ClearInfosec TIB Logo
Date:Nov 10, 2021
 
      Cyber Security News
  Native Tribal Casinos Taking Millions in Ransomware Losses
An FBI notification is warning of an uptick in attacks against tribal casinos.
Read More...
  Google Ads for Faux Cryptowallets Net Scammers At Least $500K
Malicious Phantom, MetaMask cryptowallets are on the prowl to drain victim funds. 
Read More...
  Critical Linux Kernel Bug Allows Remote Takeover
The bug (CVE-2021-43267) exists in a TIPC message type that allows Linux nodes to send cryptographic keys to each other.
Read More...
  Robinhood Trading Platform Data Breach Hits 7M Customers
The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more.
Read More...
  US Defense Contractor Discloses Data Breach
Electronic Warfare Associates says an attackers infiltrated EWA email in August, which led to the exfiltration of files with personal data.
Read More...
  API Security Issues Hinder Application Delivery
A new survey explains why nearly all organizations experience API security problems to varying degrees.
Read More...
  Kaspersky Finds DDoS Attacks in Q3 Grow by 24% Become More Sophisticated
The total number of smart attacks (advanced DDoS attacks that are often targeted) increased by 31% when compared to the same period last year.
Read More...
  Banking Malware Threats Surging as Mobile Banking Increases – Nokia Threat Intelligence Report
The Nokia 2021 Threat Intelligence Report announced today shows that banking malware threats are sharply increasing as cyber criminals target the rising popular...
Read More...
      New Threats and Vulnerabilities
  CVE-2021-39903
In all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a project to a restric...
Read More...
  CVE-2021-40115
A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the i...
Read More...
  CVE-2021-29753
IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an in...
Read More...
  CVE-2021-42078
PHP Event Calendar through 2021-11-04 allows persistent cross-site scripting (XSS), as demonstrated by the /server/ajax/events_manager.php title parameter. This...
Read More...
  CVE-2021-43389 (enterprise_linux linux_kernel)
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcap...
Read More...
      Patch Management
  US offers $10 million reward for information on DarkSide leaders $5 million for affiliates
The State Department has put a bounty on the heads of the leaders of the DarkSide/BlackMatter ransomware.
Read More...
  US indicts UK resident PlugwalkJoe for cryptocurrency theft
The UK national is accused of stealing $784,000 in cryptocurrency.
Read More...
  Get patching: Cisco warns of these critical product vulnerabilities
Cisco and CISA release alerts about multiple vulnerabilities that could provide attackers with the ability to takeover networks if they're left unpatched.
Read More...
  Ransomware: Suspected REvil ransomware affiliates arrested
Suspected of about 7,000 infections, the arrested alleged affiliates asked for more than €200 million in ransom.
Read More...