🕴 Why Secure Email Gateways Rewrite Links (and Why They Shouldn't) 🕴
📖 Read
via "Dark Reading".
Redirecting a user to a trusted server buys a secure email gateway company some time while it decides whether a URL is malicious -- but there are avoidable drawbacks to this approach.📖 Read
via "Dark Reading".
Dark Reading
Why Secure Email Gateways Rewrite Links (and Why They Shouldn't)
Redirecting a user to a trusted server buys a secure email gateway company some time while it decides whether a URL is malicious -- but there are avoidable drawbacks to this approach.
🕴 SSO and MFA Are Only Half Your Identity Governance Strategy 🕴
📖 Read
via "Dark Reading".
We need better ways to manage user identities for accessing applications, especially given the strain it places on overworked IT and security teams.📖 Read
via "Dark Reading".
Dark Reading
SSO and MFA Are Only Half Your Identity Governance Strategy
We need better ways to manage user identities for accessing applications, especially given the strain it places on overworked IT and security teams.
‼ CVE-2020-25617 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in SolarWinds N-Central 12.3.0.670. The AdvancedScripts HTTP endpoint allows Relative Path Traversal by an authenticated user of the N-Central Administration Console (NAC), leading to execution of OS commands as root.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29363 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29362 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25619 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in SolarWinds N-Central 12.3.0.670. The SSH component does not restrict the Communication Channel to Intended Endpoints. An attacker can leverage an SSH feature (port forwarding with a temporary key pair) to access network services on the 127.0.0.1 interface, even though this feature was only intended for user-to-agent communication.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-29361 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25618 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in SolarWinds N-Central 12.3.0.670. The sudo configuration has incorrect access control because the nable web user account is effectively able to run arbitrary OS commands as root (i.e., the use of root privileges is not limited to specific programs listed in the sudoers file).📖 Read
via "National Vulnerability Database".
🦿 Social engineering: How psychology and employees can be part of the solution 🦿
📖 Read
via "Tech Republic".
Social engineering is allowing cybercriminals the way in. Learn how to lock that door.📖 Read
via "Tech Republic".
TechRepublic
Social engineering: How psychology and employees can be part of the solution
Social engineering is allowing cybercriminals the way in. Learn how to lock that door.
❌ Sextortionist Campaign Targets iOS, Android Users with New Spyware ❌
📖 Read
via "Threat Post".
Goontact lures users of illicit sites through Telegram and other secure messaging apps and steals their information for future fraudulent use.📖 Read
via "Threat Post".
Threat Post
Sextortionist Campaign Targets iOS, Android Users with New Spyware
Goontact lures users of illicit sites through Telegram and other secure messaging apps and steals their information for future fraudulent use.
🕴 Patching Still Poses Problems for Industrial Controllers, Networking Devices 🕴
📖 Read
via "Dark Reading".
More than 90% of devices that run the popular VxWorks embedded operating system remain vulnerable to critical flaws disclosed more than a year ago.📖 Read
via "Dark Reading".
Dark Reading
Patching Still Poses Problems for Industrial Controllers, Networking Devices
More than 90% of devices that run the popular VxWorks embedded operating system remain vulnerable to critical flaws disclosed more than a year ago.
❌ The SolarWinds Perfect Storm: Default Password, Access Sales and More ❌
📖 Read
via "Threat Post".
Meanwhile, Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack.📖 Read
via "Threat Post".
Threat Post
The SolarWinds Perfect Storm: Default Password, Access Sales and More
Meanwhile, FireEye has found a kill switch, and Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack.
‼ CVE-2020-29607 ‼
📖 Read
via "National Vulnerability Database".
A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the "manage files" functionality, which may result in remote code execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-14483 ‼
📖 Read
via "National Vulnerability Database".
AdRem NetCrunch 10.6.0.4587 allows Credentials Disclosure. Every user can read the BSD, Linux, MacOS and Solaris private keys, private keys' passwords, and root passwords stored in the credential manager. Every administrator can read the ESX and Windows passwords stored in the credential manager.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-14477 ‼
📖 Read
via "National Vulnerability Database".
AdRem NetCrunch 10.6.0.4587 has Improper Credential Storage since the internal user database is readable by low-privileged users and passwords in the database are weakly encoded or encrypted.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-14482 ‼
📖 Read
via "National Vulnerability Database".
AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web client. The same hardcoded SSL private key is used across different customers' installations when no other SSL certificate is installed, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-14480 ‼
📖 Read
via "National Vulnerability Database".
AdRem NetCrunch 10.6.0.4587 has an Improper Session Handling vulnerability in the NetCrunch web client, which can lead to an authentication bypass or escalation of privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25621 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in SolarWinds N-Central 12.3.0.670. The local database does not require authentication: security is only based on ability to access a network interface. The database has keys and passwords.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-5360 ‼
📖 Read
via "National Vulnerability Database".
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25620 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by default for local user accounts named support@n-able.com and nableadmin@n-able.com. These allow logins to the N-Central Administrative Console (NAC) and/or the regular web interface.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-14248 ‼
📖 Read
via "National Vulnerability Database".
BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.📖 Read
via "National Vulnerability Database".