π΄ TikTok Vulnerability Leaves Users Open to Fake News π΄
π Read
via "Dark Reading: ".
A vulnerability in the way TikTok requests and receives video content could leave users streaming video from bogus servers.π Read
via "Dark Reading: ".
Dark Reading
TikTok Vulnerability Leaves Users Open to Fake News
A vulnerability in the way TikTok requests and receives video content could leave users streaming video from bogus servers.
π Dark web: Cybercriminals sell half a million Zoom accounts π
π Read
via "Security on TechRepublic".
Since Zoom became one of the primary ways people communicate, hackers have started sharing and selling stolen account credentials.π Read
via "Security on TechRepublic".
TechRepublic
Dark web: Cybercriminals sell over 500,000 Zoom accounts
Since Zoom became one of the primary ways people communicate, hackers have started sharing and selling stolen account credentials.
β April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit β
π Read
via "Threatpost".
Microsoft issued 113 patches in a big update, unfortunately for IT staff already straining under WFH security concerns.π Read
via "Threatpost".
Threat Post
April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit
Microsoft issued 113 patches in a big update, unfortunately for IT staff already straining under WFH security concerns.
ATENTIONβΌ New - CVE-2020-10384 (mbconnect24, mymbconnect24)
π Read
via "National Vulnerability Database".
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is a local privilege escalation from the www-data account to the root account.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-18822
π Read
via "National Vulnerability Database".
A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account (i.e., the account under which the program runs - by default, the callrec account) to elevate privileges to root by abusing the callrec-rs@.service. The callrec-rs@.service starts the /opt/callrec/bin/rs binary with root privileges, and this binary is owned by callrec. It can be replaced by a Trojan horse.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-14326
π Read
via "National Vulnerability Database".
An issue was discovered in AndyOS Andy versions up to 46.11.113. By default, it starts telnet and ssh (ports 22 and 23) with root privileges in the emulated Android system. This can be exploited by remote attackers to gain full access to the device, or by malicious apps installed inside the emulator to perform privilege escalation from a normal user to root (unlike with standard methods of getting root privileges on Android - e.g., the SuperSu program - the user is not asked for consent). There is no authentication performed - access to a root shell is given upon a successful connection. NOTE: although this was originally published with a slightly different CVE ID number, the correct ID for this Andy vulnerability has always been CVE-2019-14326.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-6402
π Read
via "National Vulnerability Database".
Ecobee Ecobee4 4.2.0.171 devices can be forced to deauthenticate and connect to an unencrypted Wi-Fi network with the same SSID, even if the device settings specify use of encryption such as WPA2, as long as the competing network has a stronger signal. An attacker must be able to set up a nearby SSID, similar to an "Evil Twin" attack.π Read
via "National Vulnerability Database".
π΄ Insecure Home Office Networks Heighten Work-at-Home Risks π΄
π Read
via "Dark Reading: ".
Nearly one in two organizations has one or more devices accessing its corporate network from a home network with at least one malware infection, BitSight says.π Read
via "Dark Reading: ".
Dark Reading
Insecure Home Office Networks Heighten Work-at-Home Risks
Nearly one in two organizations has one or more devices accessing its corporate network from a home network with at least one malware infection, BitSight says.
π΄ Microsoft Patches 113 Bugs, 3 Under Active Attack π΄
π Read
via "Dark Reading: ".
Microsoft has seen a 44% jump in the number of CVEs fixed between January and April 2020 compared with the same period in 2019.π Read
via "Dark Reading: ".
Dark Reading
Application Security recent news | Dark Reading
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading
π΄ Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later? π΄
π Read
via "Dark Reading: ".
To enable medical care while encouraging social distancing during the COVID-19 pandemic, the Department of Health and Human Services temporarily loosened up on some of its HIPAA noncompliance enforcement on telehealth. But what happens if there's a PHI slip-up?π Read
via "Dark Reading: ".
Dark Reading
Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later?
To enable medical care while encouraging social distancing during the COVID-19 pandemic, the Department of Health and Human Services temporarily loosened up on some of its HIPAA noncompliance enforcement on telehealth. But what happens if there's a PHI slipβ¦
ATENTIONβΌ New - CVE-2019-19301
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions), SIMATIC CP 443-1 (incl. SIPLUS NET variants) (All versions), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variants) (All versions), SIMATIC RF180C (All versions), SIMATIC RF182C (All versions). The VxWorks-based Profinet TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-19300
π Read
via "National Vulnerability Database".
A vulnerability has been identified in KTK ATE530S (All versions), SIDOOR ATD430W (All versions), SIDOOR ATE530S COATED (All versions), SIDOOR ATE531S (All versions), SIMATIC ET 200SP Interfacemodul IM 155-6 MF HF (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC MICRO-DRIVE PDC (All versions), SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) (All versions >= V4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0), SIMATIC S7-1500 Software Controller (All versions < V2.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINAMICS S/G Control Unit w. PROFINET (All versions). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-10939
π Read
via "National Vulnerability Database".
A vulnerability has been identified in TIM 3V-IE (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.3), TIM 4R-IE (incl. SIPLUS NET variants) (All versions < V2.8), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.3). The affected versions contain an open debug port that is available under certain specific conditions. The vulnerability is only available if the IP address is configured to 192.168.1.2. If available, the debug port could be exploited by an attacker with network access to the device. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known.π Read
via "National Vulnerability Database".
π΄ Patch-a-Palooza: More Than 560 Flaws Fixed in a Single Day π΄
π Read
via "Dark Reading: ".
Software vendors keep pushing patches to the same Tuesday once a month, or once a quarter, and the result can be overwhelming. Six enterprise software makers issued patches for 567 issues in April.π Read
via "Dark Reading: ".
Dark Reading
Patch-a-Palooza: More Than 560 Flaws Fixed in a Single Day
Software vendors keep pushing patches to the same Tuesday once a month, or once a quarter, and the result can be overwhelming. Six enterprise software makers issued patches for 567 issues in April.
β WordPress WooCommerce sites targeted by card swiper attacks β
π Read
via "Naked Security".
Credit card swipers have found a hard-to-detect way to target WordPress websites using the WooCommerce plugin by secretly modifying legitimate JavaScript files.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Signal: Weβll be eaten alive by EARN IT Actβs anti-encryption wolves β
π Read
via "Naked Security".
The Big Bad Wolves haven't blown the house down but did come up with a way to "hold the three little pigs responsible for being delicious," Signal said.π Read
via "Naked Security".
Naked Security
Signal: Weβll be eaten alive by EARN IT Actβs anti-encryption wolves
The Big Bad Wolves havenβt blown the house down but did come up with a way to βhold the three little pigs responsible for being delicious,β Signal said.
ATENTIONβΌ New - CVE-2020-10514
π Read
via "National Vulnerability Database".
iCatch DVR do not validate function parameter properly, resulting attackers executing arbitrary command.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10513
π Read
via "National Vulnerability Database".
The file management interface of iCatch DVR contains broken access control which allows the attacker to remotely manipulate arbitrary file.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10512
π Read
via "National Vulnerability Database".
HGiga C&Cmail contains a SQL Injection vulnerability which allows attackers to injecting SQL commands in the URL parameter to execute unauthorized commands.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10511
π Read
via "National Vulnerability Database".
HGiga C&Cmail contains insecure configurations. Attackers can exploit these flaws to access unauthorized functionality via a crafted URL.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10507
π Read
via "National Vulnerability Database".
The School Manage System, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of misconfigured file upload filter. Attackers can upload any format of file to the system.π Read
via "National Vulnerability Database".