π¦Ώ Malwarebytes: Schools still struggling with connectivity and using last year's antivirus software π¦Ώ
π Read
via "Tech Republic".
About half of IT decision makers in a new survey say they have not added any cybersecurity training for teachers and students since remote learning started.π Read
via "Tech Republic".
TechRepublic
Malwarebytes: Schools still struggling with connectivity and using last year's antivirus software
About half of IT decision makers in a new survey say they have not added any cybersecurity training for teachers and students since remote learning started.
π΄ NSA Warns of Exploits Targeting Recently Disclosed VMware Vulnerability π΄
π Read
via "Dark Reading".
Agency urges organizations to deploy patch as soon as possible since exploit activity is hard to detect.π Read
via "Dark Reading".
Dark Reading
NSA Warns of Exploits Targeting Recently Disclosed VMware Vulnerability
Agency urges organizations to deploy patch as soon as possible since exploit activity is hard to detect.
π΄ The Magic Behind the Magic π΄
π Read
via "Dark Reading".
And oldie but goodie and still pretty truey.π Read
via "Dark Reading".
Dark Reading
The Magic Behind the Magic
And oldie but goodie and still pretty truey.
βΌ CVE-2020-29595 βΌ
π Read
via "National Vulnerability Database".
PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa.π Read
via "National Vulnerability Database".
βΌ CVE-2020-17521 βΌ
π Read
via "National Vulnerability Database".
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and 4.0.0-alpha-1. Fixed in versions 2.4.21, 2.5.14, 3.0.7, 4.0.0-alpha-2.π Read
via "National Vulnerability Database".
βΌ CVE-2020-29597 βΌ
π Read
via "National Vulnerability Database".
IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server.π Read
via "National Vulnerability Database".
βΌ CVE-2020-29600 βΌ
π Read
via "National Vulnerability Database".
In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501.π Read
via "National Vulnerability Database".
βΌ CVE-2020-29599 βΌ
π Read
via "National Vulnerability Database".
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13945 βΌ
π Read
via "National Vulnerability Database".
In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.π Read
via "National Vulnerability Database".
π¦Ώ How to use an SSH config file on macOS for easier connections to your data center servers π¦Ώ
π Read
via "Tech Republic".
Jack Wallen shows you how to make SSH connections even easier from your macOS machine.π Read
via "Tech Republic".
TechRepublic
How to Use an SSH Config File on macOS for Easier Connections to Your Data Center Servers
Jack Wallen shows you how to make SSH connections even easier from your macOS machine.
β Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping β
π Read
via "Threat Post".
The developers behind the Android malware have a new variant that spies on instant messages in WhatsApp, Telegram, Skype and more.π Read
via "Threat Post".
Threat Post
Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping
The developers behind the Android malware have a new variant that spies on instant messages in WhatsApp, Telegram, Skype and more.
π¦Ώ Multi-factor authentication: 5 reasons not to use SMS π¦Ώ
π Read
via "Tech Republic".
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable. Tom Merritt lists five reasons why SMS should not be used for MFA.π Read
via "Tech Republic".
TechRepublic
Top 5 reasons not to use SMS for multi-factor authentication
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable. Tom Merritt lists five reasons why SMS should not be used for MFA.
π¦Ώ Top 5 reasons not to use SMS for multi-factor authentication π¦Ώ
π Read
via "Tech Republic".
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable. Tom Merritt lists five reasons why SMS should not be used for MFA.π Read
via "Tech Republic".
TechRepublic
Top 5 reasons not to use SMS for multi-factor authentication
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable approach. Tom Merritt lists five reasons why SMS should not be used for MFA.
π΄ Trump Signs IoT Security Bill into Law π΄
π Read
via "Dark Reading".
The Internet of Things Cybersecurity Improvement Act of 2020 is now official.π Read
via "Dark Reading".
Dark Reading
Trump Signs IoT Security Bill into Law
The Internet of Things Cybersecurity Improvement Act of 2020 is now official.
β NSA Warns: Patched VMware Bug Under Active Exploit β
π Read
via "Threat Post".
Feds are warning that foreign adversaries are exploiting a weeks-old bug in VMwareβs Workspace One Access and VMware Identity Manager products.π Read
via "Threat Post".
Threat Post
NSA Warns: Patched VMware Bug Under Active Attack
Feds are warning that adversaries are exploiting a weeks-old bug in VMwareβs Workspace One Access and VMware Identity Manager products.
π΄ Phishing Campaign Targets 200M Microsoft 365 Accounts π΄
π Read
via "Dark Reading".
A well-organized email spoofing campaign has been seen targeting financial services, insurance, healthcare, manufacturing, utilities, and telecom.π Read
via "Dark Reading".
Darkreading
Phishing Campaign Targets 200M Microsoft 365 Accounts
A well-organized email spoofing campaign has been seen targeting financial services, insurance, healthcare, manufacturing, utilities, and telecom.
βΌ CVE-2020-8566 βΌ
π Read
via "National Vulnerability Database".
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8563 βΌ
π Read
via "National Vulnerability Database".
In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27641 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-29136. Reason: This candidate is a reservation duplicate of CVE-2020-29136. Notes: All CVE users should reference CVE-2020-29136 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28935 βΌ
π Read
via "National Vulnerability Database".
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8565 βΌ
π Read
via "National Vulnerability Database".
In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl.π Read
via "National Vulnerability Database".