βΌ CVE-2020-5141 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.π Read
via "National Vulnerability Database".
β S3 Ep1: Ransomware β is it really OK to pay? β Naked Security Podcast β
π Read
via "Naked Security".
Our podcast is back for Series 3 - here's Episode 1!π Read
via "Naked Security".
Naked Security
S3 Ep1: Ransomware β is it really OK to pay? [Podcast]
Our podcast is back for Series 3 β hereβs Episode 1!
β Naked Security Live β Cybersecurity tips for your own network β
π Read
via "Naked Security".
Here's the latest Naked Security Live video - enjoy (and please share with your friends)!π Read
via "Naked Security".
Naked Security
Naked Security Live β Cybersecurity tips for your own network
Hereβs the latest Naked Security Live video β enjoy (and please share with your friends)!
β Ransomware Attackers Buy Network Access in Cyberattack Shortcut β
π Read
via "Threat Post".
Network access to various industries is being offered in underground forums at as little as $300 a pop - and researchers warn that ransomware groups like Maze and NetWalker could be buying in.π Read
via "Threat Post".
Threat Post
Ransomware Attackers Buy Network Access in Cyberattack Shortcut
Network access to various industries is being offered in underground forums at as little as $300 a pop - and researchers warn that ransomware groups like Maze and NetWalker could be buying in.
π΄ How to Pinpoint Rogue IoT Devices on Your Network π΄
π Read
via "Dark Reading".
Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.π Read
via "Dark Reading".
Dark Reading
How to Pinpoint Rogue IoT Devices on Your Network
Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.
π΄ Security Officers, Are Your Employers Practicing Good Habits from Home? π΄
π Read
via "Dark Reading".
Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.π Read
via "Dark Reading".
Dark Reading
Security Officers, Are Your Employers Practicing Good Habits from Home?
Even if you can't see your employees in the office, they still need to be reminded that criminals are always trying to spot a weak link in the chain.
π΄ A 7-Step Cybersecurity Plan for Healthcare Organizations π΄
π Read
via "Dark Reading".
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.π Read
via "Dark Reading".
Dark Reading
A 7-Step Cybersecurity Plan for Healthcare Organizations
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
βΌ CVE-2020-4772 βΌ
π Read
via "National Vulnerability Database".
An XML External Entity Injection (XXE) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. A remote attacker could exploit this vulnerability to expose sensitive information, denial of service, server side request forgery or consume memory resources. IBM X-Force ID: 189150.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4773 βΌ
π Read
via "National Vulnerability Database".
A cross-site request forgery (CSRF) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which is an attack that forces a user to execute unwanted actions on the web application while they are currently authenticated. This applies to a single server class only, with no impact to remainder of web application. IBM X-Force ID: 189151.π Read
via "National Vulnerability Database".
βΌ CVE-2020-9108 βΌ
π Read
via "National Vulnerability Database".
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4689 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-ForceID: 186696.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8820 βΌ
π Read
via "National Vulnerability Database".
An XSS Vulnerability exists in Webmin 1.941 and earlier affecting the Cluster Shell Commands Endpoint. A user may enter any XSS Payload into the Command field and execute it. Then, after revisiting the Cluster Shell Commands Menu, the XSS Payload will be rendered and executed.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25825 βΌ
π Read
via "National Vulnerability Database".
In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in the task logs.π Read
via "National Vulnerability Database".
π¦Ώ Infographic: Ransomware attacks by industry, continent, and more π¦Ώ
π Read
via "Tech Republic".
Cyberattacks have surged during the coronavirus pandemic. This infographic details ransomware attack trends by industry, continent, and more.π Read
via "Tech Republic".
TechRepublic
Infographic: Ransomware attacks by industry, continent, and more
Cyberattacks have surged during the coronavirus pandemic. This infographic details ransomware attack trends by industry, continent, and more.
π΄ What is End-to-End Encryption? π΄
π Read
via "Dark Reading".
Many services advertise E2EE, but not all of them actually offer it.π Read
via "Dark Reading".
Dark Reading
What is End-to-End Encryption?
Many services advertise E2EE, but not all of them actually offer it.
π Nmap Port Scanner 7.91 π
π Read
via "Packet Storm Security".
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.π Read
via "Packet Storm Security".
Packetstormsecurity
Nmap Port Scanner 7.91 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Attackers Chaining Together Netlogon, VPN Bugs to Attack Govts π
π Read
via "Digital Guardian".
CISA is warning that attackers are chaining together vulnerabilities in Windows Netlogon protocol and VPNs to hack government networks.π Read
via "Digital Guardian".
Digital Guardian
Attackers Chaining Together Netlogon, VPN Bugs to Attack Govts
CISA is warning that attackers are chaining together vulnerabilities in Windows Netlogon protocol and VPNs to hack government networks.
π΄ Security Firms & Financial Group Team Up to Take Down Trickbot π΄
π Read
via "Dark Reading".
Microsoft and security firms ESET, Black Lotus Labs, and Symantec collaborated with the financial services industry to cut off the ransomware operation's C2 infrastructure.π Read
via "Dark Reading".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
βΌ CVE-2020-15250 βΌ
π Read
via "National Vulnerability Database".
In JUnit4 before version 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26546 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in HelpDeskZ 1.0.2. The feature to auto-login a user, via the RememberMe functionality, is prone to SQL injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.π Read
via "National Vulnerability Database".
β Microsoft on the counterΒattack! Trickbot malware network takes a hit β
π Read
via "Naked Security".
The crooks haven't yet been caught and arrested, but their malware distribution network has been hit hard.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News