❌ Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut ❌
📖 Read
via "Threat Post".
A report on the underground economy finds that malicious actors are offering cloud-based troves of stolen data, accessible with handy tools to slice and dice what's on offer.📖 Read
via "Threat Post".
Threat Post
Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut
A report on the underground economy finds that malicious actors are offering cloud-based troves of stolen data, accessible with handy tools to slice and dice what's on offer.
‼ CVE-2020-8897 ‼
📖 Read
via "National Vulnerability Database".
A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. Due to the non-committing property of AES-GCM (and other AEAD ciphers such as AES-GCM-SIV or (X)ChaCha20Poly1305) used by the SDKs to encrypt messages, an attacker can craft a unique cyphertext which will decrypt to multiple different results, and becomes especially relevant in a multi-recipient setting. We recommend users update their SDK to 2.0.0 or later.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-7765 ‼
📖 Read
via "National Vulnerability Database".
This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-7773 ‼
📖 Read
via "National Vulnerability Database".
This affects the package markdown-it-highlightjs before 3.3.1. It is possible insert malicious JavaScript as a value of lang in the markdown-it-highlightjs Inline code highlighting feature. const markdownItHighlightjs = require("markdown-it-highlightjs"); const md = require('markdown-it'); const reuslt_xss = md() .use(markdownItHighlightjs, { inline: true }) .render('console.log(42){.">js}'); console.log(reuslt_xss);📖 Read
via "National Vulnerability Database".
🕴 A Call for Change in Physical Security 🕴
📖 Read
via "Dark Reading".
We're at an inflection point. The threats we face are dynamic, emerging, and global. Are you ready?📖 Read
via "Dark Reading".
Dark Reading
A Call for Change in Physical Security
We're at an inflection point. The threats we face are dynamic, emerging, and global. Are you ready?
⚠ How to do cybersecurity – join us online for the Sophos Evolve event! ⚠
📖 Read
via "Naked Security".
Join us this week or next week for a free online event to learn how cybersecurity is evolving, and why.📖 Read
via "Naked Security".
Naked Security
How to do cybersecurity – join us online for the Sophos Evolve event
Join us this week or next week for a free online event to learn how cybersecurity is evolving, and why.
❌ Exposed Database Reveals 100K+ Compromised Facebook Accounts ❌
📖 Read
via "Threat Post".
Cybercriminals left an ElasticSearch database exposed, revealing a global attack that compromised Facebook accounts and used them to scam others.📖 Read
via "Threat Post".
Threat Post
Exposed Database Reveals 100K+ Compromised Facebook Accounts
Cybercriminals left an ElasticSearch database exposed, revealing a global attack that compromised Facebook accounts and used them to scam others.
🛠 nfstream 6.2.3 🛠
📖 Read
via "Packet Storm Security".
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.📖 Read
via "Packet Storm Security".
Packetstormsecurity
nfstream 6.2.3 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🛠 Machosec 1.0 🛠
📖 Read
via "Packet Storm Security".
Machosec is a script that checks the security of Mach-O 64-bit executables and application bundles for dyld injection vulnerabilities, LC_RPATH vulnerabilities leading to dyld injection, symlinks pointing to attacker controlled locations, writable by others vulnerabilities, missing stack canaries, disabled PIE (ASLR), and disabled FORTIFY_SOURCE (keeping insecure functions such as strcpy, memcpy etc.).📖 Read
via "Packet Storm Security".
Packetstormsecurity
Machosec 1.0 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
‼ CVE-2020-27422 ‼
📖 Read
via "National Vulnerability Database".
In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire once used, allowing an attacker to use the same link to takeover the account.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25209 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27627 ‼
📖 Read
via "National Vulnerability Database".
JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13772 ‼
📖 Read
via "National Vulnerability Database".
In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25207 ‼
📖 Read
via "National Vulnerability Database".
JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13769 ‼
📖 Read
via "National Vulnerability Database".
LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27626 ‼
📖 Read
via "National Vulnerability Database".
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27423 ‼
📖 Read
via "National Vulnerability Database".
Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on any legitimate user's mailbox📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27622 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26129 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25013 ‼
📖 Read
via "National Vulnerability Database".
JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler.📖 Read
via "National Vulnerability Database".