Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access
Remote, unauthenticated cyberattackers can infiltrate and take over the Cortex XSOAR platform, which anchors unified threat intelligence and incident responses.
Vulnerabilities
Unpatched Linux Marketplace Bugs Allow Wormable Attacks, Drive-By RCE
A pair of zero-days affecting Pling-based marketplaces could allow for some ugly attacks on unsuspecting Linux enthusiasts — with no patches in sight.
SonicWall ‘Botches’ October Patch for VPN Bug
Company finally rolls out the complete fix this week for a flaw affecting some 800,000 devices that could result in crashes or prevent users from connecting to corporate resources.
These code bombs lurk in the PyPI package repository, waiting to be inadvertently baked into software developers’ applications.
A year-old proof-of-concept attack that allows an attacker to bypass TLS email protections to snoop on messages has been patched.
“No remedy available as of June 21, 2021,” according to the researcher who discovered the easy-to-exploit, no-user-action-required bug.
Chipmaker patches nine high-severity bugs in its Jetson SoC framework tied to the way it handles low-level cryptographic algorithms.
An unsophisticated campaign shows that the pandemic still has long legs when it comes to being social-engineering bait.
… until you reset network settings and stop connecting to a weirdly named network, that is. FUD is spreading. iOS Wi-Fi demolition is not.
What’s the low-hanging fruit for ransomware attackers? What steps could help to fend them off, and what’s stopping organizations from implementing those steps?
