🛠 Zeek 3.1.2 🛠
📖 Go!
via "Security Tool Files ≈ Packet Storm".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.📖 Go!
via "Security Tool Files ≈ Packet Storm".
Packetstormsecurity
Zeek 3.1.2 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTION‼ New - CVE-2019-4654
📖 Read
via "National Vulnerability Database".
IBM QRadar 7.3.0 to 7.3.3 Patch 2 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-ForceID: 170965.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-4594
📖 Read
via "National Vulnerability Database".
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-ForceID: 167810.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-4593
📖 Read
via "National Vulnerability Database".
IBM QRadar 7.3.0 to 7.3.3 Patch 2 generates an error message that includes sensitive information that could be used in further attacks against the system. IBM X-ForceID: 167743.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-20767
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, D3600 before 1.0.0.75, D6000 before 1.0.0.75, R9000 before 1.0.4.26, R8900 before 1.0.4.26, R7800 before 1.0.2.52, WNDR4500v3 before 1.0.0.58, WNDR4300v2 before 1.0.0.58, WNDR4300 before 1.0.2.104, WNDR3700v4 before 1.0.2.102, and WNR2000v5 before 1.0.0.66.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-19500
📖 Read
via "National Vulnerability Database".
Matrix42 Workspace Management 9.1.2.2765 and below allows stored XSS via unfiltered description parameters, as demonstrated by the comment field of a special order for individual software.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-19390
📖 Read
via "National Vulnerability Database".
The Search parameter of the Software Catalogue section of Matrix42 Workspace Management 9.1.2.2765 and below accepts unfiltered parameters that lead to multiple reflected XSS issues.📖 Read
via "National Vulnerability Database".
🕴 Slack Incoming Webhooks Can Be Weaponized in Phishing Attacks 🕴
📖 Read
via "Dark Reading: ".
Researchers report how attackers could weaponize a feature in the Slack collaboration platform to access corporate data and messages.📖 Read
via "Dark Reading: ".
Dark Reading
Slack Incoming Webhooks Can Be Weaponized in Phishing Attacks
Researchers report how attackers could weaponize a feature in the Slack collaboration platform to access corporate data and messages.
🔏 Adopting Accountability in Data Protection Post COVID-19 🔏
📖 Read
via "Subscriber Blog RSS Feed ".
Can the gap between socially responsible collective action and privacy be bridged? A new report outlines a series of measures for the public and private sector to take in order to demonstrate accountability while delivering privacy protection in a pandemic.📖 Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Adopting Accountability in Data Protection Post COVID-19
Can the gap between socially responsible collective action and privacy be bridged? A new report outlines a series of measures for the public and private sector to take in order to demonstrate accountability while delivering privacy protection in a pandemic.
ATENTION‼ New - CVE-2019-20648
📖 Read
via "National Vulnerability Database".
NETGEAR RN42400 devices before 6.10.2 are affected by incorrect configuration of security settings.📖 Read
via "National Vulnerability Database".
❌ Taxpayers Targeted With Improved NetWire RAT Variant ❌
📖 Read
via "Threatpost".
Taxpayers are being targeted by a new NetWire RAT variant in a recent malspam campaign that makes use of an improved keylogger and an Excel 4.0 Macro.📖 Read
via "Threatpost".
Threat Post
Taxpayers Targeted With Improved NetWire RAT Variant
Taxpayers are being targeted by a new NetWire RAT variant in a recent malspam campaign that makes use of an improved keylogger and an Excel 4.0 Macro.
ATENTION‼ New - CVE-2019-20647
📖 Read
via "National Vulnerability Database".
NETGEAR RAX40 devices before 1.0.3.64 are affected by denial of service.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-20646
📖 Read
via "National Vulnerability Database".
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of administrative credentials.📖 Read
via "National Vulnerability Database".
🕴 Slack's Incoming Webhooks Can Be Weaponized in Phishing Attacks 🕴
📖 Read
via "Dark Reading: ".
Researchers report how attackers could weaponize a feature in the Slack collaboration platform to access corporate data and messages.📖 Read
via "Dark Reading: ".
Dark Reading
Slack's Incoming Webhooks Can Be Weaponized in Phishing Attacks
Researchers report how attackers could weaponize a feature in the Slack collaboration platform to access corporate data and messages.
❌ Malicious Google Web Extensions Harvest Cryptowallet Secrets ❌
📖 Read
via "Threatpost".
Several fake browser extensions masqueraded as legitimate cryptocurrency utilities in a snowballing campaign.📖 Read
via "Threatpost".
Threat Post
Malicious Google Web Extensions Harvest Cryptowallet Secrets
Several fake browser extensions masqueraded as legitimate cryptocurrency utilities in a snowballing campaign.
🕴 DHS Issues Alert for New North Korean Cybercrime 🕴
📖 Read
via "Dark Reading: ".
Cyber actors from North Korea's intelligence agencies are launching new attacks on financial targets, including hacks for hire on the open market.📖 Read
via "Dark Reading: ".
Dark Reading
DHS Issues Alert for New North Korean Cybercrime
Cyber actors from North Korea's intelligence agencies are launching new attacks on financial targets, including hacks for hire on the open market.
ATENTION‼ New - CVE-2019-20644
📖 Read
via "National Vulnerability Database".
NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-20643
📖 Read
via "National Vulnerability Database".
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of sensitive information.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-20642
📖 Read
via "National Vulnerability Database".
NETGEAR RAX40 devices before 1.0.3.64 are affected by authentication bypass.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-20641
📖 Read
via "National Vulnerability Database".
NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-20640
📖 Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32.📖 Read
via "National Vulnerability Database".