β TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover β
π Read
via "Threatpost".
The custom RAT offers persistent access, data exfiltration and lateral network movement.π Read
via "Threatpost".
Threat Post
TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover
The custom RAT offers persistent access, data exfiltration and lateral network movement.
π Balancing public safety and privacy during COVID-19: The rise of mass surveillance π
π Read
via "Security on TechRepublic".
One tech company is harnessing artificial intelligence, thermal imaging, and real-time surveillance data to mitigate the spread of the coronavirus. However, serious privacy questions remain.π Read
via "Security on TechRepublic".
TechRepublic
Balancing public safety and privacy during COVID-19: The rise of mass surveillance
One tech company is harnessing artificial intelligence, thermal imaging, and real-time surveillance data to mitigate the spread of the coronavirus. However, serious privacy questions remain.
π΄ How Company Cultures Dictated Work-from-Home Readiness π΄
π Read
via "Dark Reading: ".
Companies large and small are discovering just how prepared they were for all employees to work remotelyπ Read
via "Dark Reading: ".
Dark Reading
How Company Cultures Dictated Work-from-Home Readiness
Companies large and small are discovering just how prepared they were for all employees to work remotely
ATENTIONβΌ New - CVE-2020-10383
π Read
via "National Vulnerability Database".
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated remote code execution in the com_mb24sysapi module.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10382
π Read
via "National Vulnerability Database".
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an authenticated remote code execution in the backup-scheduler.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10381
π Read
via "National Vulnerability Database".
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated SQL injection in DATA24, allowing attackers to discover database and table names.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-16879
π Read
via "National Vulnerability Database".
The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function (CWE-306) vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to change configuration or perform other malicious activities.π Read
via "National Vulnerability Database".
π Now That The SHIELD Act Is In Effect, Does Your Company Comply? π
π Read
via "Subscriber Blog RSS Feed ".
The data security requirements of New York's Stop Hacks and Improve Electronic Data Security Act, or SHIELD Act, went into effect last month.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Now That The SHIELD Act Is In Effect, Does Your Company Comply?
The data security requirements of New York's Stop Hacks and Improve Electronic Data Security Act, or SHIELD Act, went into effect last month.
β Adobe Fixes βImportantβ Flaws in ColdFusion, After Effects and Digital Editions β
π Read
via "Threatpost".
While Adobe's regularly scheduled security updates were light this month, they fixed "important" severity vulnerabilities.π Read
via "Threatpost".
Threat Post
Adobe Fixes βImportantβ Flaws in ColdFusion, After Effects and Digital Editions
While Adobe's regularly scheduled security updates were light this month, they fixed "important" severity vulnerabilities.
π΄ TikTok Vulnerability Leaves Users Open to Fake News π΄
π Read
via "Dark Reading: ".
A vulnerability in the way TikTok requests and receives video content could leave users streaming video from bogus servers.π Read
via "Dark Reading: ".
Dark Reading
TikTok Vulnerability Leaves Users Open to Fake News
A vulnerability in the way TikTok requests and receives video content could leave users streaming video from bogus servers.
π Dark web: Cybercriminals sell half a million Zoom accounts π
π Read
via "Security on TechRepublic".
Since Zoom became one of the primary ways people communicate, hackers have started sharing and selling stolen account credentials.π Read
via "Security on TechRepublic".
TechRepublic
Dark web: Cybercriminals sell over 500,000 Zoom accounts
Since Zoom became one of the primary ways people communicate, hackers have started sharing and selling stolen account credentials.
β April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit β
π Read
via "Threatpost".
Microsoft issued 113 patches in a big update, unfortunately for IT staff already straining under WFH security concerns.π Read
via "Threatpost".
Threat Post
April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit
Microsoft issued 113 patches in a big update, unfortunately for IT staff already straining under WFH security concerns.
ATENTIONβΌ New - CVE-2020-10384 (mbconnect24, mymbconnect24)
π Read
via "National Vulnerability Database".
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is a local privilege escalation from the www-data account to the root account.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-18822
π Read
via "National Vulnerability Database".
A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account (i.e., the account under which the program runs - by default, the callrec account) to elevate privileges to root by abusing the callrec-rs@.service. The callrec-rs@.service starts the /opt/callrec/bin/rs binary with root privileges, and this binary is owned by callrec. It can be replaced by a Trojan horse.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-14326
π Read
via "National Vulnerability Database".
An issue was discovered in AndyOS Andy versions up to 46.11.113. By default, it starts telnet and ssh (ports 22 and 23) with root privileges in the emulated Android system. This can be exploited by remote attackers to gain full access to the device, or by malicious apps installed inside the emulator to perform privilege escalation from a normal user to root (unlike with standard methods of getting root privileges on Android - e.g., the SuperSu program - the user is not asked for consent). There is no authentication performed - access to a root shell is given upon a successful connection. NOTE: although this was originally published with a slightly different CVE ID number, the correct ID for this Andy vulnerability has always been CVE-2019-14326.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-6402
π Read
via "National Vulnerability Database".
Ecobee Ecobee4 4.2.0.171 devices can be forced to deauthenticate and connect to an unencrypted Wi-Fi network with the same SSID, even if the device settings specify use of encryption such as WPA2, as long as the competing network has a stronger signal. An attacker must be able to set up a nearby SSID, similar to an "Evil Twin" attack.π Read
via "National Vulnerability Database".
π΄ Insecure Home Office Networks Heighten Work-at-Home Risks π΄
π Read
via "Dark Reading: ".
Nearly one in two organizations has one or more devices accessing its corporate network from a home network with at least one malware infection, BitSight says.π Read
via "Dark Reading: ".
Dark Reading
Insecure Home Office Networks Heighten Work-at-Home Risks
Nearly one in two organizations has one or more devices accessing its corporate network from a home network with at least one malware infection, BitSight says.
π΄ Microsoft Patches 113 Bugs, 3 Under Active Attack π΄
π Read
via "Dark Reading: ".
Microsoft has seen a 44% jump in the number of CVEs fixed between January and April 2020 compared with the same period in 2019.π Read
via "Dark Reading: ".
Dark Reading
Application Security recent news | Dark Reading
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading
π΄ Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later? π΄
π Read
via "Dark Reading: ".
To enable medical care while encouraging social distancing during the COVID-19 pandemic, the Department of Health and Human Services temporarily loosened up on some of its HIPAA noncompliance enforcement on telehealth. But what happens if there's a PHI slip-up?π Read
via "Dark Reading: ".
Dark Reading
Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later?
To enable medical care while encouraging social distancing during the COVID-19 pandemic, the Department of Health and Human Services temporarily loosened up on some of its HIPAA noncompliance enforcement on telehealth. But what happens if there's a PHI slipβ¦
ATENTIONβΌ New - CVE-2019-19301
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions), SIMATIC CP 443-1 (incl. SIPLUS NET variants) (All versions), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variants) (All versions), SIMATIC RF180C (All versions), SIMATIC RF182C (All versions). The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-19300
π Read
via "National Vulnerability Database".
A vulnerability has been identified in KTK ATE530S (All versions), SIDOOR ATD430W (All versions), SIDOOR ATE530S COATED (All versions), SIDOOR ATE531S (All versions), SIMATIC ET 200SP Interfacemodul IM 155-6 MF HF (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC MICRO-DRIVE PDC (All versions), SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) (All versions >= V4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0), SIMATIC S7-1500 Software Controller (All versions < V2.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINAMICS S/G Control Unit w. PROFINET (All versions). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.π Read
via "National Vulnerability Database".