Bunch of News

~
Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines and more

https://www.cyberark.com/resources/threat-research-blog/attacking-rdp-from-inside

~
IP spoofing bug leaves Django REST applications open to DDoS, password-cracking attacks

https://portswigger.net/daily-swig/ip-spoofing-bug-leaves-django-rest-applications-open-to-ddos-password-cracking-attacks

~
Coming Soon: New Security Update Guide Notification System

https://msrc-blog.microsoft.com/2022/01/11/coming-soon-new-security-update-guide-notification-system/

~
KB5009543 - January 11, 2022 Breaks L2TP VPN Connections

https://www.reddit.com/r/sysadmin/comments/s1oqv8/kb5009543_january_11_2022_breaks_l2tp_vpn/

~
About the security content of iOS 15.2.1 and iPadOS 15.2.1

https://support.apple.com/en-us/HT213043

~
Security Vulnerabilities fixed in Firefox 96

https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/

~
CVE-2021-4204: Linux Kernel eBPF Improper Input Validation Vulnerability

https://www.openwall.com/lists/oss-security/2022/01/11/4

~
January updates causing unexpected reboots on domain controllers

Looks like KB5009557 (2019) and KB5009555 (2022) are causing something to fail on domain controllers, which then keep rebooting every few minutes.

https://www.reddit.com/r/sysadmin/comments/s21ae1/january_updates_causing_unexpected_reboots_on/

~
CVE-2021-3997: Uncontrolled recursion in systemd's systemd-tmpfiles

https://www.openwall.com/lists/oss-security/2022/01/10/2
Top 3 Video Streaming Services Like YouTube