Podcast: Inside the Hackers’ Toolkit
InfoSec Insider Infosec Insider Post Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice…
Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws
InfoSec Insider Infosec Insider Post Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice…
Virtual Currency Platform ‘Tornado Cash’ Accused of Aiding APTs
InfoSec Insider Infosec Insider Post Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice…
Vulnerability Summary for the Week of August 1, 2022
@acrontum — filesystem-template The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input. 2022-08-05 not…
Phishers Swim Around 2FA in Coinbase Account Heists
InfoSec Insider Infosec Insider Post Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice…
Open Redirect Flaw Snags Amex, Snapchat User Data
InfoSec Insider Infosec Insider Post Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice…
VMWare Urges Users to Patch Critical Authentication Bypass Bug
InfoSec Insider Infosec Insider Post Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice…
Universities Put Email Users at Cyber Risk
InfoSec Insider Infosec Insider Post Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice…
Vulnerability Summary for the Week of July 25, 2022
@ianwalter/merge — @ianwalter/merge All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main (merge) function. Maintainer suggests using @generates/merger instead. 2022-07-25 not yet calculated CVE-2021-23397CONFIRM adobe —…
Securing Your Move to the Hybrid Cloud
InfoSec Insider Infosec Insider Post Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice…