🛠 See-SURF 2.0 🛠
📖 Read
via "Packet Storm Security".
See-SURF is a python-based scanner to find potential SSRF parameters in a web application.📖 Read
via "Packet Storm Security".
Packetstormsecurity
See-SURF 2.0 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
‼ CVE-2020-15224 ‼
📖 Read
via "National Vulnerability Database".
In Open Enclave before version 0.12.0, an information disclosure vulnerability exists when an enclave application using the syscalls provided by the sockets.edl is loaded by a malicious host application. An attacker who successfully exploited the vulnerability could read privileged data from the enclave heap across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information otherwise considered confidential in an enclave, which could be used in further compromises. The issue has been addressed in version 0.12.0 and the current master branch. Users will need to to recompile their applications against the patched libraries to be protected from this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-7318 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed.📖 Read
via "National Vulnerability Database".
❌ Travelex, Other Orgs Face DDoS Threats as Extortion Campaign Rages On ❌
📖 Read
via "Threat Post".
Organizations worldwide – including Travelex – have been sent letters threatening to launch DDoS attacks on their network unless a $230K ransom is paid.📖 Read
via "Threat Post".
Threat Post
Travelex, Other Orgs Face DDoS Threats as Extortion Campaign Rages On
Organizations worldwide – including Travelex – have been sent letters threatening to launch DDoS attacks on their network unless a $230K ransom is paid.
🕴 Zoom Announces Rollout of End-to-End Encryption 🕴
📖 Read
via "Dark Reading".
Phase 1 removes Zoom servers from the key generation and distribution processes.📖 Read
via "Dark Reading".
Dark Reading
Zoom Announces Rollout of End-to-End Encryption
Phase 1 removes Zoom servers from the key generation and distribution processes.
‼ CVE-2020-7383 ‼
📖 Read
via "National Vulnerability Database".
A SQL Injection issue in Rapid7 Nexpose version prior to 6.6.49 that may have allowed an authenticated user with a low permission level to access resources & make changes they should not have been able to access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-8345 ‼
📖 Read
via "National Vulnerability Database".
A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-6373 ‼
📖 Read
via "National Vulnerability Database".
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-6372 ‼
📖 Read
via "National Vulnerability Database".
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-5642 ‼
📖 Read
via "National Vulnerability Database".
Cross-site request forgery (CSRF) vulnerability in Live Chat - Live support version 3.1.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-7334 ‼
📖 Read
via "National Vulnerability Database".
Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further controls for installation/uninstallation of software.📖 Read
via "National Vulnerability Database".
🕴 Microsoft Office 365 Accounts a Big Target for Attackers 🕴
📖 Read
via "Dark Reading".
Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity.📖 Read
via "Dark Reading".
Darkreading
Microsoft Office 365 Accounts a Big Target for Attackers
Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity.
❌ Carnival Corp. Ransomware Attack Affected Three Cruise Lines ❌
📖 Read
via "Threat Post".
Hackers accessed personal information of guests, employees and crew for Carnival Cruise, Holland America and Seabourn as well as casino operations.📖 Read
via "Threat Post".
Threat Post
Carnival Corp. Ransomware Attack Affects Three Cruise Lines
Hackers accessed personal information of guests, employees and crew for Carnival Cruise, Holland America and Seabourn as well as casino operations.
‼ CVE-2020-7327 ‼
📖 Read
via "National Vulnerability Database".
Improperly implemented security check in McAfee MVISION Endpoint Detection and Response Client (MVEDR) prior to 3.2.0 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MVEDR failing open rather than closed📖 Read
via "National Vulnerability Database".
‼ CVE-2020-7326 ‼
📖 Read
via "National Vulnerability Database".
Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MAR failing open rather than closed📖 Read
via "National Vulnerability Database".
❌ Barnes & Noble Hack: A Reading List for Phishers and Crooks ❌
📖 Read
via "Threat Post".
Customers' lists of book purchases along with email addresses and more could have been exposed -- and that's a problem.📖 Read
via "Threat Post".
Threat Post
Barnes & Noble Hack: A Reading List for Phishers and Crooks
Customers' lists of book purchases along with email addresses and more could have been exposed during a (ransomware?) attack — and that's a problem.
🕴 The Ruthless Cyber Chaos of Business Recovery 🕴
📖 Read
via "Dark Reading".
Critical technology initiatives leveraging the best of technology solutions are the only way through the cyber chaos of 2020.📖 Read
via "Dark Reading".
Dark Reading
The Ruthless Cyber Chaos of Business Recovery
Critical technology initiatives leveraging the best of technology solutions are the only way through the cyber chaos of 2020.
🦿 Ransomware campaign threatens organizations with DDoS attacks 🦿
📖 Read
via "Tech Republic".
All the organizations that contacted security provider Radware after receiving an extortion letter were hit by Distributed Denial of Service attacks.📖 Read
via "Tech Republic".
TechRepublic
Ransom campaign threatens organizations with DDoS attacks
All the organizations that contacted security provider Radware after receiving an extortion letter were hit by Distributed Denial of Service attacks.
‼ CVE-2020-4499 ‼
📖 Read
via "National Vulnerability Database".
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-7744 ‼
📖 Read
via "National Vulnerability Database".
This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google Docs links. 2. All apk downloads, either organic or not. Mintegral listens to download events in Android's download manager and detects if the downloaded file's url contains: a. google.com or comes from a Google app (the com.android.vending package) b. Ends with .apk for apk downloads In both cases, the module sends the captured data back to Mintegral's servers. Note that the malicious functionality keeps running even if the app is currently not in focus (running in the background).📖 Read
via "National Vulnerability Database".
❌ Broadvoice Leak Exposes 350M Records, Personal Voicemail Transcripts ❌
📖 Read
via "Threat Post".
Companies that use Broadvoice's cloud-based VoIP platform may find their patients, customers, suppliers and partners to be impacted by a massive data exposure.📖 Read
via "Threat Post".
Threat Post
Broadvoice Leak Exposes 350M Records, Personal Voicemail Transcripts
Companies that use Broadvoice's cloud-based VoIP platform may find their patients, customers, suppliers and partners to be impacted by a massive data exposure.