Vulnerabilities – TFun dot org

Threat Roundup for July 16 to July 23

24/07/2021

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 16 and July 23. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics,… [[ This is only the beginning! Please visit the […]

Threat Actors Target Kubernetes Clusters via Argo Workflows

23/07/2021Ionut Arghire

Threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners, according to a warning from security vendor Intezer. read more Source: Security Week

Threat Actors Target Kubernetes Clusters via Argo Workflows

23/07/2021Ionut Arghire

Threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners, according to a warning from security vendor Intezer. read more Source: Security Week

House Passes Several Critical Infrastructure Cybersecurity Bills

23/07/2021Eduard Kovacs

The U.S. House of Representatives this week passed several cybersecurity bills, including ones related to critical infrastructure, industrial control systems (ICS), and grants for state and local governments. read more Source: Security Week

House Passes Several Critical Infrastructure Cybersecurity Bills

23/07/2021Eduard Kovacs

The U.S. House of Representatives this week passed several cybersecurity bills, including ones related to critical infrastructure, industrial control systems (ICS), and grants for state and local governments. read more Source: Security Week

Critical Jira Flaw in Atlassian Could Lead to RCE

22/07/2021Lisa Vaas

The software-engineering platform is urging users to patch the critical flaw ASAP. Source: Threatpost.com

Bug Bounty and VDP Platform YesWeHack Raises $18.8 Million

22/07/2021Ionut Arghire

European bug bounty and vulnerability disclosure policy platform YesWeHack this week announced the closing of a €16 million ($18.8 million) round of venture capital financing. read more Source: Security Week

Bug Bounty and VDP Platform YesWeHack Raises $18.8 Million

22/07/2021Ionut Arghire

European bug bounty and vulnerability disclosure policy platform YesWeHack this week announced the closing of a €16 million ($18.8 million) round of venture capital financing. read more Source: Security Week

Industrial Networks Exposed Through Cloud-Based Operational Tech

22/07/2021Becky Bracken

Critical ICS vulnerabilities can be exploited through leading cloud-management platforms. Source: Threatpost.com

Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day

22/07/2021Lisa Vaas

Update now: The ream of bugs includes some remotely exploitable code execution flaws. Still to come: a fix for what makes iPhones easy prey for Pegasus spyware. Source: Threatpost.com