I. Targeted Software Docker Kubernetes Amazon Web Services (AWS) Microsoft Azure Google Cloud II. Introduction A hacking group referred to as “TeamTNT” has been active within the previous 8 months. In the summer of 2020, security researches identified TeamTNT as the group behind a crypto-mining malware capable of stealing local credentials and Amazon Web Services (AWS) login details.[2] TeamTNT had been targeting Docker and Kubernetes.[2]...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco VPN Routers, themost severe of which could allow for arbitrary code execution as theroot user of an affected device. These VPN routers are often used toconnect hosts via the router hardware as opposed to individualinstallations on each device. Successful exploitation of the most severe of these vulnerabilitiescould allow for arbitrary code execution in the context of the root...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * tvOS is an operating system for the fourth-generation Apple TV digitalmedia player.* watchOS is the mobile operating system for the Apple Watch and isbased on the iOS operating system.* iPadOS is the successor to iOS 12 and is a mobile operating system foriPads.* iOS is a...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Androidoperating system (OS), the most severe of which could allow for remotecode execution. Android is an operating system developed by Google formobile devices, including, but not limited to, smartphones, tablets, andwatches. Successful exploitation of the most severe of thesevulnerabilities could allow for remote code execution within the contextof a privileged process. Depending on the privileges associated withthis...
Read More
DESCRIPTION:A vulnerability has been discovered in GNU Libgcrypt, which could allowfor arbitrary code execution. Libgcrypt is a generic cryptographiclibrary offered as part of GNU Privacy Guard (GnuPG) software suite toprovide building blocks for carrying out cryptographic tasks such asencrypting and signing data and communications. It is shipped with mostLinux distributions including Ubuntu and Fedora. Successful exploitationof this vulnerability could result in arbitrary code execution in...
Read More
