A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests.
Monthly Archives: February 2022
CVE-2020-22844
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests.
How to prep for increased Russia-based cyberattacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a Shields Up advisory in response to the evolving Russia-Ukraine conflict. The agency noted, “The Russian government has used cyber as a key component of their force projection over the last decade,” and warned that Russia might consider actions aimed to disrupt outside of Ukraine.
Should you do anything at this time to protect your firm? There’s no need to scramble and make drastic changes to your network. Rather, use these events as a reason to review your network and plan for future changes. Here’s a list of actions to take:
TCS’ Cyber Defense Suite PaaS offers integrated security to enterprises
Offering to consolidate cybersecurity services on a single PaaS (platform as a service), Tata Consultancy Services (TCS) has launched Cyber Defense Suite, designed to provide end-to-end threat visibility, extended detection, and automated incident response.
The PaaS, developed to work in multicloud environments, includes security governance risk and compliance support, as well as management capabilities for digital identity and access, vulnerability remediation, and third-party cyberrisks.
“By offering multiple cybersecurity services across IT ecosystems, synergized into a single platform, the suite allows our customers to have the visibility to manage threats and risks across their entire technology landscape, rather than having to work with disparate platforms, at times from different vendors,” says Santha Subramoni, global head of cybersecurity for TCS.
US Indicts BitConnect Founder
BitConnect founder charged with operating $2.4bn global cryptocurrency scheme
Moscow Exchange Downed by Cyber-attack
USN-5309-1: virglrenderer vulnerabilities
It was discovered that virglrenderer incorrectly handled memory. An
attacker inside a guest could use this issue to cause virglrenderer to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2022-0135)
It was discovered that virglrenderer incorrectly initialized memory. An
attacker inside a guest could possibly use this issue to obtain sensitive
host information. (CVE-2022-0175)
#MWC2022: Creating Trust and Safety During the New Technology Revolution
Building trust and safety will be crucial to facilitating enormous technological advancements
Dll Hijacking Vulnerability found in Rufus-3.17.1846 from Akeo Consulting
Posted by YEUNG, Tsz Ko on Feb 28
Hi all,
I would like to disclose a vulnerability that I just found today.
Details below:
Vulnerable Software and Version:
1. Rufus 3.17.1846 executable
2. Rufus 3.17.1846 portable executable
Vulnerable software download link:
https://rufus.ie/en/
https://github.com/pbatard/rufus/releases/tag/v3.17
Date discovered and reported:
25 Feb 2022
Description:
Both Rufus 3.17.1846 executable AND portable executable are suffering from DLL…
Dll Hijacking Vulnerability found in Rufus-3.17.1846 from Akeo Consulting
Posted by YEUNG, Tsz Ko on Feb 28
Hi all,
I would like to disclose a vulnerability that I just found today.
Details below:
Vulnerable Software and Version:
1. Rufus 3.17.1846 executable
2. Rufus 3.17.1846 portable executable
Vulnerable software download link:
https://rufus.ie/en/
https://github.com/pbatard/rufus/releases/tag/v3.17
Date discovered and reported:
25 Feb 2022
Description:
Both Rufus 3.17.1846 executable AND portable executable are suffering from DLL…