๐ Companies Increasingly Complacent Around Data Breach Preparedness ๐
๐ Read
via "Subscriber Blog RSS Feed ".
Ponemon Institute's annual data breach readiness survey suggests the increased adoption of security technologies but the continuation of problems, like spear phishing attacks.๐ Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Companies Increasingly Complacent Around Data Breach Preparedness
Ponemon Institute's annual data breach readiness survey suggests the increased adoption of security technologies but the continuation of problems, like spear phishing attacks.
ATENTIONโผ New - CVE-2019-14892
๐ Read
via "National Vulnerability Database".
A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.๐ Read
via "National Vulnerability Database".
ATENTIONโผ New - CVE-2018-14384
๐ Read
via "National Vulnerability Database".
The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated attackers to inject arbitrary web script or HTML via the websites.php name parameter.๐ Read
via "National Vulnerability Database".
ATENTIONโผ New - CVE-2018-11675
๐ Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.๐ Read
via "National Vulnerability Database".
๐ Report: Coronavirus is negatively impacting international call quality ๐
๐ Read
via "Security on TechRepublic".
When entire regions are quarantined, home-bound people are overloading local switches, reducing international call quality and interrupting connectivity.๐ Read
via "Security on TechRepublic".
TechRepublic
Coronavirus is negatively impacting international call quality
When entire regions are quarantined, home-bound people are overloading local switches, reducing international call quality and interrupting connectivity.
๐ด Walgreens' Mobile App Exposes Customers' Info ๐ด
๐ Read
via "Dark Reading: ".
An error in the app allowed some secure chat users to see medical information that wasn't theirs.๐ Read
via "Dark Reading: ".
Darkreading
Walgreens' Mobile App Exposes Customers' Info
An error in the app allowed some secure chat users to see medical information that wasn't theirs.
ATENTIONโผ New - CVE-2018-19658
๐ Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.๐ Read
via "National Vulnerability Database".
ATENTIONโผ New - CVE-2018-19599
๐ Read
via "National Vulnerability Database".
Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product.๐ Read
via "National Vulnerability Database".
ATENTIONโผ New - CVE-2018-19284
๐ Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.๐ Read
via "National Vulnerability Database".
ATENTIONโผ New - CVE-2018-18479
๐ Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.๐ Read
via "National Vulnerability Database".
ATENTIONโผ New - CVE-2018-17572
๐ Read
via "National Vulnerability Database".
InfluxDB 0.9.5 has Reflected XSS in the Write Data module.๐ Read
via "National Vulnerability Database".
ATENTIONโผ New - CVE-2018-16357
๐ Read
via "National Vulnerability Database".
An issue was discovered in PbootCMS. There is a SQL injection via the api.php/Cms/search order parameter.๐ Read
via "National Vulnerability Database".
ATENTIONโผ New - CVE-2018-16356
๐ Read
via "National Vulnerability Database".
An issue was discovered in PbootCMS. There is a SQL injection via the api.php/List/index order parameter.๐ Read
via "National Vulnerability Database".
ATENTIONโผ New - CVE-2018-15820
๐ Read
via "National Vulnerability Database".
EasyIO EasyIO-30P devices before 2.0.5.27 allow XSS via the dev.htm GDN parameter.๐ Read
via "National Vulnerability Database".
ATENTIONโผ New - CVE-2018-15819
๐ Read
via "National Vulnerability Database".
EasyIO EasyIO-30P devices before 2.0.5.27 have Incorrect Access Control, related to webuser.js.๐ Read
via "National Vulnerability Database".
๐ Phishing: Leading targets, breaking myths, and educating users ๐
๐ Read
via "Security on TechRepublic".
Vade Secure's Adrien Gendre explains why the end user is an important link in the security chain.๐ Read
via "Security on TechRepublic".
TechRepublic
Phishing: Leading targets, breaking myths, and educating users
Vade Secure's Adrien Gendre explains why the end user is an important link in the security chain.
โ Gamer Alert: Serious Nvidia Flaw Plagues Graphics Driver โ
๐ Read
via "Threatpost".
Several flaws found in Nvidia's graphics drivers could enable denial of service, remote code execution and other malicious attacks.๐ Read
via "Threatpost".
Threat Post
Gamer Alert: Serious Nvidia Flaw Plagues Graphics Driver
Several flaws found in Nvidia's graphics drivers could enable denial of service, remote code execution and other malicious attacks.
โ NetSupport Manager RAT Spread via Bogus NortonLifeLock Docs โ
๐ Read
via "Threatpost".
The legitimate remote-access tool is being used to maliciously infect victims and allow remote code-execution.๐ Read
via "Threatpost".
Threat Post
NetSupport Manager RAT Spread via Bogus NortonLifeLock Docs
The legitimate remote-access tool is being used to maliciously infect victims and allow remote code-execution.
๐ Phishing: Leading targets, breaking myths, and educating users ๐
๐ Read
via "Security on TechRepublic".
Vade Secure's Adrien Gendre explains why the end user is an important link in the security chain.๐ Read
via "Security on TechRepublic".
TechRepublic
Phishing: Leading targets, breaking myths, and educating users
Vade Secure's Adrien Gendre explains why the end user is an important link in the security chain.
๐ด How Security Leads at Starbucks and Microsoft Prepare for Breaches ๐ด
๐ Read
via "Dark Reading: ".
Executives discuss the security incidents they're most worried about and the steps they take to prepare for them.๐ Read
via "Dark Reading: ".
Darkreading
How Security Leaders at Starbucks and Microsoft Prepare for Breaches
Executives discuss the security incidents they're most worried about and the steps they take to prepare for them.