βΌ CVE-2020-26828 βΌ
π Read
via "National Vulnerability Database".
SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type. In some file types it is possible to enter formulas which can call external applications or execute scripts. The execution of a payload (script) on target machine could be used to steal and modify the data available in the spreadsheetπ Read
via "National Vulnerability Database".
π 50 Cloud-Based Security Selection Tips π
π Read
via "Digital Guardian".
With more and more companies making the move to the cloud, security remains an utmost concern. Reviewing a cloud security solution? Ask yourself these 50 questions.π Read
via "Digital Guardian".
Digital Guardian
50 Cloud-Based Security Selection Tips
With more and more companies making the move to the cloud, security remains an utmost concern. Reviewing a cloud security solution? Ask yourself these 50 questions.
β SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign β
π Read
via "Threat Post".
Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets.π Read
via "Threat Post".
Threat Post
SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign
Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets.
π΄ Former Microsoft Cloud Security Leads Unveil New Startup π΄
π Read
via "Dark Reading".
Wiz has raised $100 million since its January launch and plans to help businesses with visibility into cloud security threats.π Read
via "Dark Reading".
Darkreading
Former Microsoft Cloud Security Leads Unveil New Startup
Wiz has raised $100 million since its January launch and plans to help businesses with visibility into cloud security threats.
π΄ Vulnerabilities Continue Around 2019 Pace π΄
π Read
via "Dark Reading".
After lagging 2019 numbers in the first quarter, vulnerabilities have surged in the rest of 2020, leading researchers to predict that final numbers for this year will meet or exceed those of last year, report says.π Read
via "Dark Reading".
Dark Reading
Vulnerabilities Continue Around 2019 Pace
After lagging 2019 numbers in the first quarter, vulnerabilities have surged in the rest of 2020, leading researchers to predict that final numbers for this year will meet or exceed those of last year, report says.
β Record Levels of Software Bugs Plague Short-Staffed IT Teams in 2020 β
π Read
via "Threat Post".
As just one symptom, 83 percent of the Top 30 U.S. retailers have vulnerabilities which pose an βimminentβ cyber-threat, including Amazon, Costco, Kroger and Walmart.π Read
via "Threat Post".
Threat Post
Record Levels of Software Bugs Plague Short-Staffed IT Teams in 2020
As just one symptom, 83 percent of the Top 30 U.S. retailers have vulnerabilities which pose an βimminentβ cyber-threat, including Amazon, Costco, Kroger and Walmart.
βΌ CVE-2020-28086 βΌ
π Read
via "National Vulnerability Database".
pass through 1.7.3 has a possibility of using a password for an unintended resource. For exploitation to occur, the user must do a git pull, decrypt a password, and log into a remote service with the password. If an attacker controls the central Git server or one of the other members' machines, and also controls one of the services already in the password store, they can rename one of the password files in the Git repository to something else: pass doesn't correctly verify that the content of a file matches the filename, so a user might be tricked into decrypting the wrong password and sending that to a service that the attacker controls. NOTE: for environments in which this threat model is of concern, signing commits can be a solution.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26257 βΌ
π Read
via "National Vulnerability Database".
Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a `/send_join`, `/send_leave`, `/invite` or `/exchange_third_party_invite` request. This can lead to a denial of service in which future events will not be correctly sent to other servers over federation. This affects any server which accepts federation requests from untrusted servers. The Matrix Synapse reference implementation before version 1.23.1 the implementation is vulnerable to this injection attack. Issue is fixed in version 1.23.1. As a workaround homeserver administrators could limit access to the federation API to trusted servers (for example via `federation_domain_whitelist`).π Read
via "National Vulnerability Database".
π΄ 10 Ways Device Identifiers Can Spot a Cybercriminal π΄
π Read
via "Dark Reading".
Device IDs, which are assigned to mobile devices to distinguish one from another, can help organizations flag fraud, cyberattacks, and other suspicious activities.π Read
via "Dark Reading".
