Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge

The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee productivity, but it also poses many security and IT challenges. Keeping track of all the SaaS applications that have been granted access to an organization's data is a difficult task. Understanding the risks that

The Hacker News
Open in Source
#google#microsoft#git#intel#aws#The Hacker News
Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack

Ukraine has come under a fresh cyber onslaught from Russia that involved the deployment of a previously undocumented Golang-based data wiper dubbed SwiftSlicer. ESET attributed the attack to Sandworm, a nation-state group linked to Military Unit 74455 of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). "Once executed it deletes shadow

Enterprises Need to Do More to Assure Consumers About Privacy

Organizations care about data privacy, but their priorities appear to be different from what their customers think are important.

How Noob Website Hackers Can Become Persistent Threats

An academic analysis of website defacement behavior by 241 new hackers shows there are four clear trajectories they can take in future, researchers say.

3 Ways ChatGPT Will Change Infosec in 2023

OpenAI's chatbot has the promise to revolutionize how security practitioners work.

Hive Ransomware Gang Disrupted; Servers and Dark Web Site Seized

By Waqas The FBI and Europol have obtained decryption keys for the Hive ransomware, which they have already shared with victims. This is a post from HackRead.com Read the original post: Hive Ransomware Gang Disrupted; Servers and Dark Web Site Seized

What Old is New Again and What's Old is Me?

Knowing what Talos IR is responding to this quarter gives you a direct view into what needs to be most secured and most analyzed to ensure your own environment remains secure.

CVE-2022-39045: TALOS-2022-1611 || Cisco Talos Intelligence Group

A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.

CVE-2022-41991: TALOS-2022-1639 || Cisco Talos Intelligence Group

A heap-based buffer overflow vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger this vulnerability.

CVE-2022-40969: TALOS-2022-1607 || Cisco Talos Intelligence Group

An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.