π΄ Can Schools Pass Their Biggest Cybersecurity Test Yet? π΄
π Read
via "Dark Reading: ".
Understaffed, underfunded, and underequipped, IT teams in the K-12 sector face a slew of challenges amid remote and hybrid learning models. Here's where they can begin to protect their schools against cyberattacks.π Read
via "Dark Reading: ".
Dark Reading
Can Schools Pass Their Biggest Cybersecurity Test Yet?
Understaffed, underfunded, and underequipped, IT teams in the K-12 sector face a slew of challenges amid remote and hybrid learning models. Here's where they can begin to protect their schools against cyberattacks.
β Known Citrix Workspace Bug Open to New Attack β
π Read
via "Threatpost".
Windows MSI files provide an opening for attackers even though the bug was mostly patched in July.π Read
via "Threatpost".
Threat Post
Known Citrix Workspace Bug Open to New Attack Vector
Windows MSI files provide an opening for attackers even though the bug was mostly patched in July.
π΄ Startup Aims to Map and Track All the IT and Security Things π΄
π Read
via "Dark Reading: ".
Security service JupiterOne spins off from a healthcare service provider's homegrown technology.π Read
via "Dark Reading: ".
Dark Reading
Startup Aims to Map and Track All the IT and Security Things
Security service JupiterOne spins off from a healthcare service provider's homegrown technology.
π΄ New Google Search Hacks Push Viruses & Porn π΄
π Read
via "Dark Reading: ".
Three incidents demonstrate how cybercriminals leverage the scourge of black-hat search engine optimization to manipulate search results.π Read
via "Dark Reading: ".
Dark Reading
New Google Search Hacks Push Viruses & Porn
Three incidents demonstrate how cybercriminals leverage the scourge of black-hat search engine optimization to manipulate search results.
π Georgia Clinic Pays $1.5M to Settle HIPAA Noncompliance π
π Read
via "Subscriber Blog RSS Feed ".
An investigation by HHS OCR at this clinic uncovered "longstanding, systemic noncompliance with the HIPAA Privacy and Security Rules."π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Georgia Clinic Pays $1.5M to Settle HIPAA Noncompliance
An investigation by HHS OCR at this clinic uncovered "longstanding, systemic noncompliance with the HIPAA Privacy and Security Rules."
π Four ways CISOs can move enterprise security into the new normal π
π Read
via "Security on TechRepublic".
Security is changing rapidly, and the COVID-19 pandemic hasn't helped. A Cisco roundtable of chief information security officer advisers plotted the course for a secure future.π Read
via "Security on TechRepublic".
TechRepublic
Four ways CISOs can move enterprise security into the new normal
Security is changing rapidly, and the COVID-19 pandemic hasn't helped. A Cisco roundtable of chief information security officer advisers plotted the course for a secure future.
π OpenSSL Toolkit 1.1.1h π
π Go!
via "Security Tool Files β Packet Storm".
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
OpenSSL Toolkit 1.1.1h β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Google Chrome Bugs Open Browsers to Attack β
π Read
via "Threatpost".
Google's new release of Chrome 85.0.4183.121 for Windows, Mac, and Linux fixes 10 security flaws.π Read
via "Threatpost".
Threat Post
Google Chrome Bugs Open Browsers to Attack
Google's new release of Chrome 85.0.4183.121 for Windows, Mac, and Linux fixes 10 security flaws.
π How to create a secure username π
π Read
via "Security on TechRepublic".
Passwords are the most important factor for securing your accounts. But you need to pay attention to your usernames as well, says NordPass.π Read
via "Security on TechRepublic".
TechRepublic
How to Create a Secure Username
Discover how to create a unique and secure username for your online accounts, and find out why itβs just as important as having a strong password.
π΄ Vulnerability Disclosure Programs See Signups & Payouts Surge π΄
π Read
via "Dark Reading: ".
More than $44.75 million in rewards were paid to hackers over the past year, driving total payouts beyond $100 million.π Read
via "Dark Reading: ".
Dark Reading
Vulnerability Disclosure Programs See Signups & Payouts Surge
More than $44.75 million in rewards were paid to hackers over the past year, driving total payouts beyond $100 million.
π΄ Attackers Target Small Manufacturing Firms π΄
π Read
via "Dark Reading: ".
The most common tactics include credential stuffing using valid accounts, various forms of deception, and vulnerabilities in third-party software, Rapid7 says in its latest quarterly threat report.π Read
via "Dark Reading: ".
Dark Reading
Attackers Target Small Manufacturing Firms
The most common tactics include credential stuffing using valid accounts, various forms of deception, and vulnerabilities in third-party software, Rapid7 says in its latest quarterly threat report.
ATENTIONβΌ New - CVE-2019-1983
π Read
via "National Vulnerability Database".
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the affected devices, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of email attachments. An attacker could exploit this vulnerability by sending an email message with a crafted attachment through an affected device. A successful exploit could allow the attacker to cause specific processes to crash repeatedly, resulting in the complete unavailability of both the Cisco Advanced Malware Protection (AMP) and message tracking features and in severe performance degradation while processing email. After the affected processes restart, the software resumes filtering for the same attachment, causing the affected processes to crash and restart again. A successful exploit could also allow the attacker to cause a repeated DoS condition. Manual intervention may be required to recover from this situation.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-1947
π Read
via "National Vulnerability Database".
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of email messages that contain large attachments. An attacker could exploit this vulnerability by sending a malicious email message through the targeted device. A successful exploit could allow the attacker to cause a permanent DoS condition due to high CPU utilization. This vulnerability may require manual intervention to recover the ESA.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-1888
π Read
via "National Vulnerability Database".
A vulnerability in the Administration Web Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to upload arbitrary files and execute commands on the underlying operating system. To exploit this vulnerability, an attacker needs valid Administrator credentials. The vulnerability is due to insufficient restrictions for the content uploaded to an affected system. An attacker could exploit this vulnerability by uploading arbitrary files containing operating system commands that will be executed by an affected system. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the web interface and then elevate their privileges to root.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-1736
π Read
via "National Vulnerability Database".
A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improper validation of the server firmware upgrade images. An attacker could exploit this vulnerability by installing a server firmware version that would allow the attacker to disable UEFI Secure Boot. A successful exploit could allow the attacker to bypass the signature validation checks that are done by UEFI Secure Boot technology and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-16028
π Read
via "National Vulnerability Database".
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-16025
π Read
via "National Vulnerability Database".
A vulnerability in the web framework of Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of some parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by persuading a user to access a malicious link or by intercepting a user request for the affected web interface and injecting malicious code into that request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web-based management interface or access sensitive, browser-based information.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-16023
π Read
via "National Vulnerability Database".
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-16021
π Read
via "National Vulnerability Database".
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-16019
π Read
via "National Vulnerability Database".
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-16017
π Read
via "National Vulnerability Database".
A vulnerability in the Operations, Administration, Maintenance and Provisioning (OAMP) OpsConsole Server for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The vulnerability is due to insufficient input validation on specific pages of the OAMP application. An attacker could exploit this vulnerability by authenticating to Cisco Unified CVP and sending crafted HTTP requests. A successful exploit could allow an attacker with administrator or read-only privileges to learn information outside of their expected scope. An attacker with administrator privileges could modify certain configuration details of resources outside of their defined scope, which could result in a denial of service (DoS) condition.π Read
via "National Vulnerability Database".