๐ฆฟ 5 strategies for CISOs during a time of rapid business transformation ๐ฆฟ
๐ Read
via "Tech Republic".
A survey of business leaders by PwC finds the pandemic is causing rapid changes in the roles CISOs play, and offers five tips for ensuring that security remains stable as we enter a new normal.๐ Read
via "Tech Republic".
TechRepublic
5 strategies for CISOs during a time of rapid business transformation
A survey of business leaders by PwC finds the pandemic is causing rapid changes in the roles CISOs play, and offers five tips for ensuring that security remains stable as we enter a new normal.
๐ด Cyber Intelligence Suffers From 'Snobby' Isolationism, Focus on Rare Threats ๐ด
๐ Read
via "Dark Reading".
Cyber-threat intelligence groups need to more often investigate their organization's specific threats and better integrate with other business groups, experts say.๐ Read
via "Dark Reading".
Dark Reading
Cyber Intelligence Suffers From 'Snobby' Isolationism, Focus on Rare Threats
Cyber-threat intelligence groups need to more often investigate their organization's specific threats and better integrate with other business groups, experts say.
โผ CVE-2020-26880 โผ
๐ Read
via "National Vulnerability Database".
Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-15176 โผ
๐ Read
via "National Vulnerability Database".
In GLPI before version 9.5.2, when supplying a back tick in input that gets put into a SQL query,the application does not escape or sanitize allowing for SQL Injection to occur. Leveraging this vulnerability an attacker is able to exfiltrate sensitive information like passwords, reset tokens, personal details, and more. The issue is patched in version 9.5.2๐ Read
via "National Vulnerability Database".
โผ CVE-2020-15217 โผ
๐ Read
via "National Vulnerability Database".
In GLPI before version 9.5.2, there is a leakage of user information through the public FAQ. The issue was introduced in version 9.5.0 and patched in 9.5.2. As a workaround, disable public access to the FAQ.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-15175 โผ
๐ Read
via "National Vulnerability Database".
In GLPI before version 9.5.2, the `?pluginimage.send.php?` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and folders contained in รขโฌœ/files/รขโฌ๏ฟฝ. Some of the sensitive information that is compromised are the user sessions, logs, and more. An attacker would be able to get the Administrators session token and use that to authenticate. The issue is patched in version 9.5.2.๐ Read
via "National Vulnerability Database".
๐ด 3 Ways Companies are Working on Security by Design ๐ด
๐ Read
via "Dark Reading".
Execs from top financial organizations and other companies share insights on building a security culture.๐ Read
via "Dark Reading".
๐ด Rare Firmware Rootkit Discovered Targeting Diplomats, NGOs ๐ด
๐ Read
via "Dark Reading".
Second-ever sighting of a firmware exploit in the wild is a grim reminder of the dangers of these mostly invisible attacks.๐ Read
via "Dark Reading".
Dark Reading
Rare Firmware Rootkit Discovered Targeting Diplomats, NGOs
Second-ever sighting of a firmware exploit in the wild is a grim reminder of the dangers of these mostly invisible attacks.
๐ฆฟ Cybersecurity Awareness Month: How to protect your kids from identity theft ๐ฆฟ
๐ Read
via "Tech Republic".
Freezing your child's credit is one way to stop cybercriminals from destroying their credit. But you have to be careful to keep the key to thaw it later.๐ Read
via "Tech Republic".
TechRepublic
Cybersecurity Awareness Month: How to protect your kids from identity theft
Freezing your child's credit is one way to stop cybercriminals from destroying their credit. But you have to be careful to keep the key to thaw it later.
๐ด Open Source Threat Intelligence Searches for Sustainable Communities ๐ด
๐ Read
via "Dark Reading".
As long as a community is strong, so will be the intelligence it shares on open source feeds. But if that community breaks down ...๐ Read
via "Dark Reading".
๐ด New 'HEH' Botnet Targets Exposed Telnet Services ๐ด
๐ Read
via "Dark Reading".
Latest threat is one in a growing list of malware developed in the Go programming language.๐ Read
via "Dark Reading".
Dark Reading
New 'HEH' Botnet Targets Exposed Telnet Services
Latest threat is one in a growing list of malware developed in the Go programming language.
๐ด 'Bahamut' Threat Group Targets Government & Industry in Middle East ๐ด
๐ Read
via "Dark Reading".
Researchers say the cyber espionage group was involved in several attacks against government officials and businesses in the Middle East and South Asia.๐ Read
via "Dark Reading".
โผ CVE-2020-25867 โผ
๐ Read
via "National Vulnerability Database".
SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. It allows a bypass to get access without authentication.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-25768 โผ
๐ Read
via "National Vulnerability Database".
Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-15501 โผ
๐ Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** Smarter Coffee Maker before 2nd generation allows firmware replacement without authentication or authorization. User interaction is required to press a button. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.๐ Read
via "National Vulnerability Database".
โผ CVE-2015-7379 โผ
๐ Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.๐ Read
via "National Vulnerability Database".
โ MontysThree APT Takes Unusual Aim at Industrial Targets โ
๐ Read
via "Threat Post".
The newly discovered APT specializes in espionage campaigns against industrial holdings -- a rare target for spyware.๐ Read
via "Threat Post".
Threat Post
MontysThree APT Takes Unusual Aim at Industrial Targets
The newly discovered APT specializes in espionage campaigns against industrial holdings โ a rare target for spyware.
โผ CVE-2020-3602 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-3567 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the management REST API of Cisco Industrial Network Director (IND) could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of requests sent to the REST API. An attacker could exploit this vulnerability by sending a crafted request to the REST API. A successful exploit could allow the attacker to cause a permanent DoS condition that is due to high CPU utilization. Manual intervention may be required to recover the Cisco IND.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-3536 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.๐ Read
via "National Vulnerability Database".
โ Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks โ
๐ Read
via "Threat Post".
A spike in phishing and malicious websites aimed at defrauding Amazon.com customers aim to make Prime Day a field day for hackers.๐ Read
via "Threat Post".
Threat Post
Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks
A spike in phishing and malicious websites aimed at defrauding Amazon.com customers aim to make Prime Day a field day for hackers.