π Reverse RDP attacks: How to protect your organization π
π Read
via "Security on TechRepublic".
A remote PC infected with certain malware could take over a client that tries to connect to it, says Check Point Research. Here's how to prevent it.π Read
via "Security on TechRepublic".
TechRepublic
Reverse RDP attacks: How to protect your organization
A remote PC infected with certain malware could take over a client that tries to connect to it, says Check Point Research. Here's how to prevent it.
π΄ Ensuring Business Continuity in Times of Crisis π΄
π Read
via "Dark Reading: ".
Three basic but comprehensive steps can help you and your organization get through adversityπ Read
via "Dark Reading: ".
Dark Reading
Ensuring Business Continuity in Times of Crisis
Three basic but comprehensive steps can help you and your organization get through adversity
π΅ The Patriot Act is being upgraded β how should Americans protect themselves? π΅
π Read
via "VPNpro".
π Read
via "VPNpro".
VPNpro
The Patriot Act Upgrade - How Should Americans Protect Themselves?
The Land of the Free just got less free by not passing a Patriot Act amendment. Here's what this means for your privacy and how you can get it back.
π Cloud services provider takes on end-to-end encryption for files sent via collaboration platforms π
π Read
via "Security on TechRepublic".
Volterra's VoltShare uses an app to read a key and an email address to verify identityπ Read
via "Security on TechRepublic".
TechRepublic
Cloud services provider takes on end-to-end encryption for files sent via collaboration platforms
Volterra's VoltShare uses an app to read a key and an email address to verify identity
β Microsoft Adds DNS-Over-HTTPS Support for Windows 10 Insiders β
π Read
via "Threatpost".
Microsoft is letting Windows Insiders test-drive DNS-over-HTTPS protocol in a pre-release build of Windows 10.π Read
via "Threatpost".
Threat Post
Microsoft Adds DNS-Over-HTTPS Support for Windows 10 Insiders
Microsoft said the DNS-over-HTTPS protocol will bolster privacy by providing encrypted DNS sessions.
ATENTIONβΌ New - CVE-2019-15083
π Read
via "National Vulnerability Database".
Default installations of Zoho ManageEngine ServiceDesk Plus 10.0 before 10500 are vulnerable to XSS injected by a workstation local administrator. Using the installed program names of the computer as a vector, the local administrator can execute code on the Manage Engine ServiceDesk administrator side. At "Asset Home > Server > <workstation> > software" the administrator of ManageEngine can control what software is installed on the workstation. This table shows all the installed program names in the Software column. In this field, a remote attacker can inject malicious code in order to execute it when the ManageEngine administrator visualizes this page.π Read
via "National Vulnerability Database".
π΄ Facebook Fails to Staunch Coronavirus Misinformation π΄
π Read
via "Dark Reading: ".
The social media giant in April affixed warning labels on 50 million pieces of contentπ Read
via "Dark Reading: ".
Dark Reading
Facebook Fails to Staunch Coronavirus Misinformation
The social media giant in April affixed warning labels on 50 million pieces of content
β PrintDemon β patch this ancient Windows printer bug! β
π Read
via "Naked Security".
Bugs can last a long time... even if you thought you removed them years ago.π Read
via "Naked Security".
Naked Security
PrintDemon β patch this ancient Windows printer bug!
Bugs can last a long time⦠even if you thought you removed them years ago.
π΄ 79% of Companies Report Identity-Related Breach in Past Two Years π΄
π Read
via "Dark Reading: ".
Two-thirds of organizations surveyed say phishing is the most common cause of identity-related breaches, the IDSA reports.π Read
via "Dark Reading: ".
Dark Reading
79% of Companies Report Identity-Related Breach in Past Two Years
Two-thirds of organizations surveyed say phishing is the most common cause of identity-related breaches, the IDSA reports.
π How to find a job in cybersecurity π
π Read
via "Security on TechRepublic".
In an industry still experiencing a talent shortage despite the pandemic, recruiters and observers offer advice on what job seekers should and should not do.π Read
via "Security on TechRepublic".
TechRepublic
How to find a job in cybersecurity
In an industry still experiencing a talent shortage despite the pandemic, recruiters and observers offer advice on what job seekers should and should not do.
π΄ Compliance as a Way to Reduce the Risk of Insider Threats π΄
π Read
via "Dark Reading: ".
Several key resources and controls can help reduce overall risk by providing guidance on proper control implementation, preventative measures to deploy, and an emphasis on organizationwide training.π Read
via "Dark Reading: ".