Dark Reading
10 Ways Device Identifiers Can Spot a Cybercriminal
Device IDs, which are assigned to mobile devices to distinguish one from another, can help organizations flag fraud, cyberattacks, and other suspicious activities.
π΄ Security Incidents Are 'Tip of the Iceberg,' Says UK Security Official π΄
π Read
via "Dark Reading".
Pete Cooper, deputy director of cyber defense for the UK Cabinet Office, emphasized the importance of security fundamentals, collaboration, and diversity in his Black Hat Europe keynote talk.π Read
via "Dark Reading".
Dark Reading
Security Incidents Are 'Tip of the Iceberg,' Says UK Security Official
Pete Cooper, deputy director of cyber defense for the UK Cabinet Office, emphasized the importance of security fundamentals, collaboration, and diversity in his Black Hat Europe keynote talk.
π΄ Ransomware Makes Up Half of All Major Incidents π΄
π Read
via "Dark Reading".
Misconfigurations and lack of visibility allow attackers to compromise networks and monetize their intrusions, according to CrowdStrike's analysis of about 200 incidents.π Read
via "Dark Reading".
Dark Reading
Ransomware Makes Up Half of All Major Incidents
Misconfigurations and lack of visibility allow attackers to compromise networks and monetize their intrusions, according to CrowdStrike's analysis of about 200 incidents.
βΌ CVE-2020-29661 βΌ
π Read
via "National Vulnerability Database".
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7787 βΌ
π Read
via "National Vulnerability Database".
This affects all versions of package react-adal. It is possible for a specially crafted JWT token and request URL can cause the nonce, session and refresh values to be incorrectly validated, causing the application to treat an attacker-generated JWT token as authentic. The logical defect is caused by how the nonce, session and refresh values are stored in the browser local storage or session storage. Each key is automatically appended by ||. When the received nonce and session keys are generated, the list of values is stored in the browser storage, separated by ||, with || always appended to the end of the list. Since || will always be the last 2 characters of the stored values, an empty string ("") will always be in the list of the valid values. Therefore, if an empty session parameter is provided in the callback URL, and a specially-crafted JWT token contains an nonce value of "" (empty string), then adal.js will consider the JWT token as authentic.π Read
via "National Vulnerability Database".
βΌ CVE-2020-29659 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26835 βΌ
π Read
via "National Vulnerability Database".
SAP NetWeaver AS ABAP, versions - 740, 750, 751, 752, 753, 754 , does not sufficiently encode URL which allows an attacker to input malicious java script in the URL which could be executed in the browser resulting in Reflected Cross-Site Scripting (XSS) vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26836 βΌ
π Read
via "National Vulnerability Database".
SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the application URL and share it with the end user who could potentially become a victim of the attack.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26834 βΌ
π Read
via "National Vulnerability Database".
SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26829 βΌ
π Read
via "National Vulnerability Database".
SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. As result, an unauthenticated attacker can invoke certain functions that would otherwise be restricted to system administrators only, including access to system administration functions or shutting down the system completely.π Read
via "National Vulnerability Database".
βΌ CVE-2020-21009 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26260 βΌ
π Read
via "National Vulnerability Database".
BookStack is a platform for storing and organising information and documentation. In BookStack before version 0.30.5, a user with permissions to edit a page could set certain image URL's to manipulate functionality in the exporting system, which would allow them to make server side requests and/or have access to a wider scope of files within the BookStack file storage locations. The issue was addressed in BookStack v0.30.5. As a workaround, page edit permissions could be limited to only those that are trusted until you can upgrade.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26828 βΌ
π Read
via "National Vulnerability Database".
SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type. In some file types it is possible to enter formulas which can call external applications or execute scripts. The execution of a payload (script) on target machine could be used to steal and modify the data available in the spreadsheetπ Read
via "National Vulnerability Database".