‼ CVE-2020-12308 ‼
📖 Read
via "National Vulnerability Database".
Improper access control for the Intel(R) Computing Improvement Program before version 2.4.5982 may allow an unprivileged user to potentially enable information disclosure via network access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-8757 ‼
📖 Read
via "National Vulnerability Database".
Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12312 ‼
📖 Read
via "National Vulnerability Database".
Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.2 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28269 ‼
📖 Read
via "National Vulnerability Database".
Prototype pollution vulnerability in 'field' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution.📖 Read
via "National Vulnerability Database".
🦿 How and when to change your Google password 🦿
📖 Read
via "Tech Republic".
If you've ever been tempted to change your Google account password, but weren't sure how, don't let that confusion stop you. Jack Wallen walks you through the process.📖 Read
via "Tech Republic".
TechRepublic
How and when to change your Google password
If you've ever been tempted to change your Google account password, but weren't sure how, don't let that confusion stop you. Jack Wallen walks you through the process.
🕴 New 'CostaRicto' Hack-for-Hire Group Targets Global Businesses 🕴
📖 Read
via "Dark Reading".
The group of APT mercenaries uses bespoke malware and strong operation security to target a range of organizations, located primarily in Southeast Asia.📖 Read
via "Dark Reading".
Dark Reading
New 'CostaRicto' Hack-for-Hire Group Targets Global Businesses
The group of APT mercenaries uses bespoke malware and strong operation security to target a range of organizations, located primarily in Southeast Asia.
🔏 Despite Pandemic, Cybersecurity Skills Gap Shrinking 🔏
📖 Read
via "Digital Guardian".
An industry nonprofit suggests that because of the pandemic, the cybersecurity talent gap is shrinking for the first time but that more than half of organizations still are at risk because of cybersecurity staff shortages.📖 Read
via "Digital Guardian".
Digital Guardian
Despite Pandemic, Cybersecurity Skills Gap Shrinking
An industry nonprofit suggests that because of the pandemic, the cybersecurity talent gap is shrinking for the first time but that more than half of organizations still are at risk because of cybersecurity staff shortages.
‼ CVE-2020-12335 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the installer for the Intel(R) Processor Identification Utility before version 6.4.0603 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26805 ‼
📖 Read
via "National Vulnerability Database".
In Sentrifugo 3.2, admin can edit employee's informations via this endpoint --> /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data from database or write data into the database.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12332 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12323 ‼
📖 Read
via "National Vulnerability Database".
Improper input validation in the Intel(R) ADAS IE before version ADAS_IE_1.0.766 may allow a privileged user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-24525 ‼
📖 Read
via "National Vulnerability Database".
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26804 ‼
📖 Read
via "National Vulnerability Database".
In Sentrifugo 3.2, users can share an announcement under "Organization -> Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26803 ‼
📖 Read
via "National Vulnerability Database".
In Sentrifugo 3.2, users can upload an image under "Assets -> Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12334 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12326 ‼
📖 Read
via "National Vulnerability Database".
Improper initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable information disclosure via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12349 ‼
📖 Read
via "National Vulnerability Database".
Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12345 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the installer for the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12353 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable denial of service via network access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12333 ‼
📖 Read
via "National Vulnerability Database".
Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15783 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service.📖 Read
via "National Vulnerability Database".