Executive Summary Informations Name CVE-2021-20590 First vendor Publication 2021-04-22 Vendor Cve Last vendor Modification 2021-04-22 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
Application Security , Cloud Security , Endpoint Detection & Response (EDR) Zscaler Is Also Boosting Cloud Capabilities by Picking Up Trustdome Doug Olenick (DougOlenick) • April 24, 2021 Rapid7 is acquiring Velociraptor, an open-source, endpoint-monitoring, digital forensics and incident response organization and professional community that it will continue to operate as a stand-alone…
Blockchain & Cryptocurrency , Governance & Risk Management , IT Risk Management Discussion Also Tackles Market Trends, Nation-State Threats Anna Delaney (annamadeline) • April 23, 2021 Clockwise, from top left: Tom Field, Anna Delaney, Nick Holland and Tony Morbin Four editors at Information Security Media Group review important…
Now this botnet is hunting for unpatched Microsoft Exchange servers | IT Security News Sponsors Endpoint Cybersecurity www.endpoint-cybersecurity.com – Consulting in building your security products– Employee awareness training– Security tests for applications and pentesting… and more. Daily Summary Categories CategoriesSelect Category(ISC)2 Blog (323)(ISC)2 Blog infosec (13)(ISC)² Blog (345)2020-12-08 – Files for an ISC diary (recent Qakbot activity) (1)2020-12-11 –…
This site may earn affiliate commissions from the links on this page. Terms of use. The secure lock screens on Android and iOS devices are supposed to keep your data secure, but there are still some ways to crack the lock. You just need a capable digital crowbar like the ones made by Cellebrite. The…
Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management CISA Describes APT Group’s Methods Doug Olenick (DougOlenick) • April 23, 2021 Secureworks says the Bronze Spiral APT group was involved in the attack described by CISA. An advanced persistent threat group gained long-term access to an unnamed entity’s network through its Ivanti…
Application Security , Endpoint Security , Next-Generation Technologies & Secure Development Trojan Spreads Through Malicious Apps in Huawei App Store Akshaya Asokan (asokan_akshaya) • April 22, 2021 Huawei’s App Gallery contained malicious apps (Source: Doctor Web) Joker malware has targeted more than 500,000 Android devices across the world through malicious apps in AppGallery,…
Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion | IT Security News 23. April 2021 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed details of a new advanced persistent threat (APT) that’s leveraging the Supernova backdoor to compromise SolarWinds Orion installations after gaining access to the network through a connection to…
Crooks stole driver’s license numbers from Geico auto insurer | IT Security News 20. April 2021 Car insurance provider Geico has suffered a data breach, attackers have stolen the driver’s licenses for policyholders for several weeks. Geico, the second-largest auto insurer in the U.S., has suffered a data breach, threat actors exploited a now-fixed bug in…
Executive Summary Informations Name CVE-2021-2293 First vendor Publication 2021-04-22 Vendor Cve Last vendor Modification 2021-04-22 Security-Database Scoring CVSS v3 Cvss vector : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Overall CVSS Score 4.9 Base Score 4.9 Environmental Score 4.9 impact SubScore 3.6 Temporal Score 4.9 Exploitabality Sub Score 1.2 Attack Vector Network Attack Complexity Low Privileges Required High User Interaction…
