π΄ US Counterintelligence Director & Fmr. Europol Leader Talk Election Security π΄
π Read
via "Dark Reading".
The US counterintelligence lead joins a former Europol cyber chief to discuss modern election threats and the benefits of public-private collaboration.π Read
via "Dark Reading".
Dark Reading
US Counterintelligence Director & Fmr. Europol Leader Talk Election Security
The US counterintelligence lead joins a former Europol cyber chief to discuss modern election threats and the benefits of public-private collaboration.
π¦Ώ Leading more girls to STEM careers drives professor to create cybersecurity camp π¦Ώ
π Read
via "Tech Republic".
Teaching students around the world has become easier, thanks to Zoom classes, one college professor says. She's still trying to find a way to teach robotics, though.π Read
via "Tech Republic".
TechRepublic
Leading more girls to STEM careers drives professor to create cybersecurity camp
Teaching students around the world has become easier, thanks to Zoom classes, one college professor says. She's still trying to find a way to teach robotics, though.
π¦Ώ Professor creates cybersecurity camp to inspire girls to choose STEM careers π¦Ώ
π Read
via "Tech Republic".
Teaching via Zoom has had some unexpected benefits, college professor says, though robotics class is still a challenge. Her real passion is inspiring young women and girls to go into computer science.π Read
via "Tech Republic".
TechRepublic
Professor creates cybersecurity camp to inspire girls to choose STEM careers
Teaching via Zoom has had some unexpected benefits, college professor says, though robotics class is still a challenge. Her real passion is inspiring young women and girls to go into computer science.
β Biden Campaign Staffers Targeted in Cyberattack Leveraging Anti-Virus Lure, Dropbox Ploy β
π Read
via "Threat Post".
Google's Threat Analysis Group sheds more light on targeted credential phishing and malware attacks on the staff of Joe Biden's presidential campaign.π Read
via "Threat Post".
Threat Post
Biden Campaign Staffers Targeted in Cyberattack Leveraging Antivirus Lure, Dropbox Ploy
Googleβs Threat Analysis Group sheds more light on targeted credential phishing and malware attacks on the staff of Joe Bidenβs presidential campaign.
βΌ CVE-2020-26183 βΌ
π Read
via "National Vulnerability Database".
Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability. Certain remote users with low privileges may exploit this vulnerability to perform 'nsrmmdbd' operations in an unintended manner.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26182 βΌ
π Read
via "National Vulnerability Database".
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users authenticated via LDAP.π Read
via "National Vulnerability Database".
β Microsoft Fixes RCE Flaws in Out-of-Band Windows Update β
π Read
via "Threat Post".
The two important-severity flaws in Microsoft Windows Codecs Library and Visual Studio Code could enable remote code execution.π Read
via "Threat Post".
Threat Post
Microsoft Fixes RCE Flaws in Out-of-Band Windows Update
The two important-severity flaws in Microsoft Windows Codecs Library and Visual Studio Code could enable remote code execution.
β Phishers Capitalize on Headlines with Breakneck Speed β
π Read
via "Threat Post".
Marking a pivot from COVID-19 scams, researchers track a single threat actor through the evolution from the pandemic to PayPal, and on to more timely voter scams -- all with the same infrastructure.π Read
via "Threat Post".
Threat Post
Phishers Capitalize on Headlines with Breakneck Speed
Marking a pivot from COVID-19 scams, researchers track a single threat actor through the evolution from the pandemic to PayPal, and on to more timely voter scams β all with the same infrastructure.
π΄ Massive New Phishing Campaigns Target Microsoft, Google Cloud Users π΄
π Read
via "Dark Reading".
At least three campaigns are now underway.π Read
via "Dark Reading".
Darkreading
Massive New Phishing Campaigns Target Microsoft, Google Cloud Users
At least three campaigns are now underway.
βΌ CVE-2020-1679 βΌ
π Read
via "National Vulnerability Database".
