CVE-2021-36995

There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups...

CVE-2021-22488

There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups...

CVE-2021-36995

CVE-2021-36995 concerns Huawei smartphone software (Huawei EMUI / Magic UI) with an unauthorized file access vulnerability. The issue arises from how soft links can be modified, allowing an attacker to tamper with files restored from backups. Current documents describe the affected platforms and ...

CVE-2021-22488

There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups...

WordPress Plugin Bug Lets Subscribers Wipe Sites

Researchers have discovered a homicidal WordPress plugin that allows subscribers to wipe sites clean of content. The high-severity security flaw is found in Hashthemes Demo Importer, a plugin that’s used in more than 8,000 active installations. According to security researchers at Wordfence, the...

REvil Servers Shoved Offline by Governments

The REvil ransomware gang is unhappy, with its Happy Blog leak site and Tor payment site pushed offline yet again, this time by a multi-country battering ram. Relying on input from three private-sector cyber-experts working with the U.S. and one former official, Reuters reported on Thursday that...

Ransomware: Why do backups fail when you need them most?

Its widely known, and endlessly repeated, that the last, best line of defence against the potentially devastating effects of a ransomware attack is your backups. So why do we keep hearing things like this: Were also feeling relatively confident, we have a very good backup system … and then we fin...

BlackMatter Ransomware

Summary Actions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Usestrong, unique passwords. • Usemulti-factor authentication. • Implement network segmentation and traversal monitoring. Note: this advisory uses t...

Podcast: 67% of Orgs Have Been Hit by Ransomware at Least Once

A recent report found that two-thirds, or 67 percent, of surveyed organizations have suffered a ransomware attack, about half have been hit multiple times, and 16 percent have been hit three or more times. According to Fortinet’s Global State of Ransomware Report 2021 PDF, released last week, mos...

Conti Ransomware Expands Ability to Blow Up Backups

Good at identifying and obliterating backups? Speak Russian? The notorious Conti ransomware group may find you a fine hiring prospect. That’s according to a report published on Wednesday by cyber-risk prevention firm Advanced Intelligence, which details how Conti has honed its backup destruction ...

Securing mobile devices. A timely reminder

While home working might now be the norm for some, more and more people are going back to their place of work on a more regular basis. If you’re commuting again or if you’re responsible for securing your people’s devices it’s a good idea to revisit and review your security admin for mobile device...

CVE-2021-33692

SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories...

CVE-2019-10941

A vulnerability has been identified in SINEMA Server All versions V14 SP3. Missing authentication for functionality that requires administrative user identity could allow an attacker to obtain encoded system configuration backup files. This is only possible through network access to the affected...

Why backups aren’t a “silver bullet” against ransomware, with Matt Crape: Lock and Code S02E17

A recent spate of ransomware attacks in the US and abroad have derailed major corporations, spurring a fuel shortage on the US East Coast, shuttering grocery stores in Sweden, and sending students home from grade schools. The solution, so many cybersecurity experts say, is to implement backups,...

WhatsApp to Finally Let Users Encrypt Their Chat Backups in the Cloud

WhatsApp on Friday announced it will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as chat messages and photos in Apple iCloud or Google Drive in a cryptographically secure manner. The optional feature,...

WhatsApp Fixes Its Biggest Encryption Loophole

The ubiquitous messaging service will add end-to-end encryption to backups, keeping your chats safe no matter whose cloud they're stored in...

[SECURITY] Fedora 33 Update: libguestfs-1.44.1-2.fc33

Libguestfs is a library for accessing and modifying virtual machine disk images. http://libguestfs.org It can be used to make batch configuration changes to guests, get disk used/free statistics virt-df, perform backups and guest clones, change registry/UUID/hostname info, build guests from scrat...

3 steps to prevent and recover from ransomware

On July 14, 2021, the National Cybersecurity Center of Excellence1 NCCoE at the National Institute of Standards and Technology2 NIST hosted a virtual workshop3 to seek feedback from government and industry experts on practical approaches to preventing and recovering from ransomware and other...

Hitachi ABB Power Grids System Data Manager 加密问题漏洞

Hitachi ABB Power Grids System Data Manager is a system data manager from Hitachi, Japan. Hitachi ABB Power Grids System Data Manager is vulnerable to an encryption issue that stems from the fact that the application does not encrypt backup files. A local operating system user can modify the back...

Improper use of cryptographic key in wal-g

WAL-G before 1.1, when a non-libsodium build e.g., one of the official binary releases published as GitHub Releases is used, silently ignores the libsodium encryption key and uploads cleartext backups. This is arguably a Principle of Least Surprise violation because "the user likely wanted to...