βΌ CVE-2020-26598 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, and 9.0 software. The Network Management component could allow an unauthorized actor to kill a TCP connection. The LG ID is LVE-SMP-200023 (October 2020).π Read
via "National Vulnerability Database".
βΌ CVE-2020-15239 βΌ
π Read
via "National Vulnerability Database".
In xmpp-http-upload before version 0.4.0, when the GET method is attacked, attackers can read files which have a `.data` suffix and which are accompanied by a JSON file with the `.meta` suffix. This can lead to Information Disclosure and in some shared-hosting scenarios also to circumvention of authentication or other limitations on the outbound (GET) traffic. For example, in a scenario where a single server has multiple instances of the application running (with separate DATA_ROOT settings), an attacker who has knowledge about the directory structure is able to read files from any other instance to which the process has read access. If instances have individual authentication (for example, HTTP authentication via a reverse proxy, source IP based filtering) or other restrictions (such as quotas), attackers may circumvent those limits in such a scenario by using the Directory Traversal to retrieve data from the other instances. If the associated XMPP server (or anyone knowing the SECRET_KEY) is malicious, they can write files outside the DATA_ROOT. The files which are written are constrained to have the `.meta` and the `.data` suffixes; the `.meta` file will contain the JSON with the Content-Type of the original request and the `.data` file will contain the payload. The issue is patched in version 0.4.0.π Read
via "National Vulnerability Database".
π΄ New Research Finds Bugs in Every Anti-Malware Product Tested π΄
π Read
via "Dark Reading".
Products from every vendor had issues that allowed attackers to elevate privileges on a system -- if they already were on it.π Read
via "Dark Reading".
Dark Reading
New Research Finds Bugs in Every Anti-Malware Product Tested
Products from every vendor had issues that allowed attackers to elevate privileges on a system -- if they already were on it.
π΄ Zerologon Vulnerability Used in APT Attacks π΄
π Read
via "Dark Reading".
MERCURY, the Iranian advanced persistent threat group, is using Zerologon in a new series of attacks detected by Microsoft.π Read
via "Dark Reading".
Darkreading
Zerologon Vulnerability Used in APT Attacks
MERCURY, the Iranian advanced persistent threat group, is using Zerologon in a new series of attacks detected by Microsoft.
βΌ CVE-2020-14183 βΌ
π Read
via "National Vulnerability Database".
Affected versions of Jira Server & Data Center allow a remote attacker with limited (non-admin) privileges to view a Jira instance's Support Entitlement Number (SEN) via an Information Disclosure vulnerability in the HTTP Response headers. The affected versions are before version 7.13.18, from version 8.0.0 before 8.5.9, and from version 8.6.0 before 8.12.1.π Read
via "National Vulnerability Database".
π΄ Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance π΄
π Read
via "Dark Reading".
Too many organizations fail to enact the baseline payment security controls, according to the Verizon 2020 Payment Security Report, and the recent Blackbaud ransomware incident is merely the latest evidence.π Read
via "Dark Reading".
Dark Reading
Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance
Too many organizations fail to enact the baseline payment security controls, according to the Verizon 2020 Payment Security Report, and the recent Blackbaud ransomware incident is merely the latest evidence.
βΌ CVE-2020-7742 βΌ
π Read
via "National Vulnerability Database".
This affects the package simpl-schema before 1.10.2.π Read
via "National Vulnerability Database".
β Comcast TV Remote Hack Opens Homes to Snooping β
π Read
via "Threat Post".
Researchers disclosed the 'WarezTheRemote' attack, affecting Comcast's XR11 voice remote control.π Read
via "Threat Post".
Threat Post
Comcast TV Remote Hack Opens Homes to Snooping
Researchers disclosed the 'WarezTheRemote' attack, affecting Comcast's XR11 voice remote control.
β IRS COVID-19 Relief Payment Deadlines Anchor Convincing Phish β
π Read
via "Threat Post".
The upcoming deadlines for applying for coronavirus relief are the lure for a phish that gets around email security gateways by using a legitimate SharePoint page for data-harvesting.π Read
via "Threat Post".
