ClearInfosec TIB Logo
Date:Aug 11, 2021
 
      Cyber Security News
  CISA to partner with Amazon Google Microsoft Verizon AT&T and more for cyberdefense initiative
CISA director Jen Easterly said the initiative was being created now so they can "plan for how we're going to respond in wartime."
Read More...
  Black Hat: Charming Kitten Leaves More Paw Prints
IBM X-Force detailed the custom-made "LittleLooter" data stealer and 4+ hours of ITG18 operator training videos revealed by an opsec goof.
Read More...
  Chaos Malware Walks Line Between Ransomware and Wiper
The dangerous malware has been rapidly developed since June and could be released into the wild soon.
Read More...
  Critical Cisco Bug in VPN Routers Allows Remote Takeover
Security researchers warned that at least 8,800 vulnerable systems are open to compromise.
Read More...
  Edge Super Duper Secure Mode turns off the JavaScript JIT compiler for extra security
Microsoft experiments with disabling the JIT JavaScript compiler in an effort to provide better security.
Read More...
      Best Practices
  4 things you should know about cybersecurity pros
The 5th annual Life and Times of Cybersecurity Professionals report from ESG and the Information Systems Security Association (ISSA) provides valuable insigh...
Read More...
  CISOs: Do you know whats in your company’s products?
In the guidance issued by the Cybersecurity and Infrastructure Security Agency (CISA) in April 2021 on securing one’s supply chain, a portion of the guidance...
Read More...
  BrandPost: How to Implement Secure Configurations Faster Than Ever
Secure configurations are a key best practice for limiting an organization’s cyber vulnerabilities. Since applications, hardware, and technology systems typi...
Read More...
  17 cybersecurity startups to watch
If you want to know what’s new in cybersecurity, watch what the startup vendors are doing. They typically begin with an innovative idea and are unfettered by...
Read More...
      New Threats and Vulnerabilities
  CVE-2021-22240
Improper access control in GitLab EE versions 13.11.6, 13.12.6, and 14.0.2 allows users to be created via single sign on despite user cap being enabled
Read More...
  CVE-2021-22928
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile M...
Read More...
  CVE-2021-29977
Mozilla developers reported memory safety bugs present in Firefox 89. Some of these bugs showed evidence of memory corruption and we presume that with enough ef...
Read More...
  CVE-2021-3679
A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a spec...
Read More...
  CVE-2021-36277
Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper Certificate Verification vulnerability. A local authenticated m...
Read More...
      Patch Management
  Zoom Settlement: An $85M Business Case for Security Investment  
Zoom’s security lesson over end-to-end encryption shows the costs of playing cybersecurity catchup.
Read More...
  Actively Exploited Windows Zero-Day Gets a Patch
Microsoft's August 2021 Patch Tuesday addressed a smaller set of bugs than usual, including more Print Spooler problems, a zero-day and seven critical vulnerabi...
Read More...