π΄ Microsoft Shares PonyFinal Threat Data, Warns of Delivery Tactics π΄
π Read
via "Dark Reading: ".
PonyFinal is deployed in human-operated ransomware attacks, in which adversaries tailor their techniques based on knowledge of a target system.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π OpenSSH 8.3p1 π
π Go!
via "Security Tool Files β Packet Storm".
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
OpenSSH 8.3p1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Chameleon Mini Smartcard Emulator Iceman Fork Gray GUI 1.3 π
π Go!
via "Security Tool Files β Packet Storm".
Firmware for the ChameleonMini RevE rebooted device. It compiles without errors or warnings and gives you more or less the same functionality as the stock firmware. This version compiles and gives you the same functionality (and more) as the original Chameleon Mini rebooted GUI.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Chameleon Mini Smartcard Emulator Iceman Fork Gray GUI 1.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2020-13253
π Read
via "National Vulnerability Database".
sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.π Read
via "National Vulnerability Database".
β β[F]Unicornβ Ransomware Impersonates Legit COVID-19 Contact-Tracing App β
π Read
via "Threatpost".
The new malware family was seen pretending to be an official Italian app, called Immuni.π Read
via "Threatpost".
Threat Post
β[F]Unicornβ Ransomware Impersonates Legit COVID-19 Contact-Tracing App
The new malware family was seen pretending to be an official Italian app, called Immuni.
π΄ GDPR Enforcement Loosens Amid Pandemic π΄
π Read
via "Dark Reading: ".
The European Union has given some organizations more breathing room to remedy violations, yet no one should think regulators are planning to abandon the privacy legislation in the face of COVID-19.π Read
via "Dark Reading: ".
Dark Reading
GDPR Enforcement Loosens Amid Pandemic
The European Union has given some organizations more breathing room to remedy violations, yet no one should think regulators are planning to abandon the privacy legislation in the face of COVID-19.
π΄ Standing Privilege: The Attacker's Advantage π΄
π Read
via "Dark Reading: ".
The credential is a commodity and will continue to be breached. As a result, focus and spending must shift toward the access that the credentials provide.π Read
via "Dark Reading: ".
Dark Reading
Standing Privilege: The Attacker's Advantage
The credential is a commodity and will continue to be breached. As a result, focus and spending must shift toward the access that the credentials provide.
π Why developed countries are more vulnerable to cybercrime π
π Read
via "Security on TechRepublic".
Developed nations have higher incomes, technology, urbanization, and digitalization, which are all factors for greater cyber risk, says VPN provider NordVPN.π Read
via "Security on TechRepublic".
TechRepublic
Why developed countries are more vulnerable to cybercrime
Developed nations have higher incomes, technology, urbanization, and digitalization, which are all factors for greater cyber risk, says VPN provider NordVPN.
ATENTIONβΌ New - CVE-2020-10946
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10945
π Read
via "National Vulnerability Database".
Centreon before 19.10.7 exposes Session IDs in server responses.π Read
via "National Vulnerability Database".
π Majority of COVID phishing attacks coming from US IP addresses, report finds π
π Read
via "Security on TechRepublic".
An anti-phishing firm discovered that most of the malicious coronavirus emails were coming from the United States.π Read
via "Security on TechRepublic".
TechRepublic
Majority of COVID phishing attacks coming from US IP addresses, report finds
An anti-phishing firm discovered that most of the malicious coronavirus emails were coming from the United States.
π΄ HackerOne Bounties Hit $100M Milestone π΄
π Read
via "Dark Reading: ".
The bug-hunting platform has now paid more than $100 million in bounties since October 2013.π Read
via "Dark Reading: ".
Dark Reading
HackerOne Bounties Hit $100M Milestone
The bug-hunting platform has now paid more than $100 million in bounties since October 2013.
π΄ Security 101: SQL Injection π΄
π Read
via "Dark Reading: ".
A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat.π Read
via "Dark Reading: ".
Dark Reading
Security 101: SQL Injection
A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat.
π΄ Cloud Security Architect Proves Hardest Infosec Role to Fill π΄
π Read
via "Dark Reading: ".
Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.π Read
via "Dark Reading: ".
Dark Reading
Cloud Security Architect Proves Hardest Infosec Role to Fill
Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.
π Insider Behind $1 Billion Trade Secret Theft Case Sentenced π
π Read
via "Subscriber Blog RSS Feed ".
The FBI on Wednesday shared details around a recent $1 billion trade secret theft case and reminded companies to report suspected crimes like trade secret theft.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Insider Behind $1 Billion Trade Secret Theft Case Sentenced
The FBI on Wednesday shared details around a recent $1 billion trade secret theft case and reminded companies to report suspected crimes like trade secret theft.
ATENTIONβΌ New - CVE-2020-10936
π Read
via "National Vulnerability Database".
Sympa before 6.2.56 allows privilege escalation.π Read
via "National Vulnerability Database".
β DoubleGun Group Builds Massive Botnet Using Cloud Services β
π Read
via "Threatpost".
The latest campaign spread malware via pirate gaming portals.π Read
via "Threatpost".
Threat Post
DoubleGun Group Builds Massive Botnet Using Cloud Services
The latest campaign spread malware via pirate gaming portals.
π΄ Stay-at-Home Orders Coincide With Massive DNS Surge π΄
π Read
via "Dark Reading: ".
A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.π Read
via "Dark Reading: ".
Dark Reading
Stay-at-Home Orders Coincide With Massive DNS Surge
A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.
ATENTIONβΌ New - CVE-2020-11059
π Read
via "National Vulnerability Database".
In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir publish and aegir build may leak secrets from environment variables in the browser bundle published to npm. This has been fixed in 21.10.1.π Read
via "National Vulnerability Database".
π΄ Netwalker Ransomware Tools Reveal Attacker Tactics and Techniques π΄
π Read
via "Dark Reading: ".
Malware and related files show that ransomware operators don't need a cutting-edge arsenal to be effective.π Read
via "Dark Reading: ".
Dark Reading
Netwalker Ransomware Tools Reveal Attacker Tactics and Techniques
Malware and related files show that ransomware operators don't need a cutting-edge arsenal to be effective.
ATENTIONβΌ New - CVE-2020-11075
π Read
via "National Vulnerability Database".
In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. The image analysis operation can only be executed by an authenticated user via a valid API request to anchore engine, or if an already added image that anchore is monitoring has its manifest altered to exploit the same flaw. A successful attack can be used to execute commands that run in the analyzer environment, with the same permissions as the user that anchore engine is run as - including access to the credentials that Engine uses to access its own database which have read-write ability, as well as access to the running engien analyzer service environment. By default Anchore Engine is released and deployed as a container where the user is non-root, but if users run Engine directly or explicitly set the user to 'root' then that level of access may be gained in the execution environment where Engine runs. This issue is fixed in version 0.7.1.π Read
via "National Vulnerability Database".