ClearInfosec TIB Logo
Date:Nov 17, 2021
 
      Cyber Security News
  VP Harris announces US support for international cybersecurity partnership in Paris
Vice President Kamala Harris said the US is joining an 80-country agreement on cybersecurity norms.
Read More...
  Ransomware experts question massive Pysa/Mespinoza victim dump
The prolific ransomware group dumped more than 50 victim names onto its leak site this week.
Read More...
  Back-to-Back PlayStation 5 Hacks Hit on the Same Day
Cyberattackers stole PS5 root keys and exploited the kernel, revealing rampant insecurity in gaming devices.
Read More...
  Windows 10 Privilege-Escalation Zero-Day Gets an Unofficial Fix
Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft.
Read More...
  Mac Zero Day Targets Apple Devices in Hong Kong
Google researchers have detailed a widespread watering-hole attack that installed a backdoor on Apple devices that visited Hong Kong-based media and pro-democra...
Read More...
      Best Practices
  Top cybersecurity M&A deals for 2021
2021 is shaping up to be an active year for mergers and acquisitions in the cybersecurity industry. March alone saw more than 40 firms being acquired. The le...
Read More...
  REvil ransomware explained: A widespread extortion operation
REvil is a ransomware-as-a-service (RaaS) operation that has extorted large amounts of money from organizations worldwide over the past year. Its name stands...
Read More...
  5 IT risk assessment frameworks compared
From a cybersecurity standpoint, organizations are operating in a high-risk world. The ability to assess and manage risk has perhaps never been more important. ...
Read More...
  BrandPost: 4 Reasons to Unify Endpoint and Network Protections
The degree of damage an attack can generate isn’t limited to the initial channel of infection. Threats that take hold on a user’s device or via the core netw...
Read More...
      New Threats and Vulnerabilities
  CVE-2021-41080
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.
Read More...
  CVE-2020-4140
IBM Security SiteProtector System 3.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI ...
Read More...
  CVE-2021-36324
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI t...
Read More...
  CVE-2021-34420
The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. Th...
Read More...
  CVE-2021-41289
ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. With a general user’s permiss...
Read More...
      Patch Management
  CISA warns of equipment vulnerabilities from multiple vendors
CISA said the issues were found in equipment from Eclipse, eProsima, GurumNetworks, Object Computing, Inc. (OCI), Real-Time Innovations (RTI), and TwinOaks Comp...
Read More...
  Cisco partners with JupiterOne for cloud security platform
The Cisco Secure Cloud Insights with JupiterOne hopes to offer enterprises greater visibility into all of their cyber assets, paths toward identifying security ...
Read More...
  Ransomware gangs are now rich enough to buy zero-day flaws say researchers
Zero-day cybersecurity vulnerabilities have traditionally been the area of nation-states - but now criminal gangs have the funds to buy their own.
Read More...
  Bad Santa: Amazon Facebook top Mozillas naughty list of privacy-crushing gifts
Mozilla researchers spent over 950 hours examining 151 popular connected gifts, identifying 47 that had what they called "problematic privacy practices."
Read More...
  FBI Says Its System Was Exploited to Email Fake Cyberattack Alert
The alert was mumbo jumbo, but it was indeed sent from the bureau's email system, from the agency’s own internet address.
Read More...