βΌ CVE-2020-27346 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.π Read
via "National Vulnerability Database".
β Police to Livestream Ring Camera Footage of Mississippi Residents β
π Read
via "Threat Post".
Pilot program again sparks privacy fears from ACLU as Amazon takes its partnership with law enforcement to the next level.π Read
via "Threat Post".
Threat Post
Police to Livestream Ring Camera Footage of Mississippi Residents
A Mississippi pilot program that allows police to livestream private camera footage sparks privacy fears from the ACLU.
β Another Chrome zero-day, this time on Android β check your version! β
π Read
via "Naked Security".
Another week, another Chrome zero-day, this time on your phone.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Code42 Incydr Series: Why Most Companies Canβt Stop Departing Employee Data Theft β
π Read
via "Threat Post".
According to Code42βs Data Exposure Report, 63% of employees say they brought data with them from their previous employer to their current employer.π Read
via "Threat Post".
Threat Post
Code42 Incydr Series: Why Most Companies Canβt Stop Departing Employee Data Theft
According to Code42βs Data Exposure Report, 63% of employees say they brought data with them from their previous employer to their current employer.
π΄ CSA Moves to Redefine Cloud-Based Intelligence π΄
π Read
via "Dark Reading".
The new paradigm seeks to understand, integrate, and automate data workflows, and better yet, doesn't require significant investment or more personnel.π Read
via "Dark Reading".
Dark Reading
CSA Moves to Redefine Cloud-Based Intelligence
The new paradigm seeks to understand, integrate, and automate data workflows, and better yet, doesn't require significant investment or more personnel.
π Sifter 10.6m π
π Read
via "Packet Storm Security".
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.π Read
via "Packet Storm Security".
Packetstormsecurity
Sifter 10.6m β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β VMware Issues Updated Fix For Critical ESXi Flaw β
π Read
via "Threat Post".
A previous fix for the critical remote code execution bug was "incomplete," according to VMware.π Read
via "Threat Post".
Threat Post
VMware Issues Updated Fix For Critical ESXi Flaw
A previous fix for the critical remote code execution bug was "incomplete," according to VMware.
β Toymaker Mattel Hit by Ransomware Attack β
π Read
via "Threat Post".
Financial disclosure filings describe a ransomware attack that delivered a weak punch.π Read
via "Threat Post".
Threat Post
Toymaker Mattel Hit by Ransomware Attack
Financial disclosure filings describe a ransomware attack that delivered weak punch.
π΄ Containers for Data Analysis Are Rife With Vulnerabilities π΄
π Read
via "Dark Reading".
Old software components and the inclusion of unnecessary code created a massive attack surface area in containers for scientific analysis, researchers say.π Read
via "Dark Reading".
Dark Reading
Containers for Data Analysis Are Rife With Vulnerabilities
Old software components and the inclusion of unnecessary code created a massive attack surface area in containers for scientific analysis, researchers say.
βΌ CVE-2020-2314 βΌ
π Read
via "National Vulnerability Database".
Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.π Read
via "National Vulnerability Database".
π΄ Prepare for the Unexpected: Costs to Consider in Security Budgets π΄
π Read
via "Dark Reading".
Organizations that update business models to include cybersecurity as part of a strategic planning process may be able to better withstand unexpected disruptions.π Read
via "Dark Reading".
Dark Reading
Prepare for the Unexpected: Costs to Consider in Security Budgets
Organizations that update business models to include cybersecurity as part of a strategic planning process may be able to better withstand unexpected disruptions.
π Logistics Firm Claims Former Exec Took Secrets to Start New Firm π
π Read
via "Digital Guardian".
This US logistics company claims a former board member stole company secrets to set up his own competitor.π Read
via "Digital Guardian".
Digital Guardian
Logistics Firm Claims Former Exec Took Secrets to Start New Firm
This US logistics company claims a former board member stole company secrets to set up his own competitor.
βΌ CVE-2020-22274 βΌ
π Read
via "National Vulnerability Database".
JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.π Read
via "National Vulnerability Database".
βΌ CVE-2020-22273 βΌ
π Read
via "National Vulnerability Database".
Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed (such as Payment Settings)π Read
via "National Vulnerability Database".
βΌ CVE-2020-22276 βΌ
π Read
via "National Vulnerability Database".
WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry.π Read
via "National Vulnerability Database".
βΌ CVE-2020-22278 βΌ
π Read
via "National Vulnerability Database".
phpMyAdmin through 5.0.2 allows CSV injection via Export Sectionπ Read
via "National Vulnerability Database".
βΌ CVE-2020-22275 βΌ
π Read
via "National Vulnerability Database".
Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. After that, when the system administrator generates CSV output from the forms information, there is no check on this inputs and the codes are executable.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8036 βΌ
π Read
via "National Vulnerability Database".
The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.π Read
via "National Vulnerability Database".
π΄ Hexagon Announces Deal to Acquire PAS Global π΄
π Read
via "Dark Reading".
The Houston-based PAS Global will operate as part of Hexagon's PPM (formerly Intergraph Process, Power & Marine) division.π Read
via "Dark Reading".
Dark Reading
Hexagon Announces Deal to Acquire PAS Global
The Houston-based PAS Global will operate as part of Hexagon's PPM (formerly Intergraph Process, Power & Marine) division.
π¦Ώ What's happening today: The election and online spending π¦Ώ
π Read
via "Tech Republic".
As Americans anxiously await clarity regarding final voting counts and results of yesterday's election, a new report found 26% of US consumers correlate who will win with how much they'll spend.π Read
via "Tech Republic".
TechRepublic
What's happening today: The election and online spending
As Americans anxiously await clarity regarding final voting counts and results of yesterday's election, a new report found 26% of US consumers correlate who will win with how much they'll spend.
βΌ CVE-2020-7128 βΌ
π Read
via "National Vulnerability Database".
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.π Read
via "National Vulnerability Database".