βΌ CVE-2020-35197 βΌ
π Read
via "National Vulnerability Database".
The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user. System using the memcached docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35453 βΌ
π Read
via "National Vulnerability Database".
HashiCorp Vault EnterpriseΓ’β¬β’s Sentinel EGP policy feature incorrectly allowed requests to be processed in parent and sibling namespaces. Fixed in 1.5.6 and 1.6.1.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35177 βΌ
π Read
via "National Vulnerability Database".
HashiCorp Vault and Vault Enterprise allowed the enumeration of users via the LDAP auth method. Fixed in 1.5.6 and 1.6.1.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35196 βΌ
π Read
via "National Vulnerability Database".
The official rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user. System using the rabbitmq docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35186 βΌ
π Read
via "National Vulnerability Database".
The official adminer docker images before 4.7.0-fastcgi contain a blank password for a root user. System using the adminer docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25011 βΌ
π Read
via "National Vulnerability Database".
A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35184 βΌ
π Read
via "National Vulnerability Database".
The official composer docker images before 1.8.3 contain a blank password for a root user. System using the composer docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27199 βΌ
π Read
via "National Vulnerability Database".
The Magic Home Pro application 1.5.1 for Android allows Authentication Bypass. The security control that the application currently has in place is a simple Username and Password authentication function. Using enumeration, an attacker is able to forge a User specific token without the need for correct password to gain access to the mobile application as that victim user.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25095 βΌ
π Read
via "National Vulnerability Database".
LogRhythm Platform Manager (PM) 7.4.9 allows CSRF. The Web interface is vulnerable to Cross-site WebSocket Hijacking (CSWH). If a logged-in PM user visits a malicious site in the same browser session, that site can perform a CSRF attack to create a WebSocket from the victim client to the vulnerable PM server. Once the socket is created, the malicious site can interact with the vulnerable web server in the context of the logged-in user. This can include WebSocket payloads that result in command execution.π Read
via "National Vulnerability Database".
βΌ CVE-2020-29436 βΌ
π Read
via "National Vulnerability Database".
Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35195 βΌ
π Read
via "National Vulnerability Database".
The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank password for a root user. System using the haproxy docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25094 βΌ
π Read
via "National Vulnerability Database".
LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart Response agent installed. By default, the commands are run with LocalSystem privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25010 βΌ
π Read
via "National Vulnerability Database".
An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an instruction to write a file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35188 βΌ
π Read
via "National Vulnerability Database".
The official chronograf docker images before 1.7.7-alpine (Alpine specific) contain a blank password for a root user. System using the chronograf docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25096 βΌ
π Read
via "National Vulnerability Database".
LogRhythm Platform Manager (PM) 7.4.9 has Incorrect Access Control. Users within LogRhythm can be delegated different roles and privileges, intended to limit what data and services they can interact with. However, no access control is enforced for WebSocket-based communication to the PM application server, which will forward requests to any configured back-end server, regardless of whether the user's access rights should permit this. As a result, even the most low-privileged user can interact with any back-end component that has a LogRhythm agent installed.π Read
via "National Vulnerability Database".
π¦Ώ Phone scammers were able to get 270% more personal information in 2020 than in 2019 π¦Ώ
π Read
via "Tech Republic".
The COVID-19 crisis enabled scammers to take advantage of the guileless, as bad actors were able to extract personal information from targets, according to a new report from First Orion.π Read
via "Tech Republic".
TechRepublic
Phone scammers were able to get 270% more personal information in 2020 than in 2019
The COVID-19 crisis enabled scammers to take advantage of the guileless, as bad actors were able to extract personal information from targets, according to a new report from First Orion.
β S3 Ep11: DIY phishes, sandwich scams and vaccine hacking [Podcast] β
π Read
via "Naked Security".
Here's the latest podcast - listen now!π Read
via "Naked Security".
Naked Security
S3 Ep11: DIY phishes, sandwich scams and vaccine hacking [Podcast]
Hereβs the latest podcast β listen now!
π΄ VPNs, MFA & the Realities of Remote Work π΄
π Read
via "Dark Reading".
The work-from-home-era is accelerating cloud-native service adoption.π Read
via "Dark Reading".
Dark Reading
VPNs, MFA & the Realities of Remote Work
The work-from-home-era is accelerating cloud-native service adoption.
β When zombie malware leads to big-money ransomware attacks β
π Read
via "Naked Security".
SophosLabs investigates SystemBC, a malware utility for launching fileless malware attacks, including big-money ransomware.π Read
via "Naked Security".
Naked Security
When zombie malware leads to big-money ransomware attacks
SophosLabs investigates SystemBC, a malware utility for launching fileless malware attacks, including big-money ransomware.
π¦Ώ How to protect your organization following the SolarWinds compromise π¦Ώ
π Read
via "Tech Republic".
Whether your organization uses the vulnerable SolarWinds software or you want to defend yourself against similar exploits, here are recommendations from four sources.π Read
via "Tech Republic".
TechRepublic
How to protect your organization following the SolarWinds compromise
Whether your organization uses the vulnerable SolarWinds software or you want to defend yourself against similar exploits, here are recommendations from four sources.
β 3M Users Targeted by Malicious Facebook, Insta Browser Add-Ons β
π Read
via "Threat Post".
Researchers identify malware existing in popular add-ons for Facebook, Vimeo, Instagram and others that are commonly used in browsers from Google and Microsoft.π Read
via "Threat Post".
Threat Post
3M Users Targeted by Malicious Facebook, Insta Browser Add-Ons
Researchers identify malware existing in popular add-ons for Facebook, Vimeo, Instagram and others that are commonly used in browsers from Google and Microsoft.