ClearInfosec TIB Logo
Date:Dec 01, 2021
 
      Cyber Security News
  HP Issues Firmware Updates for Printer Product Vulnerabilities
More than 150 HP printer models have bugs that could enable attackers to steal data and gain an initial foothold on enterprise networks.
Read More...
  This stealthy malware hides behind an impossible date
Linux remote access trojan hides behind the invalid date, February 31.
Read More...
  Unpatched Windows Zero-Day Allows Privileged File Access
A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug.
Read More...
  Google: Half of compromised cloud instances have weak or no passwords
And many attackers are installing cryptomining malware within 22 seconds of compromising cloud instances.
Read More...
  Panasonic Hit in Data Breach
Tech firm reveals that data on one of its file servers was accessed by attackers.
Read More...
      Best Practices
  NCSC warns industry academia of foreign threats to their intellectual property
CISOs of companies both small and large understand how intellectual property (IP) and company infrastructure may be targeted from one of four vectors: malevo...
Read More...
  18 cybersecurity startups to watch
If you want to know what’s new in cybersecurity, watch what the startup vendors are doing. They typically begin with an innovative idea and are unfettered by...
Read More...
  Enhancing zero trust access through a context-aware security posture
As an onslaught of ransomware attacks accelerates, cybercriminal organizations are demonstrating increasing levels of sophistication and guile. Most recently...
Read More...
  9 out of 10 Healthcare Organizations Provide Telehealth Services Yet Almost Half Face Patients Mistrust Toward Privacy
Kaspersky surveyed healthcare decision-makers to learn how the digital transformation of the industry is going and which problems they believe should be solved ...
Read More...
      New Threats and Vulnerabilities
  CVE-2021-21707
In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filenam...
Read More...
  CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote...
Read More...
  CVE-2021-36326
Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI). A remote unauthenticated attacker could p...
Read More...
  CVE-2021-38967 (mq_appliance)
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute malicious code. IBM X-Force ID: 212441.
Read More...
  CVE-2021-38147 (holmes)
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to download arbitrary files, such as reports containing sensitive information, beca...
Read More...
      Patch Management
  Black Friday shopping? FBI says beware of these holiday scams and phishing threats
The FBI expects a rise in complaints and losses to scams as shoppers hunt out bargains.
Read More...
  This stealthy malware hides behind an impossible date
Linux remote access trojan hides behind the invalid date, February 31.
Read More...
  1000 arrests made in online fraud crackdown says Interpol
Police make arrests across 22 jurisdictions as part of the operation against cyber-enabled financial crime scams, including business email compromises.
Read More...
  Hackers are targeting this Microsoft Windows Installer flaw say security researchers
Hackers can exploit the flaw to give an attacker administrator rights on a compromised system.
Read More...
  This stealthy malware delivers a silent threat that wants to steal your passwords
Cybersecurity researchers at HP Wolf Security warn about RATDispenser, a downloader that delivers trojan malware, information stealers and keyloggers.
Read More...