βΌ CVE-2020-8919 βΌ
π Read
via "National Vulnerability Database".
An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access.π Read
via "National Vulnerability Database".
π΄ Black Hat Europe: Dark Reading Video News Desk Coverage π΄
π Read
via "Dark Reading".
Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe.π Read
via "Dark Reading".
Dark Reading
Black Hat Europe: Dark Reading Video News Desk Coverage
Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe.
π΄ Google Shares Cloud Security Tips π΄
π Read
via "Dark Reading".
Anton Chuvakin, head of solution strategy at Google Cloud Security, discusses common cloud security hurdles and how to get over them.π Read
via "Dark Reading".
Dark Reading
Google Shares Cloud Security Tips
Anton Chuvakin, head of solution strategy at Google Cloud Security, discusses common cloud security hurdles and how to get over them.
β Cyber Monday is Every Monday: Securing the βNew Normalβ β
π Read
via "Threat Post".
From eCommerce threats, to security concerns in connected speakers, Fortinet researchers discuss the top evolving threats of 2020, heading into the new year.π Read
via "Threat Post".
Threat Post
Cyber Monday is Every Monday: Securing the βNew Normalβ
From eCommerce threats, to attacks at the smart edge, Fortinet researchers discuss the top evolving threats of 2020, heading into the new year.
β S3 Ep10: Hacking iPhones, sunken Enigmas and double scams [Podcast] β
π Read
via "Naked Security".
Latest episode - listen now, and please tell your friends about our podcast.π Read
via "Naked Security".
Naked Security
S3 Ep10: Hacking iPhones, sunken Enigmas and double scams [Podcast]
Latest episode β listen now, and please tell your friends about our podcast.
π΄ The Line Between Physical Security & Cybersecurity Blurs as World Gets More Digital π΄
π Read
via "Dark Reading".
Security teams are being challenged by the connected nature of IP devices, and preventing them from being compromised by cybercriminals has become an essential part of keeping people and property safe.π Read
via "Dark Reading".
Dark Reading
The Line Between Physical Security & Cybersecurity Blurs as World Gets More Digital
Security teams are being challenged by the connected nature of IP devices, and preventing them from being compromised by cybercriminals has become an essential part of keeping people and property safe.
π Wireshark Analyzer 3.4.1 π
π Read
via "Packet Storm Security".
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Wireshark Analyzer 3.4.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ 85,000 MySQL Servers Hit in Active Ransomware Campaign π΄
π Read
via "Dark Reading".
Attackers pressure victims into paying ransom by publishing and offering for sale data stolen in a campaign that dates back to January.π Read
via "Dark Reading".
Dark Reading
85,000 MySQL Servers Hit in Active Ransomware Campaign
Attackers pressure victims into paying ransom by publishing and offering for sale data stolen in a campaign that dates back to January.
β Critical Cisco Jabber Bug Gets Updated Fix β
π Read
via "Threat Post".
A series of bugs, patched in September, still allow remote code execution by attackers.π Read
via "Threat Post".
Threat Post
Zero-Click Wormable RCE Vulnerability in Cisco Jabber Gets Fixed, Again
A series of bugs, patched in September, still allow remote code execution by attackers.
β PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers β
π Read
via "Threat Post".
Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases.π Read
via "Threat Post".
Threat Post
PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers
Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases.
π¦Ώ Privacy risks persist with DIY COVID-19 contact tracing apps π¦Ώ
π Read
via "Tech Republic".
Do-it-yourself apps that don't use the official API from Apple and Google raised privacy concerns due to unsecure design, says Guardsquare.π Read
via "Tech Republic".
TechRepublic
Privacy risks persist with DIY COVID-19 contact tracing apps
Do-it-yourself apps that don't use the official API from Apple and Google raised privacy concerns due to unsecure design, says Guardsquare.
π΄ 51% of Edge Readers Plan to Pursue New Cybersecurity Certification in 2021 π΄
π Read
via "Dark Reading".
Demands of the "new normal" won't stop the majority of poll-takers from mastering new skills.π Read
via "Dark Reading".
Dark Reading
The Edge
Demands of the new normal won't stop the majority of poll-takers from mastering new skills.
β MoleRats APT Returns with Espionage Play Using Facebook, Dropbox β
π Read
via "Threat Post".
The threat group is increasing its espionage activity in light of the current political climate and recent events in the Middle East, with two new backdoors.π Read
via "Threat Post".
Threat Post
MoleRats APT Returns with Espionage Play Using Facebook, Dropbox
The threat group is increasing its espionage activity in light of the current political climate and recent events in the Middle East, with two new backdoors.
π¦Ώ 4 security bugs discovered in games on Valve's Steam platform π¦Ώ
π Read
via "Tech Republic".
The vulnerabilities in Counter Strike: Global Defensive, Dota2, and Half Life could have allowed hackers to crash the games and hijack computers, according to Check Point.π Read
via "Tech Republic".
TechRepublic
4 security bugs discovered in games on Valve's Steam platform
The vulnerabilities in Counter Strike: Global Defensive, Dota2, and Half Life could have allowed hackers to crash the games and hijack computers, according to Check Point.
π¦Ώ How to install fail2ban on Fedora 33 for protection against unwanted logins π¦Ώ
π Read
via "Tech Republic".
Jack Wallen shows you how to install and configure fail2ban on the latest release of Fedora Linux.π Read
via "Tech Republic".
TechRepublic
How to install fail2ban on Fedora 33 for protection against unwanted logins
Jack Wallen shows you how to install and configure fail2ban on the latest release of Fedora Linux.
π¦Ώ How phishing attacks continue to exploit COVID-19 π¦Ώ
π Read
via "Tech Republic".
These phishing emails promise compensation, test results, and other lures about the coronavirus to trick unsuspecting users, says Armorblox.π Read
via "Tech Republic".
TechRepublic
How phishing attacks continue to exploit COVID-19
These phishing emails promise compensation, test results, and other lures about the coronavirus to trick unsuspecting users, says Armorblox.
β Misery of Ransomware Hits Hospitals the Hardest β
π Read
via "Threat Post".
Ransomware attacks targeting hospitals have exacted a human cost as well as financial.π Read
via "Threat Post".
Threat Post
Misery of Ransomware Hits Hospitals the Hardest
Ransomware attacks targeting hospitals have exacted a human cost as well as financial.
βΌ CVE-2020-8920 βΌ
π Read
via "National Vulnerability Database".
An information leak vulnerability exists in Gerrit versions prior to 2.14.22, 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where an overoptimization with the FilteredRepository wrapper skips the verification of access on All-Users repositories, allowing an attacker to get read access to all users' personal information associated with their accounts.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8919 βΌ
π Read
via "National Vulnerability Database".
An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access.π Read
via "National Vulnerability Database".
π΄ Black Hat Europe: Dark Reading Video News Desk Coverage π΄
π Read
via "Dark Reading".
Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe.π Read
via "Dark Reading".
Dark Reading
Black Hat Europe: Dark Reading Video News Desk Coverage
Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe.