Category: alerts

Misconfigured permissions for Argo’s web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers. Read more

Original release date: July 21, 2021 As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed 13 malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following 13 malware analysis reports (MARs) for threat actor techniques, tactics, and procedures (TTPs) and indicators of compromise (IOCs)… Read more

Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others. Read more

The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode. Read more

Original release date: July 20, 2021 Protecting our Nation’s critical infrastructure is the responsibility of federal and state, local, tribal, and territorial (SLTT) governments and owners and operators of that infrastructure. The cybersecurity threats posed to the industrial control systems (ICS) that control and operate critical infrastructure are among the most significant and growing issues… Read more

Original release date: July 20, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise (IOCs), provided in this advisory in 2012 to affected organizations and… Read more

A format-string bug believed to be a low-risk denial-of-service issue turns out to be much nastier than expected. Read more

Original release date: July 19, 2021 Fortinet has released security advisory FG-IR-21-067 to address a use-after-free vulnerability in the FortiManager fgfmsd daemon. A use-after-free condition occurs when a program marks a section of memory as free but then subsequently tries to use that memory, which could result in a program crash. The use of previously… Read more

Original release date: July 19, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info echobh — sharecare Echo ShareCare 8.15.5 is susceptible to SQL injection vulnerabilities when processing remote input from both authenticated and unauthenticated users, leading to the ability to bypass authentication, exfiltrate Structured Query Language (SQL)… Read more

Original release date: July 19, 2021 CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have observed increasingly sophisticated Chinese state-sponsored activity targeting U.S. political, economic, military, educational, and critical infrastructure personnel and organizations. In response: The White House has released a statement attributing recent Microsoft Exchange server exploitation activity to… Read more