Posted by dammitjosie— via Fulldisclosure on Feb 22
security bug:
go sumologic.com (big company, many customer)
make free account
log in account, make access key – help.sumologic.com/docs/manage/security/access-keys/
<http://help.sumologic.com/docs/manage/security/access-keys/>
download collector for windows –
help.sumologic.com/docs/send-data/installed-collectors/collector-installation-reference/download-collector-from-static-url/
<…
Cyberattacks targeting multiple data centers in several regions globally have been observed over the past year and a half, resulting in exfiltration of information pertaining to some of the world’s biggest companies and the publishing of access credentials on the dark web, according to cybersecurity company Resecurity.
“Malicious cyber activity targeting data center organizations creates a significant precedent in the context of supply chain cybersecurity,” Resecurity said in a blog post. “Resecurity expects attackers to increase malicious cyber activity related to data centers and their customers.”
Boyfriends who are bots, Facebook’s checkmark charge, Twitter Blue, and Will Ferrell’s taunt of football fans…
All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
Xi Lu discovered that missing input sanitising in Emacs (in etags, the
Ruby mode and htmlfontify) could result in the execution of arbitrary
shell commands.
Several vulnerabilities have been discovered in git, a fast, scalable,
distributed revision control system.
Multiple security vulnerabilities have been discovered in Asterisk, an Open
Source Private Branch Exchange. Buffer overflows and other programming errors
could be exploited for launching a denial of service attack or the execution of
arbitrary code.
