π Social engineering: A cheat sheet for business professionals π
π Read
via "Security on TechRepublic".
People, like computers, can be hacked using a process called social engineering, and there's a good chance a cybersecurity attack on your organization could start with this technique.π Read
via "Security on TechRepublic".
TechRepublic
Social engineering: A cheat sheet for business professionals
People, like computers, can be hacked using a process called social engineering, and there's a good chance a cybersecurity attack on your organization could start with this technique.
ATENTIONβΌ New - CVE-2020-11089
π Read
via "National Vulnerability Database".
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-11088
π Read
via "National Vulnerability Database".
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-11087
π Read
via "National Vulnerability Database".
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-11086
π Read
via "National Vulnerability Database".
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-11085
π Read
via "National Vulnerability Database".
In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-11043
π Read
via "National Vulnerability Database".
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-11040
π Read
via "National Vulnerability Database".
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-11844
π Read
via "National Vulnerability Database".
There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.π Read
via "National Vulnerability Database".
β Monday review β the hot 15 stories of the week β
π Read
via "Naked Security".
From iPhone jailbreaks to questions about the dark web, and everything in between. It's weekly roundup time!π Read
via "Naked Security".
Naked Security
Monday review β the hot 15 stories of the week
From iPhone jailbreaks to questions about the dark web, and everything in between. Itβs weekly roundup time!
β Facebook to verify identities on accounts that churn out viral posts β
π Read
via "Naked Security".
Hopefully it's a COVID-19 version of what it did post-2016 elections, when it required verification of those buying political or issue ads.π Read
via "Naked Security".
Naked Security
Facebook to verify identities on accounts that churn out viral posts
Hopefully itβs a COVID-19 version of what it did post-2016 elections, when it required verification of those buying political or issue ads.
β Github uncovers malicious βOctopus Scannerβ targeting developers β
π Read
via "Naked Security".
GitHub has uncovered a form of malware that spreads via infected repositories on its system.π Read
via "Naked Security".
Naked Security
Github uncovers malicious βOctopus Scannerβ targeting developers
GitHub has uncovered a form of malware that spreads via infected repositories on its system.
π΄ How AI and Automation Can Help Bridge the Cybersecurity Talent Gap π΄
π Read
via "Dark Reading: ".
Without the right tools and with not enough cybersecurity pros to fill the void, the talent gap will continue to widen.π Read
via "Dark Reading: ".
Dark Reading
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Without the right tools and with not enough cybersecurity pros to fill the void, the talent gap will continue to widen.
π Zoom plans stronger encryption on video meetings for these customers π
π Read
via "Security on TechRepublic".
Schools, paying customers and potentially high-risk users could be offered stronger encryption for video meetings under new plans being explored by Zoom.π Read
via "Security on TechRepublic".
TechRepublic
Zoom plans stronger encryption on video meetings for these customers
Schools, paying customers and potentially high-risk users could be offered stronger encryption for video meetings under new plans being explored by Zoom.
π How Purism takes a lo-fi approach to secure laptops for shipment π
π Read
via "Security on TechRepublic".
Are you concerned someone might intercept your newly-purchased mobile device during transit and do bad things with it? Purism is aware this happens and takes a lo-fi approach to the problem.π Read
via "Security on TechRepublic".
TechRepublic
How Purism takes a lo-fi approach to secure laptops for shipment
Are you concerned someone might intercept your newly-purchased mobile device during transit and do bad things with it? Purism is aware this happens and takes a lo-fi approach to the problem.
β Hosting Providerβs Database of Crooked Customers Leaked β
π Read
via "Threatpost".
Database of sensitive info, including emails and passwords, from owners of Danielβs Hosting portals could be incriminating.π Read
via "Threatpost".
Threat Post
Hosting Providerβs Database of Crooked Customers Leaked
Database of sensitive info, including emails and passwords, from owners of Danielβs Hosting portals could be incriminating.
β No password required! βSign in with Appleβ account takeover flaw patched β
π Read
via "Naked Security".
A bug bounty hunter found a way to login using "Sign in with Apple"... but without the part where you have to put in a password.π Read
via "Naked Security".
Naked Security
No password required! βSign in with Appleβ account takeover flaw patched
A bug bounty hunter found a way to login using βSign in with Appleββ¦ but without the part where you have to put in a password.
β Minneapolis Police Department Hack Likely Fake, Says Researcher β
π Read
via "Threatpost".
Troy Hunt said that the supposed data breach perpetrated by Anonymous is most likely a hoax.π Read
via "Threatpost".
Threat Post
Minneapolis Police Department Hack Likely Fake, Says Researcher
Troy Hunt said that the supposed data breach perpetrated by Anonymous is most likely a hoax.
ATENTIONβΌ New - CVE-2019-12033
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-12032
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-12031
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.π Read
via "National Vulnerability Database".