🦿 How and when to change your Google password 🦿
📖 Read
via "Tech Republic".
If you've ever been tempted to change your Google account password, but weren't sure how, don't let that confusion stop you. Jack Wallen walks you through the process.📖 Read
via "Tech Republic".
TechRepublic
How and when to change your Google password
If you've ever been tempted to change your Google account password, but weren't sure how, don't let that confusion stop you. Jack Wallen walks you through the process.
🕴 New 'CostaRicto' Hack-for-Hire Group Targets Global Businesses 🕴
📖 Read
via "Dark Reading".
The group of APT mercenaries uses bespoke malware and strong operation security to target a range of organizations, located primarily in Southeast Asia.📖 Read
via "Dark Reading".
Dark Reading
New 'CostaRicto' Hack-for-Hire Group Targets Global Businesses
The group of APT mercenaries uses bespoke malware and strong operation security to target a range of organizations, located primarily in Southeast Asia.
🔏 Despite Pandemic, Cybersecurity Skills Gap Shrinking 🔏
📖 Read
via "Digital Guardian".
An industry nonprofit suggests that because of the pandemic, the cybersecurity talent gap is shrinking for the first time but that more than half of organizations still are at risk because of cybersecurity staff shortages.📖 Read
via "Digital Guardian".
Digital Guardian
Despite Pandemic, Cybersecurity Skills Gap Shrinking
An industry nonprofit suggests that because of the pandemic, the cybersecurity talent gap is shrinking for the first time but that more than half of organizations still are at risk because of cybersecurity staff shortages.
‼ CVE-2020-12335 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the installer for the Intel(R) Processor Identification Utility before version 6.4.0603 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26805 ‼
📖 Read
via "National Vulnerability Database".
In Sentrifugo 3.2, admin can edit employee's informations via this endpoint --> /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data from database or write data into the database.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12332 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12323 ‼
📖 Read
via "National Vulnerability Database".
Improper input validation in the Intel(R) ADAS IE before version ADAS_IE_1.0.766 may allow a privileged user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-24525 ‼
📖 Read
via "National Vulnerability Database".
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26804 ‼
📖 Read
via "National Vulnerability Database".
In Sentrifugo 3.2, users can share an announcement under "Organization -> Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26803 ‼
📖 Read
via "National Vulnerability Database".
In Sentrifugo 3.2, users can upload an image under "Assets -> Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12334 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12326 ‼
📖 Read
via "National Vulnerability Database".
Improper initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable information disclosure via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12349 ‼
📖 Read
via "National Vulnerability Database".
Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12345 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the installer for the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12353 ‼
📖 Read
via "National Vulnerability Database".
Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable denial of service via network access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12333 ‼
📖 Read
via "National Vulnerability Database".
Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15783 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-0573 ‼
📖 Read
via "National Vulnerability Database".
Out of bounds read in the Intel CSI2 Host Controller driver may allow an authenticated user to potentially enable information disclosure via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28414 ‼
📖 Read
via "National Vulnerability Database".
A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28415).📖 Read
via "National Vulnerability Database".
‼ CVE-2020-8669 ‼
📖 Read
via "National Vulnerability Database".
Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28415 ‼
📖 Read
via "National Vulnerability Database".
A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28414).📖 Read
via "National Vulnerability Database".