Author: DEFENDEDGE

A flaw in all versions of the popular C standard libraries uClibe and uClibe-ng can allow for DNS poisoning attacks against target devices. Read more

Original release date: May 2, 2022   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info jfinalcms_project — jfinalcms JFinalCMS v2.0 was discovered to contain a SQL injection vulnerability via the Article Management function. 2022-04-22 7.5 CVE-2022-27341 MISC link-admin_project — link-admin Link-Admin v0.0.1 was discovered to contain a SQL injection… Read more

A deep dive into securing containerized environments and understanding how they present unique security challenges. Read more

Exclusive Threatpost research examines organizations’ top cloud security concerns, attitudes towards zero-trust and DevSecOps. Read more

Original release date: April 28, 2022 CISA and the Federal Bureau of Investigation (FBI) have updated joint Cybersecurity Advisory AA22-057A: Destructive Malware Targeting Organizations in Ukraine, originally released February 26, 2022. The advisory has been updated to include additional indicators of compromise for WhisperGate and technical details for HermeticWiper, IsaacWiper, HermeticWizard, and CaddyWiper destructive malware.… Read more

GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of organizations. Read more

The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default. Read more

Original release date: April 27, 2022 CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK)  have released a joint Cybersecurity Advisory that… Read more

Original release date: April 27, 2022 Summary This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security… Read more

Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over systems, researchers found. Read more