π΄ A 7-Step Cybersecurity Plan for Healthcare Organizations π΄
π Read
via "Dark Reading".
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.π Read
via "Dark Reading".
Dark Reading
A 7-Step Cybersecurity Plan for Healthcare Organizations
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
βΌ CVE-2020-4772 βΌ
π Read
via "National Vulnerability Database".
An XML External Entity Injection (XXE) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. A remote attacker could exploit this vulnerability to expose sensitive information, denial of service, server side request forgery or consume memory resources. IBM X-Force ID: 189150.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4773 βΌ
π Read
via "National Vulnerability Database".
A cross-site request forgery (CSRF) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which is an attack that forces a user to execute unwanted actions on the web application while they are currently authenticated. This applies to a single server class only, with no impact to remainder of web application. IBM X-Force ID: 189151.π Read
via "National Vulnerability Database".
βΌ CVE-2020-9108 βΌ
π Read
via "National Vulnerability Database".
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4689 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-ForceID: 186696.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8820 βΌ
π Read
via "National Vulnerability Database".
An XSS Vulnerability exists in Webmin 1.941 and earlier affecting the Cluster Shell Commands Endpoint. A user may enter any XSS Payload into the Command field and execute it. Then, after revisiting the Cluster Shell Commands Menu, the XSS Payload will be rendered and executed.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25825 βΌ
π Read
via "National Vulnerability Database".
In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in the task logs.π Read
via "National Vulnerability Database".
π¦Ώ Infographic: Ransomware attacks by industry, continent, and more π¦Ώ
π Read
via "Tech Republic".
Cyberattacks have surged during the coronavirus pandemic. This infographic details ransomware attack trends by industry, continent, and more.π Read
via "Tech Republic".
TechRepublic
Infographic: Ransomware attacks by industry, continent, and more
Cyberattacks have surged during the coronavirus pandemic. This infographic details ransomware attack trends by industry, continent, and more.
π΄ What is End-to-End Encryption? π΄
π Read
via "Dark Reading".
Many services advertise E2EE, but not all of them actually offer it.π Read
via "Dark Reading".
Dark Reading
What is End-to-End Encryption?
Many services advertise E2EE, but not all of them actually offer it.
π Nmap Port Scanner 7.91 π
π Read
via "Packet Storm Security".
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.π Read
via "Packet Storm Security".
Packetstormsecurity
Nmap Port Scanner 7.91 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Attackers Chaining Together Netlogon, VPN Bugs to Attack Govts π
π Read
via "Digital Guardian".
CISA is warning that attackers are chaining together vulnerabilities in Windows Netlogon protocol and VPNs to hack government networks.π Read
via "Digital Guardian".
Digital Guardian
Attackers Chaining Together Netlogon, VPN Bugs to Attack Govts
CISA is warning that attackers are chaining together vulnerabilities in Windows Netlogon protocol and VPNs to hack government networks.
π΄ Security Firms & Financial Group Team Up to Take Down Trickbot π΄
π Read
via "Dark Reading".
Microsoft and security firms ESET, Black Lotus Labs, and Symantec collaborated with the financial services industry to cut off the ransomware operation's C2 infrastructure.π Read
via "Dark Reading".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
βΌ CVE-2020-15250 βΌ
π Read
via "National Vulnerability Database".
In JUnit4 before version 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26546 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in HelpDeskZ 1.0.2. The feature to auto-login a user, via the RememberMe functionality, is prone to SQL injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.π Read
via "National Vulnerability Database".
β Microsoft on the counterΒattack! Trickbot malware network takes a hit β
π Read
via "Naked Security".
The crooks haven't yet been caught and arrested, but their malware distribution network has been hit hard.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Software AG Continues Efforts Against $20M Ransomware Attack π΄
π Read
via "Dark Reading".
The attack, which now includes extortion components, has moved into its second week.π Read
via "Dark Reading".
Dark Reading
Software AG Continues Efforts Against $20M Ransomware Attack
The attack, which now includes extortion components, has moved into its second week.
βΌ CVE-2020-15012 βΌ
π Read
via "National Vulnerability Database".
A Directory Traversal issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.19. A user that requests a crafted path can traverse up the file system to get access to content on disk (that the user running nxrm also has access to).π Read
via "National Vulnerability Database".
βΌ CVE-2019-17444 βΌ
π Read
via "National Vulnerability Database".
Jfrog Artifactory uses default passwords (such as "password") for administrative accounts and does not require users to change them. This may allow unauthorized network-based attackers to completely compromise of Jfrog Artifactory. This issue affects Jfrog Artifactory versions prior to 6.17.0.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7743 βΌ
π Read
via "National Vulnerability Database".
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.π Read
via "National Vulnerability Database".
π΄ COVID-19: Latest Security News & Commentary π΄
π Read
via "Dark Reading".
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.π Read
via "Dark Reading".
Dark Reading
COVID-19: Latest Security News & Commentary
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
β Office 365: A Favorite for Cyberattack Persistence β
π Read
via "Threat Post".
Bad actors are leveraging legitimate services and tools within Microsoft's productivity suite to launch cyberattacks on COVID-19 stay-at-home workers, new research finds.π Read
via "Threat Post".
Threat Post
Office 365: A Favorite for Cyberattack Persistence
Bad actors are leveraging legitimate services and tools within Microsoft's productivity suite to launch cyberattacks on COVID-19 stay-at-home workers, new research finds.