Best practices for AI security risk management

Today, we are releasing an AI security risk assessment framework as a step to empower organizations to reliably audit, track, and improve the security of the AI systems. In addition, we are providing new updates to Counterfit, our open-source tool to simplify assessing the security posture of AI...

9.3M+ Androids Running ‘Malicious’ Games from Huawei AppGallery

Why would a game about a cat’s “cute diary” need permission to make phone calls or suss out your location? It doesn’t: “Cat cute diary” is one of 190 trojanized games that Doctor Web malware analysts have found on AppGallery, the official app store for Huawei Android. They’re littering the Androi...

A Simple 5-Step Framework to Minimize the Risk of a Data Breach

Today's businesses run on data. They collect it from customers at every interaction, and they use it to improve efficiency, increase their agility, and provide higher levels of service. But it's becoming painfully obvious that all of that data businesses collect has also made them an enticing...

DuckDuckGo Wants to Stop Apps From Tracking You on Android

The privacy-focused tech company's latest update promises to block invasive data collection across your whole phone...

Building Threat-Informed Defenses: Rapid7 Experts Share Their Thoughts on MITRE ATT&CK

MITRE ATT&CK is considered by practitioners and the analyst community to be the most comprehensive framework of cybersecurity attacks and mitigation techniques available today. MITRE helps the security industry speak the same language and stick to a well-known, common framework. To get more detai...

4 Simple Steps for an Effective Threat Intelligence Program

Threat intelligence is a critical part of an organization's cybersecurity strategy, but given how quickly the state of cybersecurity evolves, is the traditional model still relevant? Whether you're a cybersecurity expert or someone who's looking to build a threat intelligence program from the...

CVE-2021-40493

Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API...

ZOHO ManageEngine OpManager SQL注入漏洞

ZOHO ZOHO ManageEngine OpManager is an end-to-end integrated network management software, which can realize all-round, visualized, unified and centralized monitoring and management of IT infrastructure such as network devices, servers, hosts, WAN links, applications and services within the...

LinuxCatScale - Incident Response Collection And Processing Scripts With Automated Reporting Scripts

Linux CatScale is a bash script that uses live of the land tools to collect extensive data from Linux based hosts. The data aims to help DFIR professionals triage and scope incidents. An Elk Stack instance also is configured to consume the output and assist the analysis process. Usage This script...

Survey Solutions Information Breach Vulnerability

Survey Solutions is a survey management and data collection system. survey Solutions is vulnerable to an information disclosure vulnerability that stems from a configuration or other error in the operation of the network system or product. An attacker could exploit the vulnerability to obtain...

CVE-2021-41123

Survey Solutions is a survey management and data collection system. In affected versions the Headquarters application publishes /metrics endpoint available to any user. None of the survey answers are ever exposed, only the aggregate counters, including count of interviews, or count of assignments...

CVE-2021-41123

Survey Solutions is a survey management and data collection system. In affected versions the Headquarters application publishes /metrics endpoint available to any user. None of the survey answers are ever exposed, only the aggregate counters, including count of interviews, or count of assignments...

Default credentials

Survey Solutions is a survey management and data collection system. In affected versions the Headquarters application publishes /metrics endpoint available to any user. None of the survey answers are ever exposed, only the aggregate counters, including count of interviews, or count of assignments...

CVE-2021-41123 Exposure of Sensitive Information to an Unauthorized Actor in WB.UI.Headquarters.dll

Survey Solutions is a survey management and data collection system. In affected versions the Headquarters application publishes /metrics endpoint available to any user. None of the survey answers are ever exposed, only the aggregate counters, including count of interviews, or count of assignments...

CVE-2021-41123

CVE-2021-41123 relates to Survey Solutions where the Headquarters application exposes a public /metrics endpoint in affected releases. The vulnerability stems from an information-disclosure risk exposing only aggregate counters (e.g., interviews, assignments) rather than survey answers; there is ...

Mac Users Targeted by Trojanized iTerm2 App

We go into more detail about a fake version of the iTerm2 app that downloads and runs malware, detected by Trend Micro as TrojanSpy.Python.ZURU.A, which collects private data from a victim’s machine...

Google to Auto-Reset Unused Android App Permissions for Billions of Devices

Google on Friday said it's bringing an Android 11 feature that auto-resets permissions granted to apps that haven't been used in months, to devices running Android versions 6 and above. The expansion is expected to go live later this year in December 2021 and enabled on Android phones with Google...

CVE-2021-36024

Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an Improper Neutralization of Special Elements Used In A Command via the Data collection endpoint. An attacker with admin privileges can upload a specially crafted file to achieve remote code...

CVE-2021-36024

Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an Improper Neutralization of Special Elements Used In A Command via the Data collection endpoint. An attacker with admin privileges can upload a specially crafted file to achieve remote code...

Remote code execution

Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an Improper Neutralization of Special Elements Used In A Command via the Data collection endpoint. An attacker with admin privileges can upload a specially crafted file to achieve remote code...