Threat Post
IRS COVID-19 Relief Payment Deadlines Anchor Convincing Phish
The upcoming deadlines for applying for coronavirus relief are the lure for a phish that gets around email security gateways by using a legitimate SharePoint page for data-harvesting.
π¦Ώ Okta opens the door to third-party developers with new Okta Devices SDK and API π¦Ώ
π Read
via "Tech Republic".
The new platform will allow developers to leverage Okta's SSO technology to build branded biometric authentication for iOS and Android apps.π Read
via "Tech Republic".
TechRepublic
Okta opens the door to third-party developers with new Okta Devices SDK and API
The new platform will allow developers to leverage Okta's SSO technology to build branded biometric authentication for iOS and Android apps.
π¦Ώ Security firm: WarezTheRemote flaw could turn a Comcast remote into a listening device π¦Ώ
π Read
via "Tech Republic".
Could your cable TV device spy on you? Vulnerability found and patched in Comcast TV remote.π Read
via "Tech Republic".
TechRepublic
Security firm: WarezTheRemote flaw could turn a Comcast remote into a listening device
Could your cable TV device spy on you? Vulnerability found and patched in Comcast TV remote.
β PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict β
π Read
via "Threat Post".
Spear-phishing attacks targeting VIPs and others show key malware changes and are likely linked to the current conflict with Armenia.π Read
via "Threat Post".
Threat Post
PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict
Spear-phishing attacks targeting VIPs and others show key malware changes and are likely linked to the current conflict with Armenia.
π΄ What the Sci-Fi Hit Altered Carbon Teaches Us About Virtualization Security π΄
π Read
via "Dark Reading".
The Netflix show may be fantastical, but it has real-world lessons about virtualization.π Read
via "Dark Reading".
Dark Reading
What the Sci-Fi Hit Altered Carbon Teaches Us About Virtualization Security
The Netflix show may be fantastical, but it has real-world lessons about virtualization.
βΌ CVE-2020-25985 βΌ
π Read
via "National Vulnerability Database".
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver (php files can be unlinked and not deleted).π Read
via "National Vulnerability Database".
π¦Ώ Phishing attack spoofs IRS COVID-19 relief to steal personal data π¦Ώ
π Read
via "Tech Republic".
The phishing page tries to obtain email credentials, Social Security numbers, driver's license numbers, and tax numbers, says Armorblox.π Read
via "Tech Republic".
TechRepublic
Phishing attack spoofs IRS COVID-19 relief to steal personal data
The phishing page tries to obtain email credentials, Social Security numbers, driver's license numbers, and tax numbers, says Armorblox.
β Googleβs Chrome 86: Critical Payments Bug, Password Checker Among Security Notables β
π Read
via "Threat Post".
Google is rolling out 35 security fixes, and a new password feature, in Chrome 86 versions for Windows, Mac, Android and iOS users.π Read
via "Threat Post".
Threat Post
Googleβs Chrome 86: Critical Payments Bug, Password Checker Among Security Notables
Google is rolling out 35 security fixes, and a new password feature, in Chrome 86 versions for Windows, Mac, Android and iOS users.
βΌ CVE-2020-13332 βΌ
π Read
via "National Vulnerability Database".
Improper access expiration date validation in GitLab version >=8.11.0-rc6+ allows user to have access to projects with expiration.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13346 βΌ
π Read
via "National Vulnerability Database".
Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through API.π Read
via "National Vulnerability Database".
βΌ CVE-2020-14355 βΌ
π Read
via "National Vulnerability Database".
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution.π Read
via "National Vulnerability Database".
π Packet Fence 10.2.0 π
π Read
via "Packet Storm Security".
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.π Read
via "Packet Storm Security".
Packetstormsecurity
Packet Fence 10.2.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π FINRA Warns Financial Services Firms of New Phishing Campaign π
π Read
via "Digital Guardian".
FINRA, a self-regulatory organization that oversees brokers and broker-dealers, is warning about a new phishing attack that looks like its coming from the organization.π Read
via "Digital Guardian".
Digital Guardian
FINRA Warns Financial Services Firms of New Phishing Campaign
FINRA, a self-regulatory organization that oversees brokers and broker-dealers, is warning about a new phishing attack that looks like its coming from the organization.