π΄ MITRE Shield Matrix Highlights Deception & Concealment Technology π΄
π Read
via "Dark Reading".
The role that these technologies play in the MITRE Shield matrix is a clear indicator that they are an essential part of today's security landscape.π Read
via "Dark Reading".
Dark Reading
MITRE Shield Matrix Highlights Deception & Concealment Technology
The role that these technologies play in the MITRE Shield matrix is a clear indicator that they are an essential part of today's security landscape.
β Facebook βcopyright violationβ tries to get past 2FA β donβt fall for it! β
π Read
via "Naked Security".
Watch out for "Facebook copyright violation" emails - even if they link straight back to Facebook.comπ Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2020-11854 βΌ
π Read
via "National Vulnerability Database".
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2020-11858 βΌ
π Read
via "National Vulnerability Database".
Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2020-15238 βΌ
π Read
via "National Vulnerability Database".
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any local user can possibly exploit this. If Polkit-1 is enabled for version 2.0.6 and later, a possible attacker needs to be allowed to use the `org.blueman.dhcp.client` action. That is limited to users in the wheel group in the shipped rules file that do have the privileges anyway. On systems with ISC DHCP client (dhclient), attackers can pass arguments to `ip link` with the interface name that can e.g. be used to bring down an interface or add an arbitrary XDP/BPF program. On systems with dhcpcd and without ISC DHCP client, attackers can even run arbitrary scripts by passing `-c/path/to/script` as an interface name. Patches are included in 2.1.4 and master that change the DhcpClient D-Bus method(s) to accept BlueZ network object paths instead of network interface names. A backport to 2.0(.8) is also available. As a workaround, make sure that Polkit-1-support is enabled and limit privileges for the `org.blueman.dhcp.client` action to users that are able to run arbitrary commands as root anyway in /usr/share/polkit-1/rules.d/blueman.rules.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26156 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
π Employee Surveillance Tied to $41M GDPR Fine π
π Read
via "Digital Guardian".
The apparel company H&M is being asked to pay a 35 million Euro fine, roughly $41 million dollars, stemming from a GDPR violation.π Read
via "Digital Guardian".
Digital Guardian
Employee Surveillance Tied to $41M GDPR Fine
The apparel company H&M is being asked to pay a 35 million Euro fine, roughly $41 million dollars, stemming from a GDPR violation.
β Amazon Fires Employee Who Leaked Customer Names, Emails β
π Read
via "Threat Post".
Amazon notified customers and law enforcement of the insider-threat incident this week.π Read
via "Threat Post".
Threat Post
Amazon Fires Employee Who Leaked Customer Names, Emails
Amazon notified customers and law enforcement of the insider-threat incident this week.
π΄ Chinese Attackers' Favorite Flaws Prove Global Threats, Research Shows π΄
π Read
via "Dark Reading".
Following the NSA's list of 25 security flaws often weaponized by Chinese attackers, researchers evaluated how they're used around the world.π Read
via "Dark Reading".
Dark Reading
Chinese Attackers' Favorite Flaws Prove Global Threats, Research Shows
Following the NSA's list of 25 security flaws often weaponized by Chinese attackers, researchers evaluated how they're used around the world.
π¦Ώ US elections are still vulnerable to email spoofing π¦Ώ
π Read
via "Tech Republic".
A recent Valimail report spells out several potential threats that can impact election security. But there are ways to protect your organization.π Read
via "Tech Republic".
TechRepublic
US elections are still vulnerable to email spoofing
A recent Valimail report spells out several potential threats that can impact election security. But there are ways to protect your organization.
β Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe β
π Read
via "Threat Post".
Systems designed by Mottech Water Management were misconfigured and put in place and connected to the internet without password protections.π Read
via "Threat Post".
Threat Post
Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe
Systems designed by Mottech Water Management were misconfigured and put in place and connected to the internet without password protections.
βΌ CVE-2019-8525 βΌ
π Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2019-8640 βΌ
π Read
via "National Vulnerability Database".
A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra. A sandboxed process may be able to circumvent sandbox restrictions.π Read
via "National Vulnerability Database".
βΌ CVE-2019-8761 βΌ
π Read
via "National Vulnerability Database".
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Parsing a maliciously crafted text file may lead to disclosure of user information.π Read
via "National Vulnerability Database".
βΌ CVE-2019-8776 βΌ
π Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2019-6238 βΌ
π Read
via "National Vulnerability Database".
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted package may lead to arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2019-8538 βΌ
π Read
via "National Vulnerability Database".
A denial of service issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. Processing a maliciously crafted vcf file may lead to a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2019-8712 βΌ
π Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2019-8834 βΌ
π Read
via "National Vulnerability Database".
A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list.π Read
via "National Vulnerability Database".
βΌ CVE-2019-8638 βΌ
π Read
via "National Vulnerability Database".
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2020-3864 βΌ
π Read
via "National Vulnerability Database".
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.π Read
via "National Vulnerability Database".