On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. KRT is the module within the Routing Process Daemon (RPD) that synchronized the routing tables with the forwarding tables in the kernel. This table is then synchronized to the Packet Forwarding Engine (PFE) via the KRT queue. Thus, when KRT queue become stuck, it can lead to unexpected packet forwarding issues. An administrator can monitor the following command to check if there is the KRT queue is stuck: user@device > show krt state ... Number of async queue entries: 65007 <--- this value keep on increasing. When this issue occurs, the following message might appear in the /var/log/messages: DATE DEVICE kernel: %KERN-3: rt_pfe_veto: Too many delayed route/nexthop unrefs. Op 2 err 55, rtsm_id 5:-1, msg type 2 DATE DEVICE kernel: %KERN-3: rt_pfe_veto: Memory usage of M_RTNEXTHOP type = (0) Max size possible for M_RTNEXTHOP type = (7297134592) Current delayed unref = (60000), Current unique delayed unref = (18420), Max delayed unref on this platform = (40000) Current delayed weight unref = (60000) Max delayed weight unref on this platform= (400000) curproc = rpd This issue affects Juniper Networks Junos OS on PTX/QFX Series: 17.2X75 versions prior to 17.2X75-D105; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S5; 18.2X75 versions prior to 18.2X75-D420, 18.2X75-D53, 18.2X75-D65; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R1-S7, 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R2-S2, 19.1R3-S2; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.3 versions prior to 19.3R2-S3, 19.3R3; 19.4 versions prior to 19.4R1-S2, 19.4R2-S1, 19.4R3; 20.1 versions prior to 20.1R1-S2, 20.1R2. This issue does not affect Juniper Networks Junos OS prior to 18.1R1.π Read
via "National Vulnerability Database".
βΌ CVE-2020-1660 βΌ
π Read
via "National Vulnerability Database".
When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. While the Services PIC is restarting, all PIC services including DNS filtering service (DNS sink holing) will be bypassed until the Services PIC completes its boot process. This vulnerability might allow an attacker to cause an extended Denial of Service (DoS) attack against the device and to cause clients to be vulnerable to DNS based attacks by malicious DNS servers when they send DNS requests through the device. As a result, devices which were once protected by the DNS Filtering service are no longer protected and at risk of exploitation. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S8; 18.3 versions prior to 18.3R3-S1; 18.4 versions prior to 18.4R3; 19.1 versions prior to 19.1R3; 19.2 versions prior to 19.2R2; 19.3 versions prior to 19.3R3. This issue does not affect Juniper Networks Junos OS 17.4, 18.1, and 18.2.π Read
via "National Vulnerability Database".
βΌ CVE-2020-16936 βΌ
π Read
via "National Vulnerability Database".
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975, CVE-2020-16976.π Read
via "National Vulnerability Database".
βΌ CVE-2020-16863 βΌ
π Read
via "National Vulnerability Database".
A denial of service vulnerability exists in Windows Remote Desktop Service when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Service Denial of Service Vulnerability'.π Read
via "National Vulnerability Database".
βΌ CVE-2020-16995 βΌ
π Read
via "National Vulnerability Database".
An elevation of privilege vulnerability exists in Network Watcher Agent virtual machine extension for Linux, aka 'Network Watcher Agent Virtual Machine Extension for Linux Elevation of Privilege Vulnerability'.π Read
via "National Vulnerability Database".
βΌ CVE-2020-16937 βΌ
π Read
via "National Vulnerability Database".
An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory, aka '.NET Framework Information Disclosure Vulnerability'.π Read
via "National Vulnerability Database".
βΌ CVE-2020-16901 βΌ
π Read
via "National Vulnerability Database".
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-16938.π Read
via "National Vulnerability Database".
βΌ CVE-2020-16946 βΌ
π Read
via "National Vulnerability Database".
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-16945.π Read
via "National Vulnerability Database".
βΌ CVE-2020-16927 βΌ
π Read
via "National Vulnerability Database".
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.π Read
via "National Vulnerability Database".
βΌ CVE-2020-16969 βΌ
π Read
via "National Vulnerability Database".
An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages, aka 'Microsoft Exchange Information Disclosure Vulnerability'.π Read
via "National Vulnerability Database".
βΌ CVE-2020-16877 βΌ
π Read
via "National Vulnerability Database".
An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points, aka 'Windows Elevation of Privilege Vulnerability'.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27197 βΌ
π Read
via "National Vulnerability Database".
** DISPUTED ** TAXII libtaxii through 1.1.117, as used in EclecticIQ OpenTAXII through 0.2.0 and other products, allows SSRF via an initial http:// substring to the parse method, even when the no_network setting is used for the XML parser. NOTE: the vendor points out that the parse method "wraps the lxml library" and that this may be an issue to "raise ... to the lxml group."π Read
via "National Vulnerability Database".