Skip to content

トピトピニュース

Header Image
Archive

Month: May 2021

20 Posts

Featured

Posted byLatest stories for ZDNet related to UK
GDPR: EU privacy watchdog probing the use of AWS and Azure cloud services
Posted byねっと特報
ウイグル問題をターゲットにしたサイバー攻撃 偽の国連文書や架空の財団サイト
Posted byGitHub
[@eivifj/dot] Improperly Controlled Modification of Dynamically-Determined Object Attributes in eivindfjeldstad-dot
Posted byLatest stories for ZDNet related to UK
This massive phishing campaign delivers password-stealing malware disguised as ransomware

GDPR: EU privacy watchdog probing the use of AWS and Azure cloud services

  • Posted inUncategorized
  • Posted byLatest stories for ZDNet related to UK
  • 05/28/2021

The data protection supervisor will investigate whether contracts with US-based cloud giants are GDPR-compliant.

ウイグル問題をターゲットにしたサイバー攻撃 偽の国連文書や架空の財団サイト

  • Posted inUncategorized
  • Posted byねっと特報
  • 05/28/2021

チェック・ポイント・ソフトウェア・テクノロジーズ(本部・テルアビブ)の脅威インテリジェンス調査部門で…

[@eivifj/dot] Improperly Controlled Modification of Dynamically-Determined Object Attributes in eivindfjeldstad-dot

  • Posted inMODERATE
  • Posted byGitHub
  • 05/26/202109/08/2022

eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function ‘set’ could be tricked into adding or modifying properties of ‘Object.prototype’ using a ‘proto’ payload.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-7639
https…

This massive phishing campaign delivers password-stealing malware disguised as ransomware

  • Posted inUncategorized
  • Posted byLatest stories for ZDNet related to UK
  • 05/24/2021

Java-based STRRAT malware creates a backdoor into infected machines – but distracts victims by acting like ransomware.

【新宿ゴールデン街交友録 裏50年史】東京藝術大生の坂本龍一はいつも違う女の子を連れて…

  • Posted inUncategorized
  • Posted by東スポWeb
  • 05/23/2021

話をゴールデン街へ戻そう! 70年代初期の街の風景は、まだ妖しげな呼び込みのお店と、映画、演劇、文学…

[org.xwiki.commons:xwiki-commons-core] XWiki users registered with email verification can self re-activate their disabled accounts

  • Posted inHIGH
  • Posted byGitHub
  • 05/19/202110/06/2022

Impact
A user disabled on a wiki using email verification for registration can re-activate himself by using the activation link provided for his registration.
Patches
The problem has been patched in the following versions of XWiki: 11.10.13, 12.6.7, …

[@shopify/koa-shopify-auth] Cross-site scripting in koa-shopify-auth

  • Posted inMODERATE
  • Posted byGitHub
  • 05/18/202109/10/2022

A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the shop parameter on the /shopify/auth/enable_cookies endpoint.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-81…

ランサムウェアDarksideの犯罪インフラ イランでホスティングか

  • Posted inUncategorized
  • Posted byねっと特報
  • 05/17/2021

米財務省は2020年10月にランサムウェアアドバイザリを発行しており、アメリカの制裁に関連するランサ…

[k8s.io/kubernetes] Privilege Escalation

  • Posted inCRITICAL
  • Posted byGitHub
  • 05/13/202109/08/2022

Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.
References

https://nvd.nist.gov/vuln/detail/CVE-2017-100005…

AppleのAirTagが早速ハッキングされる

  • Posted inUncategorized
  • Posted byUbergizmo Japan
  • 05/11/2021

AppleのAirTagが発表され、発売されてから間もないですが、その正式発表から1ヶ月弱で既にその…

Posts navigation

1 2 Next Posts
トピトピニュース
WordPress theme by componentz

Archives

2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
Hit enter to search or ESC to close