🛠 GRR 3.4.2.0 🛠
📖 Go!
via "Security Tool Files ≈ Packet Storm".
GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.📖 Go!
via "Security Tool Files ≈ Packet Storm".
Packetstormsecurity
GRR 3.4.2.0 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTION‼ New - CVE-2020-15037
📖 Read
via "National Vulnerability Database".
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Reports-Devices.php page st[] parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-15036
📖 Read
via "National Vulnerability Database".
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Linked.php dv parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-10745
📖 Read
via "National Vulnerability Database".
A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulnerability is to system availability.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-10730
📖 Read
via "National Vulnerability Database".
A NULL pointer dereference, or possible use-after-free flaw was found in the in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-4324
📖 Read
via "National Vulnerability Database".
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-4323
📖 Read
via "National Vulnerability Database".
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."📖 Read
via "National Vulnerability Database".
❌ Cerberus Banking Trojan Unleashed on Google Play ❌
📖 Read
via "Threatpost".
The Cerberus malware can steal banking credentials, bypass security measures and access text messages.📖 Read
via "Threatpost".
Threat Post
Cerberus Banking Trojan Unleashed on Google Play
The Cerberus malware can steal banking credentials, bypass security measures and access text messages.
🔐 How to enable two-factor authentication for Bitwarden 🔐
📖 Read
via "Security on TechRepublic".
If you use Bitwarden as your password manager of choice, you owe it to yourself to enable two-factor authentication.📖 Read
via "Security on TechRepublic".
TechRepublic
How to enable two-factor authentication for Bitwarden
If you use Bitwarden as your password manager of choice, you owe it to yourself to enable two-factor authentication.
🕴 Framing the Security Story: The Simplest Threats Are the Most Dangerous 🕴
📖 Read
via "Dark Reading: ".
Don't be distracted by flashy advanced attacks and ignore the more mundane ones.📖 Read
via "Dark Reading: ".
Dark Reading
Framing the Security Story: The Simplest Threats Are the Most Dangerous
Don't be distracted by flashy advanced attacks and ignore the more mundane ones.
ATENTION‼ New - CVE-2020-15032
📖 Read
via "National Vulnerability Database".
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-15031
📖 Read
via "National Vulnerability Database".
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php chg parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-15030
📖 Read
via "National Vulnerability Database".
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Routes.php rtr parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-15029
📖 Read
via "National Vulnerability Database".
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php sn parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-15028
📖 Read
via "National Vulnerability Database".
NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Map.php xo parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-11882
📖 Read
via "National Vulnerability Database".
The O2 Business application 1.2.0 for Android exposes the canvasm.myo2.SplashActivity activity to other applications. The purpose of this activity is to handle deeplinks that can be delivered either via links or by directly calling the activity. However, the deeplink format is not properly validated. This can be abused by an attacker to redirect a user to any page and deliver any content to the user.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2019-19935
📖 Read
via "National Vulnerability Database".
Froala Editor before 3.0.6 allows XSS.📖 Read
via "National Vulnerability Database".
🕴 Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud 🕴
📖 Read
via "Dark Reading: ".
Cosmic Lynx takes a sophisticated approach to business email compromise and represents a shift in tactics for Russian cybercriminals.📖 Read
via "Dark Reading: ".
Dark Reading
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Cosmic Lynx takes a sophisticated approach to business email compromise and represents a shift in tactics for Russian cybercriminals.
🕴 Drone Path Often Reveals Operator's Location 🕴
📖 Read
via "Dark Reading: ".
The threat posed by drones to critical infrastructure and other operational technology is made more serious by the inability of law enforcement to locate operators, researchers say.📖 Read
via "Dark Reading: ".
Dark Reading
Drone Path Often Reveals Operator's Location
The threat posed by drones to critical infrastructure and other operational technology is made more serious by the inability of law enforcement to locate operators, researchers say.
🕴 Microsoft Seizes Domains Used in COVID-19-Themed Attacks 🕴
📖 Read
via "Dark Reading: ".
Court grants company's bid to shut down infrastructure used in recent campaigns against Office 365 users.📖 Read
via "Dark Reading: ".
Dark Reading
Cybersecurity Operations recent news | Dark Reading
Explore the latest news and expert commentary on Cybersecurity Operations, brought to you by the editors of Dark Reading