Threat Advisory: High Severity OpenSSL Vulnerabilities | allinfosecnews.com

Nov. 1, 2022, 7:03 p.m. | Cisco Talos Outreach

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com

In late October two new buffer overflow vulnerabilities, CVE-2022-3602 and CVE-2022-3786, were announced in OpenSSL versions 3.0.0 to 3.0.6. These vulnerabilities can be exploited by sending an X.509 certificate with a specially crafted email address, potentially causing a buffer overflow resulting in a crash or

advisory openssl openssl vulnerabilities severity ssl threat threat advisory top story vulnerabilities vulnerability

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

What can we learn from the passwords used in brute-force attacks? 1 day, 9 hours ago | blog.talosintelligence.com

attacks brute brute-force can +5

Vulnerabilities in employee management system could lead to remote code execution, login credential theft 2 days, 11 hours ago | blog.talosintelligence.com

code code execution credential credential theft +21

Cisco Talos at RSAC 2024 3 days, 15 hours ago | blog.talosintelligence.com

announcements cisco cisco talos cybersecurity +12

James Nutland studies what makes threat actors tick, growing our understanding of the current APT … 4 days, 15 hours ago | blog.talosintelligence.com

adversary apt can current +14

The private sector probably isn’t coming to save the NVD 1 week, 1 day ago | blog.talosintelligence.com

arcanedoor coming cybercrime isn +9

Talos IR trends: BEC attacks surge, while weaknesses in MFA persist 1 week, 1 day ago | blog.talosintelligence.com

adversaries attacks bec bec attacks +17

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices 1 week, 2 days ago | blog.talosintelligence.com

apt campaign campaigns devices +15

Suspected CoralRaider continues to expand victimology using three information stealers 1 week, 3 days ago | blog.talosintelligence.com

apt argument bypass command +17

What’s the deal with the massive backlog of vulnerabilities at the NVD? 2 weeks ago | blog.talosintelligence.com

backlog current deal management +10

Senior Security Engineer - Detection and Response

@ Fastly, Inc. | US (Remote)

View on infosec-jobs.com

Application Security Engineer

@ Solidigm | Zapopan, Mexico

View on infosec-jobs.com

Defensive Cyber Operations Engineer-Mid

@ ISYS Technologies | Aurora, CO, United States

View on infosec-jobs.com

Manager, Information Security GRC

@ OneTrust | Atlanta, Georgia

View on infosec-jobs.com

Senior Information Security Analyst | IAM

@ EBANX | Curitiba or São Paulo

View on infosec-jobs.com

Senior Information Security Engineer, Cloud Vulnerability Research

@ Google | New York City, USA; New York, USA

View on infosec-jobs.com