🔐 Cybersecurity and remote work: How workers are handling the shift 🔐
📖 Read
via "Security on TechRepublic".
Working remotely presents key security challenges, but employees may actually be following security rules more carefully when working from home, says 1Password.📖 Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity and remote work: How workers are handling the shift
Working remotely presents key security challenges, but employees may actually be following security rules more carefully when working from home, says 1Password.
🔏 Virtual Cybersecurity Events in 2020 🔏
📖 Read
via "Subscriber Blog RSS Feed ".
Many infosec conferences are going virtual in 2020 due to the COVID-19 pandemic. Is your favorite conference going virtual? Check out our list of events and update your calendar!📖 Read
via "Subscriber Blog RSS Feed ".
🕴 How an Industry Consortium Can Reinvent Security Solution Testing 🕴
📖 Read
via "Dark Reading: ".
By committing to independent testing to determine value, vendors will ensure that their products do what they say they do.📖 Read
via "Dark Reading: ".
Dark Reading
How an Industry Consortium Can Reinvent Security Solution Testing
By committing to independent testing to determine value, vendors will ensure that their products do what they say they do.
ATENTION‼ New - CVE-2020-10738
📖 Read
via "National Vulnerability Database".
A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remote code execution.📖 Read
via "National Vulnerability Database".
❌ Long Tail Analysis: A New Hope in the Cybercrime Battle ❌
📖 Read
via "Threatpost".
Looking for niche anomalies in an automated way with AI and machine learning is the future.📖 Read
via "Threatpost".
Threat Post
Long Tail Analysis: A New Hope in the Cybercrime Battle
Looking for niche anomalies in an automated way with AI and machine learning is the future.
👍1
🕴 Telcos Become Richer Hacking Targets 🕴
📖 Read
via "Dark Reading: ".
The shift of moving telecommunications networks toward more commercial networking equipment and systems also expanded their attack surface.📖 Read
via "Dark Reading: ".
Dark Reading
Telcos Become Richer Hacking Targets
The shift of moving telecommunications networks toward more commercial networking equipment and systems also expanded their attack surface.
🕴 Hackers Serve Up Stolen Credentials from Home Chef 🕴
📖 Read
via "Dark Reading: ".
Some 8 million of the meal delivery company's customer records have been offered for sale on the Dark Web.📖 Read
via "Dark Reading: ".
Dark Reading
Hackers Serve Up Stolen Credentials from Home Chef
Some 8 million of the meal delivery company's customer records have been offered for sale on the Dark Web.
🕴 Web Scrapers Have Bigger-Than-Perceived Impact on Digital Businesses 🕴
📖 Read
via "Dark Reading: ".
The economic impact of bot traffic can be unexpectedly substantial, a PerimeterX-commissioned study finds.📖 Read
via "Dark Reading: ".
Dark Reading
Web Scrapers Have Bigger-Than-Perceived Impact on Digital Businesses
The economic impact of bot traffic can be unexpectedly substantial, a PerimeterX-commissioned study finds.
🕴 Security 101: Cross-Site Scripting 🕴
📖 Read
via "Dark Reading: ".
Cross-site scripting has been around longer than most security professionals have been on the job. Why is it still such an issue when we've known about it for so long?📖 Read
via "Dark Reading: ".
Dark Reading
Security 101: Cross-Site Scripting
Cross-site scripting has been around longer than most security professionals have been on the job. Why is it still such an issue when we've known about it for so long?
ATENTION‼ New - CVE-2017-18868
📖 Read
via "National Vulnerability Database".
Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-1037
📖 Read
via "National Vulnerability Database".
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-1035
📖 Read
via "National Vulnerability Database".
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1058, CVE-2020-1060, CVE-2020-1093.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-1028
📖 Read
via "National Vulnerability Database".
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1126, CVE-2020-1136, CVE-2020-1150.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-1024
📖 Read
via "National Vulnerability Database".
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1102.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-1023
📖 Read
via "National Vulnerability Database".
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1024, CVE-2020-1102.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-1021
📖 Read
via "National Vulnerability Database".
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-1010
📖 Read
via "National Vulnerability Database".
An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1068, CVE-2020-1079.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-0963
📖 Read
via "National Vulnerability Database".
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1141, CVE-2020-1145, CVE-2020-1179.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-0909
📖 Read
via "National Vulnerability Database".
A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to properly handle these network packets., aka 'Windows Hyper-V Denial of Service Vulnerability'.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-0901
📖 Read
via "National Vulnerability Database".
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-20804
📖 Read
via "National Vulnerability Database".
Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account.📖 Read
via "National Vulnerability Database".