π΄ Telos Goes Public π΄
π Read
via "Dark Reading".
Nearly a month after McAfee made its second appearance on the public market, the Virginia-based provider of security services to government and commercial organizations makes its own debut.π Read
via "Dark Reading".
Dark Reading
Telos Goes Public
Nearly a month after McAfee made its second appearance on the public market, the Virginia-based provider of security services to government and commercial organizations makes its own debut.
βΌ CVE-2020-5668 βΌ
π Read
via "National Vulnerability Database".
Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, RJ71C24 (-R2/R4) all versions, and RJ71GN11-T2 all versions) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the module by a specially crafted SLMP packetπ Read
via "National Vulnerability Database".
βΌ CVE-2020-4788 βΌ
π Read
via "National Vulnerability Database".
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.π Read
via "National Vulnerability Database".
π΄ How Cyberattacks Work π΄
π Read
via "Dark Reading".
Cyberattacks are run like military attacks, in four main phases: reconnaissance, attack, exfiltration, and maintaining position. Understanding this makes fighting back easier.π Read
via "Dark Reading".
Dark Reading
How Cyberattacks Work - Dark Reading
Cyberattacks are run like military attacks, in four main phases: reconnaissance, attack, exfiltration, and maintaining position. Understanding this makes fighting back easier.
π¦Ώ It's time for banks to rethink how they secure customer information π¦Ώ
π Read
via "Tech Republic".
Jack Wallen thinks banks and credit card companies need to start considering radical ideas to increase their security. In fact, he goes so far as to share such an idea.π Read
via "Tech Republic".
TechRepublic
It's time for banks to rethink how they secure customer information
Jack Wallen thinks banks and credit card companies need to start considering radical ideas to increase their security. In fact, he goes so far as to share such an idea.
βΌ CVE-2020-4937 βΌ
π Read
via "National Vulnerability Database".
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 191814.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4739 βΌ
π Read
via "National Vulnerability Database".
IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 188149.π Read
via "National Vulnerability Database".
β S3 Ep7: When ransomware crooks get a big fat zero! [Podcast] β
π Read
via "Naked Security".
Here's the latest podcast - listen now!π Read
via "Naked Security".
Naked Security
S3 Ep7: When ransomware crooks get a big fat zero! [Podcast]
Hereβs the latest podcast β listen now!
π GRAudit Grep Auditing Tool 2.8 π
π Read
via "Packet Storm Security".
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.π Read
via "Packet Storm Security".
Packetstormsecurity
GRAudit Grep Auditing Tool 2.8 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Facebook patches Messenger audio snooping bug β update now! β
π Read
via "Naked Security".
Do you ever make, ahem, "pointed remarks" just before answering calls from people you would rather avoid?π Read
via "Naked Security".
Naked Security
Facebook patches Messenger audio snooping bug β update now!
Do you ever make, ahem, βpointed remarksβ just before answering calls from people you would rather avoid?
π Friday Five 11/20 π
π Read
via "Digital Guardian".
IoT legislation, automation in cybersecurity, and privacy rights - catch up on all of the week's infosec news with the Friday Five!π Read
via "Digital Guardian".
Digital Guardian
Friday Five 11/20
IoT legislation, automation in cybersecurity, and privacy rights - catch up on all of the week's infosec news with the Friday Five!
βΌ CVE-2020-13671 βΌ
π Read
via "National Vulnerability Database".
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.π Read
via "National Vulnerability Database".
βΌ CVE-2020-19667 βΌ
π Read
via "National Vulnerability Database".
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7842 βΌ
π Read
via "National Vulnerability Database".
Improper Input validation vulnerability exists in Netis Korea D'live AP which could cause arbitrary command injection and execution when the time setting (using ntpServerlp1 parameter) for the users. This affects D'live set-top box AP(WF2429TB) v1.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28877 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N.π Read
via "National Vulnerability Database".
βΌ CVE-2020-19668 βΌ
π Read
via "National Vulnerability Database".
Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25839 βΌ
π Read
via "National Vulnerability Database".
NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1.π Read
via "National Vulnerability Database".
β New Grelos Skimmer Variants Siphon Credit Card Data β
π Read
via "Threat Post".
Domains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far.π Read
via "Threat Post".
Threat Post
New Grelos Skimmer Variants Siphon Credit Card Data
Domains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far.
βΌ CVE-2020-28974 βΌ
π Read
via "National Vulnerability Database".
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26236 βΌ
π Read
via "National Vulnerability Database".
In ScratchVerifier before commit a603769, an attacker can hijack the verification process to log into someone else's account on any site that uses ScratchVerifier for logins. A possible exploitation would follow these steps: 1. User starts login process. 2. Attacker attempts login for user, and is given the same verification code. 3. User comments code as part of their normal login. 4. Before user can, attacker completes the login process now that the code is commented. 5. User gets a failed login and attacker now has control of the account. Since commit a603769 starting a login twice will generate different verification codes, causing both user and attacker login to fail. For clients that rely on a clone of ScratchVerifier not hosted by the developers, their users may attempt to finish the login process as soon as possible after commenting the code. There is no reliable way for the attacker to know before the user can finish the process that the user has commented the code, so this vulnerability only really affects those who comment the code and then take several seconds before finishing the login.π Read
via "National Vulnerability Database".
π΄ How Industrial IoT Security Can Catch Up With OT/IT Convergence π΄
π Read
via "Dark Reading".
Ransomware can easily make a connection between IT and OT already. How can blue teams do the same?π Read
via "Dark Reading".
Dark Reading
How Industrial IoT Security Can Catch Up With OT/IT Convergence
Ransomware can easily make a connection between IT and OT already. How can blue teams do the same?