π΄ Credit-Card Skimmer Seeks Websites Running Microsoft's ASP.NET π΄
π Read
via "Dark Reading: ".
The payment-card skimmer targets websites hosted on Microsoft IIS servers and running the ASP.NET web framework.π Read
via "Dark Reading: ".
Darkreading
Credit-Card Skimmer Seeks Websites Running Microsoft's ASP.NET
The payment-card skimmer targets websites hosted on Microsoft IIS servers and running the ASP.NET web framework.
ATENTIONβΌ New - CVE-2020-10760
π Read
via "National Vulnerability Database".
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-8252
π Read
via "National Vulnerability Database".
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-8251
π Read
via "National Vulnerability Database".
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-8250
π Read
via "National Vulnerability Database".
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-8249
π Read
via "National Vulnerability Database".
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-8066
π Read
via "National Vulnerability Database".
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-14900
π Read
via "National Vulnerability Database".
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.π Read
via "National Vulnerability Database".
β Android Users Hit with βUndeletableβ Adware β
π Read
via "Threatpost".
Researchers say that 14.8 percent of Android users who were targeted with mobile malware or adware last year were left with undeletable files.π Read
via "Threatpost".
Threat Post
Android Users Hit with βUndeletableβ Adware
Researchers say that 14.8 percent of Android users who were targeted with mobile malware or adware last year were left with undeletable files.
π΄ North Korea's Lazarus Group Diversifies Into Card Skimming π΄
π Read
via "Dark Reading: ".
Since at least May 2019, the state-sponsored threat actor has stolen card data from dozens of retailers, including major US firms.π Read
via "Dark Reading: ".
Dark Reading
North Korea's Lazarus Group Diversifies Into Card Skimming
Since at least May 2019, the state-sponsored threat actor has stolen card data from dozens of retailers, including major US firms.
π΄ Attackers Scan for Vulnerable BIG-IP Devices After Flaw Disclosure π΄
π Read
via "Dark Reading: ".
The US Cybersecurity and Infrastructure Security Agency encourages organizations to patch a critical flaw in the BIG-IP family of application delivery controllers, as firms find evidence that attackers are scanning for the critical vulnerability.π Read
via "Dark Reading: ".
Dark Reading
Attackers Scan for Vulnerable BIG-IP Devices After Flaw Disclosure
The US Cybersecurity and Infrastructure Security Agency encourages organizations to patch a critical flaw in the BIG-IP family of application delivery controllers, as firms find evidence that attackers are scanning for the critical vulnerability.
π How to ensure the integrity of your encrypted drive while it's hibernating in macOS π
π Read
via "Security on TechRepublic".
Enabling full-disk encryption to keep documents secure is highly recommended. By default, macOS does not maintain integrity while hibernating. But there's a fix for that.π Read
via "Security on TechRepublic".
TechRepublic
How to ensure the integrity of your encrypted drive while it's hibernating in macOS
Enabling full-disk encryption to keep documents secure is highly recommended. By default, macOS does not maintain integrity while hibernating. But there's a fix for that.
π Sifter 7.8 π
π Go!
via "Security Tool Files β Packet Storm".
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Sifter 7.8 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Mandos Encrypted File System Unattended Reboot Utility 1.8.12 π
π Go!
via "Security Tool Files β Packet Storm".
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Mandos Encrypted File System Unattended Reboot Utility 1.8.12 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ BEC Busts Take Down Multimillion-Dollar Operations π΄
π Read
via "Dark Reading: ".
The two extraditions of business email compromise attackers indicate a step forward for international law enforcement collaboration.π Read
via "Dark Reading: ".
Dark Reading
BEC Busts Take Down Multimillion-Dollar Operations
The two extraditions of business email compromise attackers indicate a step forward for international law enforcement collaboration.
ATENTIONβΌ New - CVE-2020-15096
π Read
via "National Vulnerability Database".
In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using "contextIsolation" are affected. There are no app-side workarounds, you must update your Electron version to be protected. This is fixed in versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21.π Read
via "National Vulnerability Database".
β Flashy Nigerian Instagram star extradited to US to face BEC charges β
π Read
via "Naked Security".
It's a short jump from a Rolls Royce ride to extradition from the UAE. Goodbye, Dubai, goodbye, Palazzo Versace, hello, Chicago jail cell.π Read
via "Naked Security".
Naked Security
Flashy Nigerian Instagram star extradited to US to face BEC charges
Itβs a short jump from a Rolls Royce ride to extradition from the UAE. Goodbye, Dubai, goodbye, Palazzo Versace, hello, Chicago jail cell.
β First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered β
π Read
via "Threatpost".
Researchers warn that Cosmic Lynx targets firms that don't use DMARC and uses a "mergers and acquisitions" pretext that can lead to large sums of money being stolen.π Read
via "Threatpost".
Threat Post
First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered
Researchers warn that Cosmic Lynx targets firms that don't use DMARC and uses a "mergers and acquisitions" pretext that can lead to large sums of money being stolen.
β Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites β
π Read
via "Threatpost".
A campaign discovered by Malwarebytes Labs in mid-April has lifted credentials from a number of e-commerce portals.π Read
via "Threatpost".
Threat Post
Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites
A campaign discovered by Malwarebytes Labs in mid-April has lifted credentials from a number of e-commerce portals.
β Company web names hijacked via outdated cloud DNS records β
π Read
via "Naked Security".
Why hack into a server when you can just send vistors to a fake alternative instead?π Read
via "Naked Security".
Naked Security
Company web names hijacked via outdated cloud DNS records
Why hack into a server when you can just send vistors to a fake alternative instead?
π΄ Applying the 80-20 Rule to Cybersecurity π΄
π Read
via "Dark Reading: ".
How security teams can achieve 80% of the benefit for 20% of the work.π Read
via "Dark Reading: ".
Dark Reading
Applying the 80-20 Rule to Cybersecurity
How security teams can achieve 80% of the benefit for 20% of the work.