CVE-2021-34392
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service.
Check Point Research has discovered new malware on Google’s Play Store that could spread through WhatsApp messages. According to the cybersecurity firm, the malware was designed with the ability to automatically respond to incoming WhatsApp messages on behalf of its victims, and the content of the response was provided by a remote server. CPR found…
Endpoint Security , Governance & Risk Management , IT Risk Management Company Advises Users to Maintain Proper Security Policies as It Prepares Hotfix Prajeet Nair (@prajeetspeaks) • June 30, 2021 (Photo: Zyxel) Zyxel, a Taiwanese networking device manufacturer, is notifying customers about an ongoing series of attacks on some of its enterprise firewall…
Summary: A potential security vulnerability in the Intel® Server Platform Services (SPS) may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-0051 Description: Improper input validation in the Intel(R) SPS versions before SPS_E5_04.
3rd Party Risk Management , Governance & Risk Management , Incident & Breach Response Avast: This Supply Chain Attack Used Cobalt Strike Prajeet Nair (@prajeetspeaks) • July 6, 2021 This bitmap image file was used for a steganography attack on MonPass. (Source: Avast) Researchers at Avast discovered a compromised server belonging to MonPass,…
Cybercrime as-a-service , Fraud Management & Cybercrime , Next-Generation Technologies & Secure Development Secureworks: New Group Apparently Waging Attacks Using Same Code Prajeet Nair (@prajeetspeaks) • June 24, 2021 Ransom note from attackers using LV malware (Source: Secureworks) A newly identified threat group is using a repurposed version of REvil ransomware to wage…
After SITA gave an official statement last Thursday affirming it had been the subject of a sophisticated cyberattack, more airlines affirmed they had been directly influenced. It seems the SITA security breach affected all carrier members of Star Alliance and the One World alliance. In a statement, SITA representative Edna Ayme-Yahil declined to say…