🔏 What is AWS Security? 🔏
📖 Read
via "Subscriber Blog RSS Feed ".
Amazon Web Services (AWS) is a leading cloud service provider, equipped with various security features. In this post, we’ll discuss the security components that make AWS a secure cloud platform.📖 Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
What is AWS Security?
Amazon Web Services (AWS) is a leading cloud service provider, equipped with various security features. In this post, we’ll discuss the security components that make AWS a secure cloud platform.
🛠 Sifter 8.7 🛠
📖 Go!
via "Security Tool Files ≈ Packet Storm".
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.📖 Go!
via "Security Tool Files ≈ Packet Storm".
Packetstormsecurity
Sifter 8.7 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🛠 Scapy Packet Manipulation Tool 2.4.4rc2 🛠
📖 Go!
via "Security Tool Files ≈ Packet Storm".
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.📖 Go!
via "Security Tool Files ≈ Packet Storm".
Packetstormsecurity
Scapy Packet Manipulation Tool 2.4.4rc2 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTION‼ New - CVE-2020-1425
📖 Read
via "National Vulnerability Database".
A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1457.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-10609
📖 Read
via "National Vulnerability Database".
Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may allow sensitive information to be read or allow modification to system settings by someone with access to the device.📖 Read
via "National Vulnerability Database".
❌ Microsoft Revamps Windows Insider Preview Bug Bounty Program ❌
📖 Read
via "Threatpost".
Researchers can earn up to $100,000 for finding vulnerabilities in Microsoft's revamped Windows Insider Preview bug bounty program.📖 Read
via "Threatpost".
Threat Post
Microsoft Revamps Windows Insider Preview Bug Bounty Program
Researchers can earn up to $100,000 for finding vulnerabilities in Microsoft's revamped Windows Insider Preview bug bounty program.
🕴 Ratings for Open Source Projects Aim to Make Software More Secure 🕴
📖 Read
via "Dark Reading: ".
Two companies have teamed up to rate open source projects, but can adopting repository ratings help developers make better decisions regarding open source?📖 Read
via "Dark Reading: ".
Dark Reading
Ratings for Open Source Projects Aim to Make Software More Secure
Two companies have teamed up to rate open source projects, but can adopting repository ratings help developers make better decisions regarding open source?
🕴 ShinyHunters Offers Stolen Data on Dark Web 🕴
📖 Read
via "Dark Reading: ".
The threat actor offers more than 26 million records from a series of data breaches.📖 Read
via "Dark Reading: ".
Dark Reading
ShinyHunters Offers Stolen Data on Dark Web
The threat actor offers more than 26 million records from a series of data breaches.
ATENTION‼ New - CVE-2020-12460
📖 Read
via "National Vulnerability Database".
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 has improper null termination in the function opendmarc_xml_parse that can result in a one-byte heap overflow in opendmarc_xml when parsing a specially crafted DMARC aggregate report. This can cause remote memory corruption when a '\0' byte overwrites the heap metadata of the next chunk and its PREV_INUSE flag.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-10643
📖 Read
via "National Vulnerability Database".
An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component.📖 Read
via "National Vulnerability Database".
🔐 Why security professionals are facing more work stress 🔐
📖 Read
via "Security on TechRepublic".
A lack of time and a lack of executive support are two of the top causes of stress, according to a LogRhythm report.📖 Read
via "Security on TechRepublic".
TechRepublic
Why security professionals are facing more work stress
A lack of time and a lack of executive support are two of the top causes of stress, according to a LogRhythm report.
🔐 Distance learning makes universities more vulnerable to cyberattack 🔐
📖 Read
via "Security on TechRepublic".
Expert suggests universities take extra care to prevent attacks while students are learning from home.📖 Read
via "Security on TechRepublic".
TechRepublic
Distance learning makes universities more vulnerable to cyberattack
Expert suggests universities take extra care to prevent attacks while students are learning from home.
🔐 Distance learning makes universities more vulnerable to cyberattack 🔐
📖 Read
via "Security on TechRepublic".
Expert suggests universities take extra care to prevent attacks while students are learning from home.📖 Read
via "Security on TechRepublic".
TechRepublic
Distance learning makes universities more vulnerable to cyberattack
Expert suggests universities take extra care to prevent attacks while students are learning from home.
❌ Researchers Warn of High-Severity Dell PowerEdge Server Flaw ❌
📖 Read
via "Threatpost".
A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over control of server operations.📖 Read
via "Threatpost".
Threat Post
Researchers Warn of High-Severity Dell PowerEdge Server Flaw
A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over control of server operations.
❌ Podcast: Security Lessons Learned In Times of Uncertainty ❌
📖 Read
via "Threatpost".
Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2020.📖 Read
via "Threatpost".
Threat Post
Podcast: Security Lessons Learned In Times of Uncertainty
Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2020.
🕴 As Businesses Move to the Cloud, Cybercriminals Follow Close Behind 🕴
📖 Read
via "Dark Reading: ".
In the wake of COVID-19, data theft is by far the top tactic, followed by cryptomining and ransomware.📖 Read
via "Dark Reading: ".
Dark Reading
As Businesses Move to the Cloud, Cybercriminals Follow Close Behind
In the wake of COVID-19, data theft is by far the top tactic, followed by cryptomining and ransomware.
🛠 Zeek 3.1.5 🛠
📖 Go!
via "Security Tool Files ≈ Packet Storm".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.📖 Go!
via "Security Tool Files ≈ Packet Storm".
Packetstormsecurity
Zeek 3.1.5 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTION‼ New - CVE-2019-4731
📖 Read
via "National Vulnerability Database".
IBM MQ Appliance 9.1.4.CD could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 172616.📖 Read
via "National Vulnerability Database".
🔐 Box announces added security to Box Shield solution with automation classification 🔐
📖 Read
via "Security on TechRepublic".
Using machine learning, Shield automatically scans files and classifies them based on content, detecting and securing sensitive information.📖 Read
via "Security on TechRepublic".
TechRepublic
Box announces added security to Box Shield solution with automation classification
Using machine learning, Shield automatically scans files and classifies them based on content, detecting and securing sensitive information.
ATENTION‼ New - CVE-2020-13915
📖 Read
via "National Vulnerability Database".
Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2020-13914
📖 Read
via "National Vulnerability Database".
webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.📖 Read
via "National Vulnerability Database".