βΌ CVE-2020-7709 βΌ
π Read
via "National Vulnerability Database".
This affects the package json-pointer before 0.6.1. Multiple reference of object using slash is supported.π Read
via "National Vulnerability Database".
π Nmap Port Scanner 7.90 π
π Read
via "Packet Storm Security".
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.π Read
via "Packet Storm Security".
Packetstormsecurity
Nmap Port Scanner 7.90 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π GRR 3.4.2.3 π
π Read
via "Packet Storm Security".
GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.π Read
via "Packet Storm Security".
Packetstormsecurity
GRR 3.4.2.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ 3 Ways Data Breaches Accelerate the Fraud Supply Chain π΄
π Read
via "Dark Reading".
The battle's just beginning as bad actors glean more personal information from victims and use that data to launch larger attacks.π Read
via "Dark Reading".
Dark Reading
3 Ways Data Breaches Accelerate the Fraud Supply Chain
The battle's just beginning as bad actors glean more personal information from victims and use that data to launch larger attacks.
βΌ CVE-2020-25636 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26166 βΌ
π Read
via "National Vulnerability Database".
The file upload functionality in qdPM 9.1 doesn't check the file description, which allows remote authenticated attackers to inject web script or HTML via the attachments info parameter, aka XSS. This can occur during creation of a ticket, project, or task.π Read
via "National Vulnerability Database".
β Video-Game Piracy Group βTeam Xecuterβ Leaders in Custody β
π Read
via "Threat Post".
The two alleged leaders of Team Xecuter targeted popular consoles like the Nintendo Switch, the Sony PlayStation Classic and Microsoft Xbox.π Read
via "Threat Post".
Threat Post
Video-Game Piracy Group βTeam Xecuterβ Leaders in Custody
The two alleged leaders of Team Xecuter targeted popular consoles like the Nintendo Switch, the Sony PlayStation Classic and Microsoft Xbox.
β Tenda Router Zero-Days Emerge in Spyware Botnet Campaign β
π Read
via "Threat Post".
A variant of the Mirai botnet, called Ttint, has added espionage capabilities to complement its denial-of-service functions.π Read
via "Threat Post".
Threat Post
Tenda Router Zero-Days Emerge in Spyware Botnet Campaign
A variant of the Mirai botnet, called Ttint, has added espionage capabilities to complement its denial-of-service functions.
βΌ CVE-2020-25635 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8228 βΌ
π Read
via "National Vulnerability Database".
A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.π Read
via "National Vulnerability Database".
β Naked Security Live β Stay on top of phishing scams β
π Read
via "Naked Security".
Naked Security Live - here's the recorded version of our latest video. Enjoy.π Read
via "Naked Security".
Naked Security
Naked Security Live β Stay on top of phishing scams
Naked Security Live β hereβs the recorded version of our latest video. Enjoy.
β Rare Bootkit Malware Targets North Korea-Linked Diplomats β
π Read
via "Threat Post".
The MosaicRegressor espionage framework is newly discovered and appears to be the work of Chinese-speaking actors.π Read
via "Threat Post".
Threat Post
Rare Bootkit Malware Targets North Korea-Linked Diplomats
The MosaicRegressor espionage framework is newly discovered and appears to be the work of Chinese-speaking actors.
π Telework Tips to Help Organizations Grappling with WFH Life π
π Read
via "Digital Guardian".
The Cybersecurity & Infrastructure Security Agency has released a collection of tips and best practices to help companies and employees better secure the new extended network perimeter.π Read
via "Digital Guardian".
Digital Guardian
Telework Tips to Help Organizations Grappling with WFH Life
The Cybersecurity & Infrastructure Security Agency has released a collection of tips and best practices to help companies and employees better secure the new extended network perimeter.
β Malware Families Turn to Legit Pastebin-Like Service β
π Read
via "Threat Post".
AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks.π Read
via "Threat Post".
Threat Post
Malware Families Turn to Legit Pastebin-Like Service
AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks.
π΄ 'Virtual Cyber Carnival' Kicks off Cybersecurity Awareness Month π΄
π Read
via "Dark Reading".
A new initiative will run throughout the month of October, invites the general public to play cybersecurity games (and win fabulous prizes).π Read
via "Dark Reading".
Dark Reading
'Virtual Cyber Carnival' Kicks off Cybersecurity Awareness Month
A new initiative will run throughout the month of October, invites the general public to play cybersecurity games (and win fabulous prizes).
βΌ CVE-2020-24231 βΌ
π Read
via "National Vulnerability Database".
Symmetric DS <3.12.0 uses mx4j to provide access to JMX over HTTP. mx4j, by default, has no auth and is available on all interfaces. An attacker can interact with JMX: get system info, and invoke MBean methods. It is possible to install additional MBeans from a remote host using MLet that leads to arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2020-15235 βΌ
π Read
via "National Vulnerability Database".
In RACTF before commit f3dc89b, unauthenticated users are able to get the value of sensitive config keys that would normally be hidden to everyone except admins. All versions after commit f3dc89b9f6ab1544a289b3efc06699b13d63e0bd(3/10/20) are patched.π Read
via "National Vulnerability Database".
π¦Ώ Top 5 things to know about Confidential Computing π¦Ώ
π Read
via "Tech Republic".
The Confidential Computing Consortium, formed under The Linux Foundation, could revolutionize the way companies share data. Tom Merritt lists five things to know about Confidential Computing.π Read
via "Tech Republic".
TechRepublic
Top 5 things to know about Confidential Computing
The Confidential Computing Consortium, formed under The Linux Foundation, could revolutionize the way companies share data. Tom Merritt lists five things to know about Confidential Computing.
β Black-T Malware Emerges From Cryptojacker Group TeamTNT β
π Read
via "Threat Post".
Researchers have discovered the latest cryptojacking malware gambit from TeamTNT, called Black-T. The variant builds on the groupβs typical approach, with a few new β and sophisticated β extras. TeamTNT is known for its targeting of Amazon Web Services (AWS) credentials, to break into the cloud and use it to mine for the Monero cryptocurrency. [β¦]π Read
via "Threat Post".
Threat Post
Black-T Malware Emerges From Cryptojacker Group TeamTNT
The cryptojacking malware variant builds on the TeamTNT groupβs typical approach, with a few new β and sophisticated β extras.
βΌ CVE-2020-16226 βΌ
π Read
via "National Vulnerability Database".
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.π Read
via "National Vulnerability Database".
βΌ CVE-2020-15237 βΌ
π Read
via "National Vulnerability Database".
In Shrine before version 3.3.0, when using the `derivation_endpoint` plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL. The problem has been fixed by comparing sent and calculated signature in constant time, using `Rack::Utils.secure_compare`. Users using the `derivation_endpoint` plugin are urged to upgrade to Shrine 3.3.0 or greater. A possible workaround is provided in the linked advisory.π Read
via "National Vulnerability Database".