen in security breach
BITDEFENDER.COM — 22 Aug 2024
πŸ”₯
Hacker leaks upcoming episodes of Netflix shows online following security breach
BITDEFENDER.COM — 22 Aug 2024
πŸ”₯
U.S. charges Karakurt extortion gang’s β€œcold case” negotiator
BLEEPINGCOMPUTER.COM — 22 Aug 2024
πŸ”₯
β€˜Styx Stealer’ malware developer accidentally exposes personal info to researchers in β€˜critical opsec error’
LINKS.HACKLIBERTY.ORG — 22 Aug 2024
πŸ”₯
FlightAware admits passwords, SSNs exposed for over 3 years
LINKS.HACKLIBERTY.ORG — 22 Aug 2024
πŸ”₯
Understanding the β€˜Morphology’ of Ransomware:Β A Deeper Dive
SECURITYWEEK.COM — 22 Aug 2024
πŸ”₯
Cryptohack Roundup: Investors Sue Binance
DATABREACHTODAY.CO.UK — 2024-08-22
πŸ”₯
Breach Roundup: Microsoft Fixed Copilot Studio Flaw
DATABREACHTODAY.CO.UK — 2024-08-22
πŸ”₯
US Authorities Warn Health Sector of Everest Gang Threats
DATABREACHTODAY.CO.UK — 2024-08-22
πŸ”₯
ISMG Editors: Social Engineering, Election Defense in AI Era
DATABREACHTODAY.CO.UK — 2024-08-22
πŸ”₯
Qilin ransomware now steals credentials from Chrome browsers
BLEEPINGCOMPUTER.COM — 22 Aug 2024
πŸ•΅οΈ
ISC Stormcast For Thursday, August 22nd, 2024 https://isc.sans.edu/podcastdetail/9108, (Thu, Aug 22nd)
ISC.SANS.EDU — 22 Aug 2024
πŸ•΅οΈ
Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira
SECURITYWEEK.COM — 22 Aug 2024
πŸ•΅οΈ
CrowdStrike Hits Back at Action1 Following $1 Billion Acquisition Rumors
SECURITYWEEK.COM — 22 Aug 2024
πŸ•΅οΈ
Global Cyber Agencies Unveil New Logging Standards
DATABREACHTODAY.CO.UK — 2024-08-22
πŸ•΅οΈ
North Korean Hackers Pivot Away From Public Cloud
DATABREACHTODAY.CO.UK — 2024-08-22
πŸ•΅οΈ
Microsoft AI Tour: Hear the latest product innovations to elevate your security strategy
MICROSOFT.COM — 22 Aug 2024
πŸ•΅οΈ
INE Security Launches Initiatives to Invest in the Education of Aspiring Cybersecurity Professionals
GBHACKERS.COM — 22 Aug 2024
πŸ•΅οΈ
INE Security Alert: The Steep Cost of Neglecting Cybersecurity Training
GBHACKERS.COM — 22 Aug 2024
🌐
New NGate Android malware uses NFC chip to steal credit card data
BLEEPINGCOMPUTER.COM — 22 Aug 2024
🌐
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
THEHACKERNEWS.COM — 22 Aug 2024
🌐
NGate Android malware relays NFC traffic to steal cash
WELIVESECURITY.COM — 22 Aug 2024
πŸ“‘
MegaMedusa, RipperSec’s Public Web DDoS Attack Tool
RADWARE.COM — 22 Aug 2024
πŸ“‘
The Facts About Continuous Penetration Testing and Why It’s Important
THEHACKERNEWS.COM — 22 Aug 2024
πŸ“‘
Best practices for event logging and threat detection
CYBER.GC.CA — 2024-08-22
πŸ“‘
Atlassian Patches Vulnerabilities In Bamboo, Confluence, Crowd, Jira
PACKETSTORMSECURITY.COM — 22 Aug 2024
πŸ“‘
UCSC Does Phishing Exercise With Fake Ebola Scare
PACKETSTORMSECURITY.COM — 22 Aug 2024
πŸ“‘
Hackers Leak Their Own Operations Through Exposed Telegram Bot API Tokens
PACKETSTORMSECURITY.COM — 22 Aug 2024
πŸ“‘
Google To Help Build Cyber Protection For Australian Infrastructure
PACKETSTORMSECURITY.COM — 22 Aug 2024
πŸ“‘
Novel Technique Allows Malicious Apps To Escape Walled Gardens
PACKETSTORMSECURITY.COM — 22 Aug 2024
πŸ“‘
Cisco Calls For UN To Revisit Cybercrime Convention
PACKETSTORMSECURITY.COM — 22 Aug 2024
πŸ“‘
Improvements to our SIEM in Q2 2024 | Kaspersky official blog
KASPERSKY.COM — 22 Aug 2024
πŸ“‘
Ecovacs says it will fix bugs that can be abused to spy on robot owners
TECHCRUNCH.COM — 22 Aug 2024
πŸ“‘
OpenAI Scans for Honeypots. Artificially Malicious? Action Abuse?, (Thu, Aug 22nd)
ISC.SANS.EDU — 22 Aug 2024
πŸ“‘
Confidence in GenAI: The Zero Trust Approach
TRENDMICRO.COM — 22 Aug 2024
πŸ“‘
Securing the Power of AI, Wherever You Need It
TRENDMICRO.COM — 22 Aug 2024