#amazon

Citizen development allows users to design creative solutions for immediate problems, but it requires training and oversight to avoid security holes.

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 19 and Aug. 26. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats. As a reminder, the information provided for the following threats in this post is non-exhaustive and current as of the date of publication. Additionally, please keep in mind that IOC searching is only one part of threat hunting. Spotting a single IOC does not necessarily indicate maliciousness. Detection and coverage for the following threats is subject to updates, pending additional threat or vulnerability analysis. For the most current information, please refer to your Firepower Management Center, Snort.org, or ClamAV.net. For each threat described below, this blog post only lists 2...

Ubuntu Security Notice 5580-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Increase driven by increasingly sophisticated cyberattacks as well as increase in mobile-based business-critical applications, according to report.

Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. This is fully unauthenticated attack utilizing the trusted teleport server to deliver the payload.

Alternative cloud providers offer streamlined capabilities for penetration testing, including more accessible tools, easy deployment, and affordable pricing.

By Deeba Ahmed Other iPhone apps using in-app browsers were also tested in the research but TikTok was the only app to monitor keystrokes. This is a post from HackRead.com Read the original post: TikTok’s In-App Browser Can Monitor Your Activity on External Websites

By Deeba Ahmed The vulnerability was discovered by Atlanta-based app security firm Checkmarx while assessing the Ring doorbell app for Android.… This is a post from HackRead.com Read the original post: Critical Amazon Ring Vulnerability Could Expose Camera Recordings

Ubuntu Security Notice 5572-1 - Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information. Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information.

A security researcher claims that Apple mobile devices keep connections open if they are created before a VPN is activated.