π What is Cyber Security? Definition, Best Practices & More π
π Read
via "Subscriber Blog RSS Feed ".
Learn about cyber security, why it's important, and how to get started building a cyber security program in this installment of our Data Protection 101 series.π Read
via "Subscriber Blog RSS Feed ".
Digitalguardian
What is Cyber Security? Definition, Best Practices & Examples
Learn about cyber security, why it's important, and how to get started building a cyber security program in this installment of our Data Protection 101 series.
ATENTIONβΌ New - CVE-2019-4576
π Read
via "National Vulnerability Database".
IBM QRadar Network Packet Capture 7.3.0 - 7.3.3 Patch 1 and 7.4.0 GA does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 166803.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-3588
π Read
via "National Vulnerability Database".
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-3585
π Read
via "National Vulnerability Database".
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.π Read
via "National Vulnerability Database".
π΄ Efficient Security Testing Requires Automation, but Humans Are Needed Too π΄
π Read
via "Dark Reading: ".
An annual survey of penetration testers finds that although machines can quickly find many classes of vulnerabilities, human analysts are still necessary to gauge the severity of discovered issues.π Read
via "Dark Reading: ".
Dark Reading
Efficient Security Testing Requires Automation, but Humans Are Needed Too
An annual survey of penetration testers finds that although machines can quickly find many classes of vulnerabilities, human analysts are still necessary to gauge the severity of discovered issues.
π WhatWeb Scanner 0.5.2 π
π Go!
via "Security Tool Files β Packet Storm".
WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
WhatWeb Scanner 0.5.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Zeek 3.1.4 π
π Go!
via "Security Tool Files β Packet Storm".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Zeek 3.1.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Asset Management Mess? How to Get Organized π΄
π Read
via "Dark Reading: ".
Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need -- and secure it.π Read
via "Dark Reading: ".
Dark Reading
Asset Management Mess? How to Get Organized
Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need -- and secure it.
ATENTIONβΌ New - CVE-2020-10708
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
π΄ Fake COVID-19 Contact-Tracing Apps Infect Android Phones π΄
π Read
via "Dark Reading: ".
Researchers find 12 Android applications disguised as official COVID-19 contact tracing apps installing malware onto devices.π Read
via "Dark Reading: ".
Dark Reading
Fake COVID-19 Contact-Tracing Apps Infect Android Phones
Researchers find 12 Android applications disguised as official COVID-19 contact tracing apps installing malware onto devices.
π΄ The Telehealth Attack Surface π΄
π Read
via "Dark Reading: ".
Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.π Read
via "Dark Reading: ".
Dark Reading
The Telehealth Attack Surface
Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.
ATENTIONβΌ New - CVE-2020-10755
π Read
via "National Vulnerability Database".
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleIO or VxFlex OS backend storage driver, credentials for the entire backend are exposed in the ``connection_info`` element in all Block Storage v3 Attachments API calls containing that element. This flaw enables an end-user to create a volume, make an API call to show the attachment detail information, and retrieve a username and password that may be used to connect to another user's volume. Additionally, these credentials are valid for the ScaleIO or VxFlex OS Management API, should an attacker discover the Management API endpoint. Source: OpenStack projectπ Read
via "National Vulnerability Database".
β Critical Intel Flaws Fixed in Active Management Technology β
π Read
via "Threatpost".
Two critical flaws in Intel AMT, which could enable privilege escalation, were patched along with 20 other bugs in its June security update.π Read
via "Threatpost".
Threat Post
Critical Intel Flaws Fixed in Active Management Technology
Two critical flaws in Intel AMT, which could enable privilege escalation, were patched along with 20 other bugs in its June security update.
π How to better defend your cloud-based environments against cyberattack π
π Read
via "Security on TechRepublic".
A rapid, disorganized shift to the cloud can open the door to data theft, ransomware, malware, and other cyberattacks, says IBM X-Force.π Read
via "Security on TechRepublic".
TechRepublic
How to better defend your cloud-based environments against cyberattack
A rapid, disorganized shift to the cloud can open the door to data theft, ransomware, malware, and other cyberattacks, says IBM X-Force.
β Snake Ransomware Delivers Double-Strike on Honda, Energy Co. β
π Read
via "Threatpost".
The ICS/SCADA-focused malware is likely behind a duo of attacks this week, on Honda and a South American energy company, researchers said.π Read
via "Threatpost".
Threat Post
Snake Ransomware Delivers Double-Strike on Honda, Energy Co.
The ICS/SCADA-focused malware is likely behind a duo of attacks this week, on Honda and a South American energy company, researchers said.
β Helping Remote Workers Overcome Remote Attacks β
π Read
via "Threatpost".
Because remote workers' devices are all connected to a home network, they donβt even need to be attacked directly. Instead, attackers have multiple avenues of attack that can be exploited.π Read
via "Threatpost".
Threat Post
Helping Remote Workers Overcome Remote Attacks
Because remote workersβ devices are all connected to a home network, they donβt even need to be attacked directly. Instead, attackers have multiple avenues of attack that can be exploited.
ATENTIONβΌ New - CVE-2020-0121
π Read
via "National Vulnerability Database".
In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic error. This could lead to local information disclosure of location data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-148180766π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0119
π Read
via "National Vulnerability Database".
In addOrUpdateNetworkInternal and related functions of WifiConfigManager.java, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150500247π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0118
π Read
via "National Vulnerability Database".
In addListener of RegionSamplingThread.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150904694π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0117
π Read
via "National Vulnerability Database".
In aes_cmac of aes_cmac.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-151155194π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0116
π Read
via "National Vulnerability Database".
In checkSystemLocationAccess of LocationAccessPolicy.java, there is a possible bypass of user profile isolation due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-151330809π Read
via "National Vulnerability Database".