Read Time:7 Second
FEDORA-2022-6fa6d8f3e6
Packages in this update:
firefox-103.0.1-1.fc35
Update description:
Update to latest upstream (103.0.1)
Daily Archives: August 4, 2022
11 stakeholder strategies for red team success
Read Time:32 Second
Red teams are a necessary evil – literally – in today’s cyber threat landscape. Motivations for engaging in offensive testing activities can vary from regulatory requirements to certification aspirations. Truly proactive and progressive security programs incorporate offensive operations almost immediately as security is built and defined.
Most organizations start with vulnerability scanning and then move into penetration testing (pentesting), taking the vulnerability scan one step farther from guessing a vulnerability could be exploited to proving exactly how it can be. Red team programs are often, incorrectly, synonymously associated with pentesting, but it is a very different function.
Ukraine Shutters Major Russian Bot Farm
Experts Warn of Fake Football Ticket Scams
ZDI-22-1047: Cisco RV340 wfapp Command Injection Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability.
ZDI-22-1046: Docker Desktop Exposed Dangerous Method Local Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1045: Microsoft Windows win32kfull UMPDDrvStrokeAndFillPath Use-After-Free Local Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Multiple Vulnerabilities in Cisco Small Business RV Series Routers Could Allow for Remote Code Execution
Read Time:17 Second
Multiple vulnerabilities have been discovered in Cisco Small Business RV Series Routers, the most severe of which could allow for remote code execution. Cisco Small Business RV Series Routers is a series of routers released by Cisco. Successful exploitation of this vulnerability, could allow a user to execute code in the context of the router.