β Firing of CISA Chief Christopher Krebs Widely Condemned β
π Read
via "Threat Post".
President Trump fired US cybersecurity chief over Twitter Tuesday, an act widely condemned within the cybersecurity community.π Read
via "Threat Post".
Threat Post
Firing of CISA Chief Christopher Krebs Widely Condemned
President Trump fired US cybersecurity chief over Twitter Tuesday, an act widely condemned within the cybersecurity community.
π¦Ώ Microsoft's new security chip takes PC protection to a higher level π¦Ώ
π Read
via "Tech Republic".
Intel, AMD and Qualcomm will use the Microsoft-designed Pluton security processor from Xbox One and Azure Sphere in future SoCs to deliver better protection than a TPM.π Read
via "Tech Republic".
π¦Ώ Zoom: These new features will prevent trolls and meeting-crashers π¦Ώ
π Read
via "Tech Republic".
Zoom hosts can now pause a meeting while they remove a disruptive participant, and a new web-scanning tool will seek out compromised meeting links.π Read
via "Tech Republic".
TechRepublic
Zoom: These new features will prevent trolls and meeting-crashers
Zoom hosts can now pause a meeting while they remove a disruptive participant, and a new web-scanning tool will seek out compromised meeting links.
π¦Ώ "123456" tops list of most common passwords for 2020 π¦Ώ
π Read
via "Tech Republic".
People are still using very simple passwords, with many of them similar to the ones they used in 2019, according to NordPass.π Read
via "Tech Republic".
TechRepublic
"123456" tops list of most common passwords for 2020
People are still using very simple passwords, with many of them similar to the ones they used in 2019, according to NordPass.
π¦Ώ How to improve the security of your public cloud π¦Ώ
π Read
via "Tech Republic".
Almost all the professionals who responded to a survey from BitGlass were concerned about the security of their public cloud apps and data.π Read
via "Tech Republic".
TechRepublic
How to improve the security of your public cloud
Almost all the professionals who responded to a survey from BitGlass were concerned about the security of their public cloud apps and data.
π΄ Researchers Say They've Developed Fastest Open Source IDS/IPS π΄
π Read
via "Dark Reading".
With a five-processor core, "Pigasus" delivers the same performance as a system with between 100 and 700 cores, according to a team from Carnegie Mellon University's CyLab.π Read
via "Dark Reading".
Dark Reading
Researchers Say They've Developed Fastest Open Source IDS/IPS
With a five-processor core, Pigasus delivers the same performance as a system with between 100 and 700 cores, according to a team from Carnegie Mellon University's CyLab.
β Sophos 2021 Threat Report: Navigating cybersecurity in an uncertain world β
π Read
via "Naked Security".
Here's the latest Sophos Threat Report - learn what cybercriminals are up to on Windows, Linux, Android and moreπ Read
via "Naked Security".
Naked Security
Sophos 2021 Threat Report: Navigating cybersecurity in an uncertain world
Hereβs the latest Sophos Threat Report β learn what cybercriminals are up to on Windows, Linux, Android and more
π΄ How to Identify Cobalt Strike on Your Network π΄
π Read
via "Dark Reading".
Common antivirus systems frequently miss Cobalt Strike, a stealthy threat emulation toolkit admired by red teams and attackers alike.π Read
via "Dark Reading".
Dark Reading
How to Identify Cobalt Strike on Your Network
Common antivirus systems frequently miss Cobalt Strike, a stealthy threat emulation toolkit admired by red teams and attackers alike.
π¦Ώ Security experts level criticism at Apple after Big Sur launch issues π¦Ώ
π Read
via "Tech Republic".
Users took to social media to complain about slow systems with one report pointing to an OCSP responder as the culprit.π Read
via "Tech Republic".
TechRepublic
Security experts level criticism at Apple after Big Sur launch issues
Users took to social media to complain about slow systems with one report pointing to an OCSP responder as the culprit.
π¦Ώ 66% of companies say it would take 5 or more days to fully recover from a ransomware attack ransom not paid π¦Ώ
π Read
via "Tech Republic".
Veritas research finds data protection strategies are not keeping pace with the complexity of the attacks enterprises are facing.π Read
via "Tech Republic".
TechRepublic
66% of companies say it would take 5 or more days to fully recover from a ransomware attack ransom not paid
Veritas research finds data protection strategies are not keeping pace with the complexity of the attacks enterprises are facing.
π¦Ώ How remote working poses security risks for your organization π¦Ώ
π Read
via "Tech Republic".
Companies are at greater risk due to phishing attacks, password sharing, and unsecured personal devices, says SailPoint.π Read
via "Tech Republic".
TechRepublic
How remote working poses security risks for your organization
Companies are at greater risk due to phishing attacks, password sharing, and unsecured personal devices, says SailPoint.
βΌ CVE-2020-24723 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7562 βΌ
π Read
via "National Vulnerability Database".
A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7564 βΌ
π Read
via "National Vulnerability Database".
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write access and the execution of commands when uploading a specially crafted file on the controller over FTP.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7563 βΌ
π Read
via "National Vulnerability Database".
A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28361 βΌ
π Read
via "National Vulnerability Database".
Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the remove_hf function in the Kamailio textops module.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28005 βΌ
π Read
via "National Vulnerability Database".
httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023π Read
via "National Vulnerability Database".
βΌ CVE-2020-25406 βΌ
π Read
via "National Vulnerability Database".
app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows users to upload files to upload executable files.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28724 βΌ
π Read
via "National Vulnerability Database".
Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28578 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28572 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in Trend Micro Apex One could allow an unprivileged user to abuse the product installer to reinstall the agent with additional malicious code in the context of a higher privilege.π Read
via "National Vulnerability Database".