Dark Reading
Compliance as a Way to Reduce the Risk of Insider Threats
Several key resources and controls can help reduce overall risk by providing guidance on proper control implementation, preventative measures to deploy, and an emphasis on organizationwide training.
ATENTIONβΌ New - CVE-2019-17572
π Read
via "National Vulnerability Database".
In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like Γ’β¬œ../../../../topic2020Γ’β¬οΏ½ is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. Users of the affected versions should apply one of the following: Upgrade to Apache RocketMQ 4.6.1 or later.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-17562
π Read
via "National Vulnerability Database".
A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the mac parameter in baremetal virtual router. If you insert an arbitrary shell command into the mac parameter, v-router will process the command. For example: Normal: http://{GW}:10086/baremetal/provisiondone/{mac}, Abnormal: http://{GW}:10086/baremetal/provisiondone/#';whoami;#. Mitigation of this issue is an upgrade to Apache CloudStack 4.13.1.0 or beyond.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-13023
π Read
via "National Vulnerability Database".
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the web interface hides RADIUS secrets, WPA passwords, and SNMP strings from 'non administrative' users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the credentials are visible.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-13022
π Read
via "National Vulnerability Database".
Bond JetSelect (all versions) has an issue in the Java class (ENCtool.jar) and corresponding password generation algorithm (used to set initial passwords upon first installation). It XORs the plaintext into the 'encrypted' password that is then stored within the database. These steps are able to be trivially reversed, allowing for escalation of privilege within the JetSelect application through obtaining the passwords of JetSelect administrators. JetSelect administrators have the ability to modify and delete all networking configuration across a vessel, as well as altering network configuration of all managed network devices (switches, routers).π Read
via "National Vulnerability Database".
π Why organizations shouldn't automatically give in to ransomware demands π
π Read
via "Security on TechRepublic".
A ransomware incident analyzed by IBM X-Force shows that the attacker wouldn't have been able to decrypt the data, even if the ransom was paid.π Read
via "Security on TechRepublic".
TechRepublic
Why organizations shouldn't automatically give in to ransomware demands
A ransomware incident analyzed by IBM X-Force shows that the attacker wouldn't have been able to decrypt the data, even if the ransom was paid.
ATENTIONβΌ New - CVE-2019-13021
π Read
via "National Vulnerability Database".
The administrative passwords for all versions of Bond JetSelect are stored within an unprotected file on the filesystem, rather than encrypted within the MySQL database. This backup copy of the passwords is made as part of the installation script, after the administrator has generated a password using ENCtool.jar (see CVE-2019-13022). This allows any low-privilege user who can read this file to trivially obtain the passwords for the administrative accounts of the JetSelect application. The path to the file containing the encoded password hash is /opt/JetSelect/SFC/resources/sfc-general-properties.π Read
via "National Vulnerability Database".
π FBI, CISA Say China Is Targeting COVID-19 Research π
π Read
via "Subscriber Blog RSS Feed ".
In a PSA on Wednesday, the FBI and CISA warned healthcare and pharmaceutical orgs that Chinese hackers are seeking valuable IP and health data regarding COVID-19 treatment.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
FBI, CISA Say China Is Targeting COVID-19 Research
In a PSA on Wednesday, the FBI and CISA warned healthcare and pharmaceutical orgs that Chinese hackers are seeking valuable IP and health data regarding COVID-19 treatment.
β TikTok Violated Childrenβs Privacy Law, FTC Complaint Says β
π Read
via "Threatpost".
A group of children's privacy advocates alleged in a recent FTC complaint that TikTok violated an agreement to protect children's private data.π Read
via "Threatpost".
Threat Post
TikTok Violated Childrenβs Privacy Law, FTC Complaint Says
A group of children's privacy advocates alleged in a recent FTC complaint that TikTok violated an agreement to protect children's private data.
π΄ 8 Supply Chain Security Requirements π΄
π Read
via "Dark Reading: ".
Complex supply chains have complex security requirements, but secure them you must. Here's where to start.π Read
via "Dark Reading: ".
Dark Reading
8 Supply Chain Security Requirements
Complex supply chains have complex security requirements, but secure them you must. Here's where to start.
β Innovative Spy Trojan Targets European Diplomatic Targets β
π Read
via "Threatpost".
Descended from the COMPFun RAT, the malware can propagate to removable drives.π Read
via "Threatpost".
Threat Post
Innovative Spy Trojan Targets European Diplomatic Targets
Descended from the COMPFun RAT, the malware can propagate to removable drives.