β Malware Families Turn to Legit Pastebin-Like Service β
π Read
via "Threat Post".
AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks.π Read
via "Threat Post".
Threat Post
Malware Families Turn to Legit Pastebin-Like Service
AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks.
π΄ 'Virtual Cyber Carnival' Kicks off Cybersecurity Awareness Month π΄
π Read
via "Dark Reading".
A new initiative will run throughout the month of October, invites the general public to play cybersecurity games (and win fabulous prizes).π Read
via "Dark Reading".
Dark Reading
'Virtual Cyber Carnival' Kicks off Cybersecurity Awareness Month
A new initiative will run throughout the month of October, invites the general public to play cybersecurity games (and win fabulous prizes).
βΌ CVE-2020-24231 βΌ
π Read
via "National Vulnerability Database".
Symmetric DS <3.12.0 uses mx4j to provide access to JMX over HTTP. mx4j, by default, has no auth and is available on all interfaces. An attacker can interact with JMX: get system info, and invoke MBean methods. It is possible to install additional MBeans from a remote host using MLet that leads to arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2020-15235 βΌ
π Read
via "National Vulnerability Database".
In RACTF before commit f3dc89b, unauthenticated users are able to get the value of sensitive config keys that would normally be hidden to everyone except admins. All versions after commit f3dc89b9f6ab1544a289b3efc06699b13d63e0bd(3/10/20) are patched.π Read
via "National Vulnerability Database".
π¦Ώ Top 5 things to know about Confidential Computing π¦Ώ
π Read
via "Tech Republic".
The Confidential Computing Consortium, formed under The Linux Foundation, could revolutionize the way companies share data. Tom Merritt lists five things to know about Confidential Computing.π Read
via "Tech Republic".
TechRepublic
Top 5 things to know about Confidential Computing
The Confidential Computing Consortium, formed under The Linux Foundation, could revolutionize the way companies share data. Tom Merritt lists five things to know about Confidential Computing.
β Black-T Malware Emerges From Cryptojacker Group TeamTNT β
π Read
via "Threat Post".
Researchers have discovered the latest cryptojacking malware gambit from TeamTNT, called Black-T. The variant builds on the groupβs typical approach, with a few new β and sophisticated β extras. TeamTNT is known for its targeting of Amazon Web Services (AWS) credentials, to break into the cloud and use it to mine for the Monero cryptocurrency. [β¦]π Read
via "Threat Post".
Threat Post
Black-T Malware Emerges From Cryptojacker Group TeamTNT
The cryptojacking malware variant builds on the TeamTNT groupβs typical approach, with a few new β and sophisticated β extras.
βΌ CVE-2020-16226 βΌ
π Read
via "National Vulnerability Database".
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.π Read
via "National Vulnerability Database".
βΌ CVE-2020-15237 βΌ
π Read
via "National Vulnerability Database".
In Shrine before version 3.3.0, when using the `derivation_endpoint` plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL. The problem has been fixed by comparing sent and calculated signature in constant time, using `Rack::Utils.secure_compare`. Users using the `derivation_endpoint` plugin are urged to upgrade to Shrine 3.3.0 or greater. A possible workaround is provided in the linked advisory.π Read
via "National Vulnerability Database".
β Post Grid WordPress Plugin Flaws Allow Site Takeovers β
π Read
via "Threat Post".
Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs -- together they have 66,000 installs.π Read
via "Threat Post".
Threat Post
Post Grid WordPress Plugin Flaws Allow Site Takeovers
Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs β together they have 66,000 installs.
π΄ Android Camera Bug Under the Microscope π΄
π Read
via "Dark Reading".
Critical Android vulnerability CVE-2019-2234 could enable attackers to take control of a victim's camera and take photos, record videos, and learn location.π Read
via "Dark Reading".
Dark Reading
Android Camera Bug Under the Microscope
Critical Android vulnerability CVE-2019-2234 could enable attackers to take control of a victim's camera and take photos, record videos, and learn location.
π΄ Meet 'Egregor,' a New Ransomware Family to Watch π΄
π Read
via "Dark Reading".
Egregor's operators promise to decrypt victims' files and provide security recommendations in exchange for ransom payment.π Read
via "Dark Reading".
Dark Reading
Meet 'Egregor,' a New Ransomware Family to Watch
Egregor's operators promise to decrypt victims' files and provide security recommendations in exchange for ransom payment.
π΄ John McAfee Indicted on Tax Charges π΄
π Read
via "Dark Reading".
The indictment alleging tax evasion and failure to file returns was unsealed after his arrest in Spain.π Read
via "Dark Reading".
Dark Reading
John McAfee Indicted on Tax Charges
The indictment alleging tax evasion and failure to file returns was unsealed after his arrest in Spain.
βΌ CVE-2020-26572 βΌ
π Read
via "National Vulnerability Database".
The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26571 βΌ
π Read
via "National Vulnerability Database".
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5632 βΌ
π Read
via "National Vulnerability Database".
InfoCage SiteShell series (Host type SiteShell for IIS V1.4, V1.5, and V1.6, Host type SiteShell for IIS prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1, Host type SiteShell for Apache Windows V1.4, V1.5, and V1.6, and Host type SiteShell for Apache Windows prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1) allow authenticated attackers to bypass access restriction and to execute arbitrary code with an elevated privilege via a specially crafted executable files.π Read
via "National Vulnerability Database".
π Recon Informer 1.2 π
π Read
via "Packet Storm Security".
Recon-Informer is a basic real-time anti-reconnaissance detection tool for offensive security systems, useful for penetration testers. It runs on Windows/Linux and leverages scapy.π Read
via "Packet Storm Security".
Packetstormsecurity
Recon Informer 1.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Gone phishing: workplace email security in five steps β
π Read
via "Naked Security".
David Mitchell, Senior Director of Email Product Management at Sophos, shares his top tips to optimize workplace email security.π Read
via "Naked Security".
Naked Security
Gone phishing: workplace email security in five steps
David Mitchell, Senior Director of Email Product Management at Sophos, shares his top tips to optimize workplace email security.
β Unpatched Apple T2 Chip Flaw Plagues Macs β
π Read
via "Threat Post".
A researcher claims that the issue can be exploited by attackers in order to gain root access.π Read
via "Threat Post".
Threat Post
Unpatched Apple T2 Chip Flaw Plagues Macs
A researcher claims, the issue can be exploited by attackers with physical access to to a Mac, in order to gain root access.
π΄ 6 Best Practices for Using Open Source Software Safely π΄
π Read
via "Dark Reading".
Open source software is critical yet potentially dangerous. Here are ways to minimize the risk.π Read
via "Dark Reading".
Dark Reading
6 Best Practices for Using Open Source Software Safely
Open source software is critical yet potentially dangerous. Here are ways to minimize the risk.
βΌ CVE-2020-25613 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23832 βΌ
π Read
via "National Vulnerability Database".
A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login.π Read
via "National Vulnerability Database".