βΌ CVE-2020-26526 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Damstra Smart Asset 2020.7. It is possible to enumerate valid usernames on the login page. The application sends a different server response when the username is invalid than when the username is valid ("Unable to find an APIDomain" versus "Wrong email or password").π Read
via "National Vulnerability Database".
βΌ CVE-2020-25776 βΌ
π Read
via "National Vulnerability Database".
Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2017-18924 βΌ
π Read
via "National Vulnerability Database".
** DISPUTED ** oauth2-server (aka node-oauth2-server) through 3.1.1 implements OAuth 2.0 without PKCE. It does not prevent authorization code injection. This is similar to CVE-2020-7692. NOTE: the vendor states 'As RFC7636 is an extension, I think the claim in the Readme of "RFC 6749 compliant" is valid and not misleading and I also therefore wouldn't describe this as a "vulnerability" with the library per se.'π Read
via "National Vulnerability Database".
π΄ test chunk server π΄
π Read
via "Dark Reading".
Until all domain controllers are updated, the entire infrastructure remains vulnerable, the DHS' CISA warns.π Read
via "Dark Reading".
Dark Reading
Dark Reading | Security | Protect The Business - Enable Access
Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.
β Serious Security: Phishing without links β when phishers bring along their own web pages β
π Read
via "Naked Security".
How do you "check the URL before you click" if the web page you're visiting is already on your own computer?π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2020-7709 βΌ
π Read
via "National Vulnerability Database".
This affects the package json-pointer before 0.6.1. Multiple reference of object using slash is supported.π Read
via "National Vulnerability Database".
π Nmap Port Scanner 7.90 π
π Read
via "Packet Storm Security".
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.π Read
via "Packet Storm Security".
Packetstormsecurity
Nmap Port Scanner 7.90 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π GRR 3.4.2.3 π
π Read
via "Packet Storm Security".
GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.π Read
via "Packet Storm Security".
Packetstormsecurity
GRR 3.4.2.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ 3 Ways Data Breaches Accelerate the Fraud Supply Chain π΄
π Read
via "Dark Reading".
The battle's just beginning as bad actors glean more personal information from victims and use that data to launch larger attacks.π Read
via "Dark Reading".
Dark Reading
3 Ways Data Breaches Accelerate the Fraud Supply Chain
The battle's just beginning as bad actors glean more personal information from victims and use that data to launch larger attacks.
βΌ CVE-2020-25636 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26166 βΌ
π Read
via "National Vulnerability Database".
The file upload functionality in qdPM 9.1 doesn't check the file description, which allows remote authenticated attackers to inject web script or HTML via the attachments info parameter, aka XSS. This can occur during creation of a ticket, project, or task.π Read
via "National Vulnerability Database".
β Video-Game Piracy Group βTeam Xecuterβ Leaders in Custody β
π Read
via "Threat Post".
The two alleged leaders of Team Xecuter targeted popular consoles like the Nintendo Switch, the Sony PlayStation Classic and Microsoft Xbox.π Read
via "Threat Post".
Threat Post
Video-Game Piracy Group βTeam Xecuterβ Leaders in Custody
The two alleged leaders of Team Xecuter targeted popular consoles like the Nintendo Switch, the Sony PlayStation Classic and Microsoft Xbox.
β Tenda Router Zero-Days Emerge in Spyware Botnet Campaign β
π Read
via "Threat Post".
A variant of the Mirai botnet, called Ttint, has added espionage capabilities to complement its denial-of-service functions.π Read
via "Threat Post".
Threat Post
Tenda Router Zero-Days Emerge in Spyware Botnet Campaign
A variant of the Mirai botnet, called Ttint, has added espionage capabilities to complement its denial-of-service functions.
βΌ CVE-2020-25635 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8228 βΌ
π Read
via "National Vulnerability Database".
A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.π Read
via "National Vulnerability Database".
β Naked Security Live β Stay on top of phishing scams β
π Read
via "Naked Security".
Naked Security Live - here's the recorded version of our latest video. Enjoy.π Read
via "Naked Security".
Naked Security
Naked Security Live β Stay on top of phishing scams
Naked Security Live β hereβs the recorded version of our latest video. Enjoy.
β Rare Bootkit Malware Targets North Korea-Linked Diplomats β
π Read
via "Threat Post".
The MosaicRegressor espionage framework is newly discovered and appears to be the work of Chinese-speaking actors.π Read
via "Threat Post".
Threat Post
Rare Bootkit Malware Targets North Korea-Linked Diplomats
The MosaicRegressor espionage framework is newly discovered and appears to be the work of Chinese-speaking actors.
π Telework Tips to Help Organizations Grappling with WFH Life π
π Read
via "Digital Guardian".
The Cybersecurity & Infrastructure Security Agency has released a collection of tips and best practices to help companies and employees better secure the new extended network perimeter.π Read
via "Digital Guardian".
Digital Guardian
Telework Tips to Help Organizations Grappling with WFH Life
The Cybersecurity & Infrastructure Security Agency has released a collection of tips and best practices to help companies and employees better secure the new extended network perimeter.
β Malware Families Turn to Legit Pastebin-Like Service β
π Read
via "Threat Post".
AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks.π Read
via "Threat Post".
Threat Post
Malware Families Turn to Legit Pastebin-Like Service
AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks.
π΄ 'Virtual Cyber Carnival' Kicks off Cybersecurity Awareness Month π΄
π Read
via "Dark Reading".
A new initiative will run throughout the month of October, invites the general public to play cybersecurity games (and win fabulous prizes).π Read
via "Dark Reading".
Dark Reading
'Virtual Cyber Carnival' Kicks off Cybersecurity Awareness Month
A new initiative will run throughout the month of October, invites the general public to play cybersecurity games (and win fabulous prizes).
βΌ CVE-2020-24231 βΌ
π Read
via "National Vulnerability Database".
Symmetric DS <3.12.0 uses mx4j to provide access to JMX over HTTP. mx4j, by default, has no auth and is available on all interfaces. An attacker can interact with JMX: get system info, and invoke MBean methods. It is possible to install additional MBeans from a remote host using MLet that leads to arbitrary code execution.π Read
via "National Vulnerability Database".