π΄ Efficient Security Testing Requires Automation, but Humans Are Needed Too π΄
π Read
via "Dark Reading: ".
An annual survey of penetration testers finds that although machines can quickly find many classes of vulnerabilities, human analysts are still necessary to gauge the severity of discovered issues.π Read
via "Dark Reading: ".
Dark Reading
Efficient Security Testing Requires Automation, but Humans Are Needed Too
An annual survey of penetration testers finds that although machines can quickly find many classes of vulnerabilities, human analysts are still necessary to gauge the severity of discovered issues.
π WhatWeb Scanner 0.5.2 π
π Go!
via "Security Tool Files β Packet Storm".
WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
WhatWeb Scanner 0.5.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Zeek 3.1.4 π
π Go!
via "Security Tool Files β Packet Storm".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Zeek 3.1.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Asset Management Mess? How to Get Organized π΄
π Read
via "Dark Reading: ".
Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need -- and secure it.π Read
via "Dark Reading: ".
Dark Reading
Asset Management Mess? How to Get Organized
Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need -- and secure it.
ATENTIONβΌ New - CVE-2020-10708
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
π΄ Fake COVID-19 Contact-Tracing Apps Infect Android Phones π΄
π Read
via "Dark Reading: ".
Researchers find 12 Android applications disguised as official COVID-19 contact tracing apps installing malware onto devices.π Read
via "Dark Reading: ".
Dark Reading
Fake COVID-19 Contact-Tracing Apps Infect Android Phones
Researchers find 12 Android applications disguised as official COVID-19 contact tracing apps installing malware onto devices.
π΄ The Telehealth Attack Surface π΄
π Read
via "Dark Reading: ".
Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.π Read
via "Dark Reading: ".
Dark Reading
The Telehealth Attack Surface
Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.
ATENTIONβΌ New - CVE-2020-10755
π Read
via "National Vulnerability Database".
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleIO or VxFlex OS backend storage driver, credentials for the entire backend are exposed in the ``connection_info`` element in all Block Storage v3 Attachments API calls containing that element. This flaw enables an end-user to create a volume, make an API call to show the attachment detail information, and retrieve a username and password that may be used to connect to another user's volume. Additionally, these credentials are valid for the ScaleIO or VxFlex OS Management API, should an attacker discover the Management API endpoint. Source: OpenStack projectπ Read
via "National Vulnerability Database".
β Critical Intel Flaws Fixed in Active Management Technology β
π Read
via "Threatpost".
Two critical flaws in Intel AMT, which could enable privilege escalation, were patched along with 20 other bugs in its June security update.π Read
via "Threatpost".
Threat Post
Critical Intel Flaws Fixed in Active Management Technology
Two critical flaws in Intel AMT, which could enable privilege escalation, were patched along with 20 other bugs in its June security update.
π How to better defend your cloud-based environments against cyberattack π
π Read
via "Security on TechRepublic".
A rapid, disorganized shift to the cloud can open the door to data theft, ransomware, malware, and other cyberattacks, says IBM X-Force.π Read
via "Security on TechRepublic".
TechRepublic
How to better defend your cloud-based environments against cyberattack
A rapid, disorganized shift to the cloud can open the door to data theft, ransomware, malware, and other cyberattacks, says IBM X-Force.
β Snake Ransomware Delivers Double-Strike on Honda, Energy Co. β
π Read
via "Threatpost".
The ICS/SCADA-focused malware is likely behind a duo of attacks this week, on Honda and a South American energy company, researchers said.π Read
via "Threatpost".
Threat Post
Snake Ransomware Delivers Double-Strike on Honda, Energy Co.
The ICS/SCADA-focused malware is likely behind a duo of attacks this week, on Honda and a South American energy company, researchers said.
β Helping Remote Workers Overcome Remote Attacks β
π Read
via "Threatpost".
Because remote workers' devices are all connected to a home network, they donβt even need to be attacked directly. Instead, attackers have multiple avenues of attack that can be exploited.π Read
via "Threatpost".
Threat Post
Helping Remote Workers Overcome Remote Attacks
Because remote workersβ devices are all connected to a home network, they donβt even need to be attacked directly. Instead, attackers have multiple avenues of attack that can be exploited.
ATENTIONβΌ New - CVE-2020-0121
π Read
via "National Vulnerability Database".
In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic error. This could lead to local information disclosure of location data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-148180766π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0119
π Read
via "National Vulnerability Database".
In addOrUpdateNetworkInternal and related functions of WifiConfigManager.java, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150500247π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0118
π Read
via "National Vulnerability Database".
In addListener of RegionSamplingThread.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150904694π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0117
π Read
via "National Vulnerability Database".
In aes_cmac of aes_cmac.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-151155194π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0116
π Read
via "National Vulnerability Database".
In checkSystemLocationAccess of LocationAccessPolicy.java, there is a possible bypass of user profile isolation due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-151330809π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0115
π Read
via "National Vulnerability Database".
In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-150038428π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0114
π Read
via "National Vulnerability Database".
In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0113
π Read
via "National Vulnerability Database".
In sendCaptureResult of Camera3OutputUtils.cpp, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-150944913π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-5735
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.π Read
via "National Vulnerability Database".