🕴 FBI, CISA, MS-ISAC: Cybercriminals Increasingly Attacking K-12 Distance Learning 🕴
📖 Read
via "Dark Reading".
Ransomware attacks reported against US K-12 schools jumped from 28% in January through July to 57% in August and September.📖 Read
via "Dark Reading".
Dark Reading
FBI, CISA, MS-ISAC: Cybercriminals Increasingly Attacking K-12 Distance Learning
Ransomware attacks reported against US K-12 schools jumped from 28% in January through July to 57% in August and September.
‼ CVE-2020-13986 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15375 ‼
📖 Read
via "National Vulnerability Database".
Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked. The vulnerability could allow a local authenticated user to run arbitrary commands and perform escalation of privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13984 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13988 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13985 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15376 ‼
📖 Read
via "National Vulnerability Database".
Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated with any groups.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13987 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26421 ‼
📖 Read
via "National Vulnerability Database".
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27713 ‼
📖 Read
via "National Vulnerability Database".
In certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26418 ‼
📖 Read
via "National Vulnerability Database".
Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-35149 ‼
📖 Read
via "National Vulnerability Database".
lib/utils.js in mquery before 3.2.3 allows a pollution attack because a special property (e.g., __proto__) can be copied during a merge or clone operation.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29455 ‼
📖 Read
via "National Vulnerability Database".
A cross-Site Scripting (XSS) vulnerability in this.showInvalid and this.showInvalidCountry in SmartyStreets liveAddressPlugin.js 3.2 allows remote attackers to inject arbitrary web script or HTML via any address parameter (e.g., street or country).📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27730 ‼
📖 Read
via "National Vulnerability Database".
In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26419 ‼
📖 Read
via "National Vulnerability Database".
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-5949 ‼
📖 Read
via "National Vulnerability Database".
On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-5950 ‼
📖 Read
via "National Vulnerability Database".
On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-5948 ‼
📖 Read
via "National Vulnerability Database".
On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-19165 ‼
📖 Read
via "National Vulnerability Database".
PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevel_id=1 userlevel_id[] parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26420 ‼
📖 Read
via "National Vulnerability Database".
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.📖 Read
via "National Vulnerability Database".
🕴 FBI, CISA, MS-ISAC: Cybercriminals Increasingly Attacking K-12 Distance Learning 🕴
📖 Read
via "Dark Reading".
Ransomware attacks reported against US K-12 schools jumped from 28% in January through July to 57% in August and September.📖 Read
via "Dark Reading".
Dark Reading
FBI, CISA, MS-ISAC: Cybercriminals Increasingly Attacking K-12 Distance Learning
Ransomware attacks reported against US K-12 schools jumped from 28% in January through July to 57% in August and September.