Cyber Security News Aggregator

Cyber Security News Aggregator

All posts tagged cyber

October 10, 2021 at 03:32AM

Posted on Author cK-botPosted in Uncategorized

■■■■□ CVE-2021-26420: Remote Code Execution In Sharepoint Via Workflow Compilation. https://www.zerodayinitiative.com/blog/2021/10/5/cve-2021-26420-remote-code-execution-in-sharepoint-via-workflow-compilation https://t.me/cKure/9724

October 10, 2021 at 12:16AM

Posted on Author cK-botPosted in Uncategorized

■■□□□ Microsoft adds tamper protection to Windows 11 security baseline. https://www.bleepingcomputer.com/news/security/microsoft-adds-tamper-protection-to-windows-11-security-baseline/ https://t.me/cKure/9722

October 10, 2021 at 12:13AM

Posted on Author cK-botPosted in Uncategorized

■■■■■ Zero-Day: add. apache 2.4.49 CVE-2021-41773 – RCE Apache 2.4.49 CVE-2021-41773 and Apache 2.4.50 CVE-2021-42013 – SCANNER/TRAVERSAL/RCE. https://github.com/rapid7/metasploit-framework/pull/15754 https://t.me/cKure/9720

October 10, 2021 at 12:09AM

Posted on Author cK-botPosted in Uncategorized

■■■■□ According to ESET’s researchers, components of FontOnLake malware are divided into three groups: Trojamized app, Rootkit, and Backdoor. Avast, Tencent and Lacework Labs are also tracking the malware. https://www.welivesecurity.com/wp-content/uploads/2021/10/eset_fontonlake.pdf https://www.hackread.com/fontonlake-rootkit-malware-linux-systems/ https://t.me/cKure/9719

October 9, 2021 at 06:57PM

Posted on Author cK-botPosted in Uncategorized

■■■■■ CVE-2021-40870 Exploitation. An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal. https://github.com/0xAgun/CVE-2021-40870 https://t.me/cKure/9716