ATENTIONβΌ New - CVE-2019-17572
π Read
via "National Vulnerability Database".
In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like Γ’β¬œ../../../../topic2020Γ’β¬οΏ½ is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. Users of the affected versions should apply one of the following: Upgrade to Apache RocketMQ 4.6.1 or later.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-17562
π Read
via "National Vulnerability Database".
A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the mac parameter in baremetal virtual router. If you insert an arbitrary shell command into the mac parameter, v-router will process the command. For example: Normal: http://{GW}:10086/baremetal/provisiondone/{mac}, Abnormal: http://{GW}:10086/baremetal/provisiondone/#';whoami;#. Mitigation of this issue is an upgrade to Apache CloudStack 4.13.1.0 or beyond.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-13023
π Read
via "National Vulnerability Database".
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the web interface hides RADIUS secrets, WPA passwords, and SNMP strings from 'non administrative' users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the credentials are visible.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-13022
π Read
via "National Vulnerability Database".
Bond JetSelect (all versions) has an issue in the Java class (ENCtool.jar) and corresponding password generation algorithm (used to set initial passwords upon first installation). It XORs the plaintext into the 'encrypted' password that is then stored within the database. These steps are able to be trivially reversed, allowing for escalation of privilege within the JetSelect application through obtaining the passwords of JetSelect administrators. JetSelect administrators have the ability to modify and delete all networking configuration across a vessel, as well as altering network configuration of all managed network devices (switches, routers).π Read
via "National Vulnerability Database".
π Why organizations shouldn't automatically give in to ransomware demands π
π Read
via "Security on TechRepublic".
A ransomware incident analyzed by IBM X-Force shows that the attacker wouldn't have been able to decrypt the data, even if the ransom was paid.π Read
via "Security on TechRepublic".
TechRepublic
Why organizations shouldn't automatically give in to ransomware demands
A ransomware incident analyzed by IBM X-Force shows that the attacker wouldn't have been able to decrypt the data, even if the ransom was paid.
ATENTIONβΌ New - CVE-2019-13021
π Read
via "National Vulnerability Database".
The administrative passwords for all versions of Bond JetSelect are stored within an unprotected file on the filesystem, rather than encrypted within the MySQL database. This backup copy of the passwords is made as part of the installation script, after the administrator has generated a password using ENCtool.jar (see CVE-2019-13022). This allows any low-privilege user who can read this file to trivially obtain the passwords for the administrative accounts of the JetSelect application. The path to the file containing the encoded password hash is /opt/JetSelect/SFC/resources/sfc-general-properties.π Read
via "National Vulnerability Database".
π FBI, CISA Say China Is Targeting COVID-19 Research π
π Read
via "Subscriber Blog RSS Feed ".
In a PSA on Wednesday, the FBI and CISA warned healthcare and pharmaceutical orgs that Chinese hackers are seeking valuable IP and health data regarding COVID-19 treatment.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
FBI, CISA Say China Is Targeting COVID-19 Research
In a PSA on Wednesday, the FBI and CISA warned healthcare and pharmaceutical orgs that Chinese hackers are seeking valuable IP and health data regarding COVID-19 treatment.
β TikTok Violated Childrenβs Privacy Law, FTC Complaint Says β
π Read
via "Threatpost".
A group of children's privacy advocates alleged in a recent FTC complaint that TikTok violated an agreement to protect children's private data.π Read
via "Threatpost".
Threat Post
TikTok Violated Childrenβs Privacy Law, FTC Complaint Says
A group of children's privacy advocates alleged in a recent FTC complaint that TikTok violated an agreement to protect children's private data.
π΄ 8 Supply Chain Security Requirements π΄
π Read
via "Dark Reading: ".
Complex supply chains have complex security requirements, but secure them you must. Here's where to start.π Read
via "Dark Reading: ".
Dark Reading
8 Supply Chain Security Requirements
Complex supply chains have complex security requirements, but secure them you must. Here's where to start.
β Innovative Spy Trojan Targets European Diplomatic Targets β
π Read
via "Threatpost".
Descended from the COMPFun RAT, the malware can propagate to removable drives.π Read
via "Threatpost".
Threat Post
Innovative Spy Trojan Targets European Diplomatic Targets
Descended from the COMPFun RAT, the malware can propagate to removable drives.
π΄ Identite Comes Out of Stealth π΄
π Read
via "Dark Reading: ".
Startup emerges with three-factor, no-password authentication.π Read
via "Dark Reading: ".
Dark Reading
Identite Comes Out of Stealth
Startup emerges with three-factor, no-password authentication.
π΄ Project Aims to Unmask Disinformation Bots π΄
π Read
via "Dark Reading: ".
BotSight, a machine learning research project, rates Twitter users based on the likelihood that there is a human behind the keyboard. Could such technology blunt the impact of disinformation campaigns?π Read
via "Dark Reading: ".
Dark Reading
Project Aims to Unmask Disinformation Bots
BotSight, a machine learning research project, rates Twitter users based on the likelihood that there is a human behind the keyboard. Could such technology blunt the impact of disinformation campaigns?
π Phishing campaign exploits Symantec URL Protection to cover its tracks π
π Read
via "Security on TechRepublic".
The email also claims to have been scanned by Symantec email security, according to security provider Armorblox.π Read
via "Security on TechRepublic".
TechRepublic
Phishing campaign exploits Symantec URL Protection to cover its tracks
The email also claims to have been scanned by Symantec email security, according to security provider Armorblox.
π΄ Microsoft Patch for Reverse RDP Flaw Leaves Room for Other Attacks π΄
π Read
via "Dark Reading: ".
Fix released in February is Microsoft's second pass at fully addressing issue that Check Point first disclosed at Black Hat USA last summer.π Read
via "Dark Reading: ".
Darkreading
Microsoft Patch for Reverse RDP Flaw Leaves Room for Other Attacks
Fix released in February is Microsoft's second pass at fully addressing issue that Check Point first disclosed at Black Hat USA last summer.
π΄ As Businesses Rush to the Cloud, Security Teams Struggle to Keep Up π΄
π Read
via "Dark Reading: ".
Most organizations have a gap between current and planned cloud usage and the maturity of their cloud security programs.π Read
via "Dark Reading: ".
Dark Reading
As Businesses Rush to the Cloud, Security Teams Struggle to Keep Up
Most organizations have a gap between current and planned cloud usage and the maturity of their cloud security programs.
ATENTIONβΌ New - CVE-2020-0097
π Read
via "National Vulnerability Database".
In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. This could lead to local escalation of privilege with User privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-145981139π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0096
π Read
via "National Vulnerability Database".
In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-145669109π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0094
π Read
via "National Vulnerability Database".
In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-148223871π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0093
π Read
via "National Vulnerability Database".
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148705132π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0092
π Read
via "National Vulnerability Database".
In setHideSensitive of NotificationStackScrollLayout.java, there is a possible disclosure of sensitive notification content due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145135488π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0091
π Read
via "National Vulnerability Database".
In mnld, an incorrect configuration in driver_cfg of mnld for meta factory mode.Product: AndroidVersions: Android SoCAndroid ID: A-149808700π Read
via "National Vulnerability Database".