β Botnet Attackers Turn to Vulnerable IoT Devices β
π Read
via "Threat Post".
Cybercriminals are leveraging the multitudes of vulnerable connected devices with botnets that launch dangerous distributed denial-of-service (DDoS) attacks.π Read
via "Threat Post".
Threat Post
Botnet Attackers Turn to Vulnerable IoT Devices
Cybercriminals are leveraging the multitudes of vulnerable connected devices with botnets that launch dangerous distributed denial-of-service (DDoS) attacks.
β Nation-State Attackers Actively Target COVID-19 Vaccine-Makers β
π Read
via "Threat Post".
Three major APTs are involved in ongoing compromises at pharma and clinical organizations involved in COVID-19 research, Microsoft says.π Read
via "Threat Post".
Threat Post
Nation-State Attackers Actively Target COVID-19 Vaccine-Makers
Three major APTs are involved in ongoing compromises at pharma and clinical organizations involved in COVID-19 research, Microsoft says.
β Amazon Sues Instagram, TikTok Influencers Over Knockoff Scam β
π Read
via "Threat Post".
'Order This, Get This': Social-media influencers are in Amazonβs legal crosshairs for promoting generic Amazon listings with the promise to get prohibited counterfeit luxury items instead.π Read
via "Threat Post".
Threat Post
Amazon Sues Instagram, TikTok Influencers Over Knockoff Scam
'Order This, Get This': Social-media influencers are in Amazonβs legal crosshairs for promoting generic Amazon listings with the promise to get prohibited counterfeit luxury items instead.
βΌ CVE-2020-26223 βΌ
π Read
via "National Vulnerability Database".
Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree < 3.7 are not affected.π Read
via "National Vulnerability Database".
π΄ CISA Director Expects to Be Fired Following Secure Election π΄
π Read
via "Dark Reading".
Top US cybersecurity leader Chris Krebs, who has been vocal about the security of this year's election, expects he'll be removed from his role.π Read
via "Dark Reading".
Dark Reading
CISA Director Expects to Be Fired Following Secure Election
Top US cybersecurity leader Chris Krebs, who has been vocal about the security of this year's election, expects he'll be removed from his role.
βΌ CVE-2020-0599 βΌ
π Read
via "National Vulnerability Database".
Improper access control in the PMC for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5796 βΌ
π Read
via "National Vulnerability Database".
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2020-12338 βΌ
π Read
via "National Vulnerability Database".
Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26230 βΌ
π Read
via "National Vulnerability Database".
Radar COVID is the official COVID-19 exposure notification app for Spain. In affected versions of Radar COVID, identification and de-anonymization of COVID-19 positive users that upload Radar COVID TEKs to the Radar COVID server is possible. This vulnerability enables the identification and de-anonymization of COVID-19 positive users when using Radar COVID. The vulnerability is caused by the fact that Radar COVID connections to the server (uploading of TEKs to the backend) are only made by COVID-19 positives. Therefore, any on-path observer with the ability to monitor traffic between the app and the server can identify which users had a positive test. Such an adversary can be the mobile network operator (MNO) if the connection is done through a mobile network, the Internet Service Provider (ISP) if the connection is done through the Internet (e.g., a home network), a VPN provider used by the user, the local network operator in the case of enterprise networks, or any eavesdropper with access to the same network (WiFi or Ethernet) as the user as could be the case of public WiFi hotspots deployed at shopping centers, airports, hotels, and coffee shops. The attacker may also de-anonymize the user. For this additional stage to succeed, the adversary needs to correlate Radar COVID traffic to other identifiable information from the victim. This could be achieved by associating the connection to a contract with the name of the victim or by associating Radar COVID traffic to other user-generated flows containing identifiers in the clear (e.g., HTTP cookies or other mobile flows sending unique identifiers like the IMEI or the AAID without encryption). The former can be executed, for instance, by the Internet Service Provider or the MNO. The latter can be executed by any on-path adversary, such as the network provider or even the cloud provider that hosts more than one service accessed by the victim. The farther the adversary is either from the victim (the client) or the end-point (the server), the less likely it may be that the adversary has access to re-identification information. The vulnerability has been mitigated with the injection of dummy traffic from the application to the backend. Dummy traffic is generated by all users independently of whether they are COVID-19 positive or not. The issue was fixed in iOS in version 1.0.8 (uniform distribution), 1.1.0 (exponential distribution), Android in version 1.0.7 (uniform distribution), 1.1.0 (exponential distribution), Backend in version 1.1.2-RELEASE. For more information see the referenced GitHub Security Advisory.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7962 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in One Identity Password Manager 5.8. An attacker could enumerate valid answers for a user. It is possible for an attacker to detect a valid answer based on the HTTP response content, and reuse this answer later for a password reset on a chosen password. The enumeration is possible because, within the HTTP response content, WRONG ID is only returned when the answer is incorrect.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13638 βΌ
π Read
via "National Vulnerability Database".
lib/crud/userprocess.php in rConfig 3.9.x before 3.9.7 has an authentication bypass, leading to administrator account creation. This issue has been fixed in 3.9.7.π Read
via "National Vulnerability Database".
βΌ CVE-2020-12313 βΌ
π Read
via "National Vulnerability Database".
Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.π Read
via "National Vulnerability Database".
βΌ CVE-2020-6157 βΌ
π Read
via "National Vulnerability Database".
Opera Touch for iOS before version 2.4.5 is vulnerable to an address bar spoofing attack. The vulnerability allows a malicious page to trick the browser into showing an address of a different page. This may allow the malicious page to impersonate another page and trick a user into providing sensitive data.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27217 βΌ
π Read
via "National Vulnerability Database".
In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. In particular, a device may send messages that are bigger than the max-message-size that the protocol adapter has indicated during link establishment. While the AMQP 1.0 protocol explicitly disallows a peer to send such messages, a hand crafted AMQP 1.0 client could exploit this behavior in order to send a message of unlimited size to the adapter, eventually causing the adapter to fail with an out of memory exception.π Read
via "National Vulnerability Database".
π΄ Apple Issues Security Updates π΄
π Read
via "Dark Reading".
Vulnerabilities found in three most recent versions of macOS.π Read
via "Dark Reading".
Dark Reading
Apple Issues Security Updates
Vulnerabilities found in three most recent versions of macOS.
βΌ CVE-2020-28638 βΌ
π Read
via "National Vulnerability Database".
ask_password in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non-empty, causing affected users' files to be encrypted with "tomb {W] Detected DISPLAY, but only pinentry-curses is found." as the encryption key.π Read
via "National Vulnerability Database".
βΌ CVE-2020-15481 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSForensics v7.1 Build 1012, and PerformanceTest v10.0 Build 1008. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling process. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys drivers. This issue is fixed in BurnInTest v9.2, PerformanceTest v10.0 Build 1009, OSForensics v8.0.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7772 βΌ
π Read
via "National Vulnerability Database".
This affects the package doc-path before 2.1.2.π Read
via "National Vulnerability Database".
βΌ CVE-2019-19562 βΌ
π Read
via "National Vulnerability Database".
An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information.π Read
via "National Vulnerability Database".
βΌ CVE-2019-19561 βΌ
π Read
via "National Vulnerability Database".
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information.π Read
via "National Vulnerability Database".
βΌ CVE-2019-19557 βΌ
π Read
via "National Vulnerability Database".
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information.π Read
via "National Vulnerability Database".