ATENTIONβΌ New - CVE-2019-15312
π Read
via "National Vulnerability Database".
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is a Zolo Halo DNS rebinding attack. The device was found to be vulnerable to DNS rebinding. Combined with one of the many /httpapi.asp endpoint command-execution security issues, the DNS rebinding attack could allow an attacker to compromise the victim device from the Internet.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-15311
π Read
via "National Vulnerability Database".
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to multiple command execution vulnerabilities.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-15310
π Read
via "National Vulnerability Database".
An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When combined with an OS command injection vulnerability within the XML Parsing logic of the firmware update process, an attacker would be able to gain code execution on any device that attempted to update. Note that by default all devices tested had automatic updates enabled.π Read
via "National Vulnerability Database".
π΄ Attackers Compromised Dozens of News Websites as Part of Ransomware Campaign π΄
π Read
via "Dark Reading: ".
Malware used to download WastedLocker on target networks was hosted on legit websites belonging to one parent company, Symantec says.π Read
via "Dark Reading: ".
Dark Reading
Attackers Compromised Dozens of News Websites as Part of Ransomware Campaign
Malware used to download WastedLocker on target networks was hosted on legit websites belonging to one parent company, Symantec says.
ATENTIONβΌ New - CVE-2019-20417
π Read
via "National Vulnerability Database".
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate internal services via an Information Disclosure vulnerability. The vulnerability is only exploitable if WebSudo is disabled in Jira. The affected versions are before version 8.4.2.π Read
via "National Vulnerability Database".
β 133m records for sale as fruits of data breach spree keep raining down β
π Read
via "Naked Security".
Databases can be had for as little as $100, on up to $1,100. Most, if not all, are being sold by the hacking group Shiny Hunters.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ 7 IoT Tips for Home Users π΄
π Read
via "Dark Reading: ".
Whether for business or pleasure, you're on your own once you walk into the house with a new Internet of Things device. Here's how to keep every one secure.π Read
via "Dark Reading: ".
Dark Reading
7 IoT Tips for Home Users
Whether for business or pleasure, you're on your own once you walk into the house with a new Internet of Things device. Here's how to keep everyone secure.
π Zoom: We've delivered on all of our security and privacy promises, apart from one π
π Read
via "Security on TechRepublic".
CEO Eric Yuan said the company had been working to improve safety, privacy and security, but has pushed back the date for its transparency report.π Read
via "Security on TechRepublic".
TechRepublic
Zoom: We've delivered on all of our security and privacy promises, apart from one
CEO Eric Yuan said the company had been working to improve safety, privacy and security, but has pushed back the date for its transparency report.
π΄ DHS Shares Data on Top Cyber Threats to Federal Agencies π΄
π Read
via "Dark Reading: ".
Backdoors, cryptominers, and ransomware were the most widely detected threats by the DHS Cybersecurity and Infrastructure Security Agency (CISA)'s intrusion prevention system EINSTEIN.π Read
via "Dark Reading: ".
Dark Reading
DHS Shares Data on Top Cyber Threats to Federal Agencies
Backdoors, cryptominers, and ransomware were the most widely detected threats by the DHS Cybersecurity and Infrastructure Security Agency (CISA)'s intrusion prevention system EINSTEIN.
β FakeSpy Android Malware Spread Via βPostal-Serviceβ Apps β
π Read
via "Threatpost".
New βsmishingβ campaigns from the Roaming Mantis threat group infect Android users with the FakeSpy infostealer.π Read
via "Threatpost".
Threat Post
FakeSpy Android Malware Spread Via βPostal-Serviceβ Apps
New βsmishingβ campaigns from the Roaming Mantis threat group infect Android users with the FakeSpy infostealer.
π΄ Lessons from COVID-19 Cyberattacks: Where Do We Go Next? π΄
π Read
via "Dark Reading: ".
We need to learn from the attacks and attempts that have occurred in order to prepare for the future.π Read
via "Dark Reading: ".
Dark Reading
Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
We need to learn from the attacks and attempts that have occurred in order to prepare for the future.
β MongoDB ransom threats step up from blackmail to full-on wiping β
π Read
via "Naked Security".
Still thinking "the crooks probably won't find me if I make a security blunder"?π Read
via "Naked Security".
Naked Security
MongoDB ransom threats step up from blackmail to full-on wiping
Still thinking βthe crooks probably wonβt find me if I make a security blunderβ?
π EU Data Protection Authority Wants to Promote Digital Justice π
π Read
via "Subscriber Blog RSS Feed ".
The European Data Protection Supervisor (EDPS) announced its plans for 2020-2024 this week and stressed that the EU needs digital solidarity and to make data work for all people across Europeβs borders.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
EU Data Protection Authority Wants to Promote Digital Justice
The European Data Protection Supervisor (EDPS) announced its plans for 2020-2024 this week and stressed that the EU needs digital solidarity and to make data work for all people across Europeβs borders.
π AIEngine 2.0.0 π
π Go!
via "Security Tool Files β Packet Storm".
AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
AIEngine 2.0.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Wireshark Analyzer 3.2.5 π
π Go!
via "Security Tool Files β Packet Storm".
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Wireshark Analyzer 3.2.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π US schools have lost 24.5 million records in breaches since 2005 π
π Read
via "Security on TechRepublic".
A report from Comparitech found that since 2005 Kβ12 districts and colleges/universities have been attacked more than 1,300 times.π Read
via "Security on TechRepublic".
TechRepublic
US schools have lost 24.5 million records in breaches since 2005
A report from Comparitech found that since 2005 Kβ12 districts and colleges/universities have been attacked more than 1,300 times.
π Trojans, backdoors, and trojan-droppers among most analyzed cyberthreats π
π Read
via "Security on TechRepublic".
Almost three quarters of all requests for analysis to Kaspersky's Threat Intelligence Portal were for trojans, backdoors, and droppers.π Read
via "Security on TechRepublic".
TechRepublic
Trojans, backdoors, and trojan-droppers among most analyzed cyberthreats
Almost three quarters of all requests for analysis to Kaspersky's Threat Intelligence Portal were for trojans, backdoors, and droppers.
β Facebook Privacy Glitch Gave 5K Developers Access to βExpiredβ Data β
π Read
via "Threatpost".
Facebook has fixed a privacy issue that gave developers access to user data long after the 90-day "expiration" date.π Read
via "Threatpost".
Threat Post
Facebook Privacy Glitch Gave 5K Developers Access to βExpiredβ Data
Facebook has fixed a privacy issue that gave developers access to user data long after the 90-day "expiration" date.
β Apache Guacamole Opens Door for Total Control of Remote Footprint β
π Read
via "Threatpost".
Several vulnerabilities can be chained together for a full exploit.π Read
via "Threatpost".
Threat Post
Apache Guacamole Opens Door for Total Control of Remote Footprint
Several vulnerabilities can be chained together for a full exploit.
β Trojans, Backdoors and Droppers: The Most-Analyzed Malware β
π Read
via "Threatpost".
Even so, backdoors and droppers are rare in the wild.π Read
via "Threatpost".
Threat Post
Trojans, Backdoors and Droppers: The Most-Analyzed Malware
Even so, backdoors and droppers are rare in the wild.
π Fed Offers Guidance on Curbing Synthetic Identity Fraud π
π Read
via "Subscriber Blog RSS Feed ".
The Federal Reserve shared insights around mitigating synthetic identity fraud, one of the quickest growing financial threats, this week.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Fed Offers Guidance on Curbing Synthetic Identity Fraud
The Federal Reserve shared insights around mitigating synthetic identity fraud, one of the quickest growing financial threats, this week.