β MontysThree APT Takes Unusual Aim at Industrial Targets β
π Read
via "Threat Post".
The newly discovered APT specializes in espionage campaigns against industrial holdings -- a rare target for spyware.π Read
via "Threat Post".
Threat Post
MontysThree APT Takes Unusual Aim at Industrial Targets
The newly discovered APT specializes in espionage campaigns against industrial holdings β a rare target for spyware.
βΌ CVE-2020-3602 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.π Read
via "National Vulnerability Database".
βΌ CVE-2020-3567 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the management REST API of Cisco Industrial Network Director (IND) could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of requests sent to the REST API. An attacker could exploit this vulnerability by sending a crafted request to the REST API. A successful exploit could allow the attacker to cause a permanent DoS condition that is due to high CPU utilization. Manual intervention may be required to recover the Cisco IND.π Read
via "National Vulnerability Database".
βΌ CVE-2020-3536 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.π Read
via "National Vulnerability Database".
β Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks β
π Read
via "Threat Post".
A spike in phishing and malicious websites aimed at defrauding Amazon.com customers aim to make Prime Day a field day for hackers.π Read
via "Threat Post".
Threat Post
Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks
A spike in phishing and malicious websites aimed at defrauding Amazon.com customers aim to make Prime Day a field day for hackers.
π΄ Key Considerations & Best Practices for Establishing a Secure Remote Workforce π΄
π Read
via "Dark Reading".
Cybersecurity is challenging but not paralyzing, and now is the moment to educate our employees to overcome these challenges.π Read
via "Dark Reading".
Dark Reading
Key Considerations & Best Practices for Establishing a Secure Remote Workforce
Cybersecurity is challenging but not paralyzing, and now is the moment to educate our employees to overcome these challenges.
βΌ CVE-2020-25262 βΌ
π Read
via "National Vulnerability Database".
PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/pages/delete/ URI: pages will be deleted.π Read
via "National Vulnerability Database".
βΌ CVE-2020-2289 βΌ
π Read
via "National Vulnerability Database".
Jenkins Active Choices Plugin 2.4 and earlier does not escape the name and description of build parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.π Read
via "National Vulnerability Database".
βΌ CVE-2020-2296 βΌ
π Read
via "National Vulnerability Database".
A cross-site request forgery (CSRF) vulnerability in Jenkins Shared Objects Plugin 0.44 and earlier allows attackers to configure shared objects.π Read
via "National Vulnerability Database".
π¦Ώ Buyers beware: Hackers poised to make Amazon Prime Day into a prime phishing day π¦Ώ
π Read
via "Tech Republic".
Analysis of hundreds of millions of web pages found phishing and fraudulent sites using the Amazon brand and logos poised for big Prime Day sales, according to Bolster Research.π Read
via "Tech Republic".
TechRepublic
Buyers beware: Hackers poised to make Amazon Prime Day into a prime phishing day
Analysis of hundreds of millions of web pages found phishing and fraudulent sites using the Amazon brand and logos poised for big Prime Day sales, according to Bolster Research.
β Microsoft Azure Flaws Open Admin Servers to Takeover β
π Read
via "Threat Post".
Two flaws in Microsoft's cloud-based Azure App Services could have allowed server-side forgery request (SSFR) and remote code-execution attacks.π Read
via "Threat Post".
Threat Post
Microsoft Azure Flaws Open Admin Servers to Takeover
Two flaws in Microsoft's cloud-based Azure App Services could have allowed server-side forgery request (SSFR) and remote code-execution attacks.
π΄ Kaspersky Researchers Spot Russia-on-Russia Cyber-Espionage Campaign π΄
π Read
via "Dark Reading".
Steganography-borne malware used to spy on industrial targets in Russia.π Read
via "Dark Reading".
Dark Reading
Kaspersky Researchers Spot Russia-on-Russia Cyber-Espionage Campaign
Steganography-borne malware used to spy on industrial targets in Russia.
π΄ US Election-Related Websites Vulnerable to Fraud, Abuse π΄
π Read
via "Dark Reading".
New research finds the vast majority of reputable news, political, and donor-oriented sites don't use registry locks.π Read
via "Dark Reading".
Dark Reading
US Election-Related Websites Vulnerable to Fraud, Abuse
New research finds the vast majority of reputable news, political, and donor-oriented sites don't use registry locks.
βΌ CVE-2020-5389 βΌ
π Read
via "National Vulnerability Database".
Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an information disclosure vulnerability. Authenticated low privileged OMIMSCC users may be able to retrieve sensitive information from the logs.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13344 βΌ
π Read
via "National Vulnerability Database".
An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Sessions keys are stored in plain-text in Redis which allows attacker with Redis access to authenticate as any user that has a session stored in Redisπ Read
via "National Vulnerability Database".
π¦Ώ Security pros: Cyber threats to industrial enterprises increase due to pandemic π¦Ώ
π Read
via "Tech Republic".
86% polled said their organization made cybersecurity a priority during the COVID-19 crisis and implemented appropriate training for remote workers, according to a report.π Read
via "Tech Republic".
TechRepublic
Security pros: Cyber threats to industrial enterprises increase due to pandemic
86% polled said their organization made cybersecurity a priority during the COVID-19 crisis and implemented appropriate training for remote workers, according to a report.
β Naked Security Podcast β weβre back for Series 3! β
π Read
via "Naked Security".
Join us weekly for the Naked Security Podcast - back for Series 3 and available wherever good podcasts are found!π Read
via "Naked Security".
Naked Security
Naked Security Podcast β weβre back for Series 3!
Join us weekly for the Naked Security Podcast β back for Series 3 and available wherever good podcasts are found!
π Zeek 3.2.2 π
π Read
via "Packet Storm Security".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Zeek 3.2.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β 8 tips to tighten up your work-from-home network β
π Read
via "Naked Security".
You don't have to be an IT guru to beef up your cybersecurity at home. Sometimes it's enough to ask yourself, "Which bits can I turn off?"π Read
via "Naked Security".
Naked Security
8 tips to tighten up your workβfromβhome network
You donβt have to be an IT guru to beef up your cybersecurity at home. Sometimes itβs enough to ask yourself, βWhich bits can I turn off?β
β Cisco Fixes High-Severity Webex, Security Camera Flaws β
π Read
via "Threat Post".
Three high-severity flaws exist in Cisco's Webex video conferencing system, Ciscoβs Video Surveillance 8000 Series IP Cameras and Identity Services Engine.π Read
via "Threat Post".
Threat Post
Cisco Fixes High-Severity Webex, Security Camera Flaws
Three high-severity flaws exist in Cisco's Webex video conferencing system, Ciscoβs Video Surveillance 8000 Series IP Cameras and Identity Services Engine.
π¦Ώ How SMBs can better protect their data from cyberattacks π¦Ώ
π Read
via "Tech Republic".
SMBs compromised by an effective cyberattack can not only lose data and suffer financially but go out of business entirely, says Infrascale.π Read
via "Tech Republic".
TechRepublic
How SMBs can better protect their data from cyberattacks
SMBs compromised by an effective cyberattack can not only lose data and suffer financially but go out of business entirely, says Infrascale.