🕴 CISA: SolarWinds Not the Only Initial Attack Vector in Massive Breach 🕴
📖 Read
via "Dark Reading".
Agency says it has "evidence of additional initial access vectors" besides SolarWinds' Orion software.📖 Read
via "Dark Reading".
Dark Reading
CISA: SolarWinds Not the Only Initial Attack Vector in Massive Breach
Agency says it has evidence of additional initial access vectors besides SolarWinds' Orion software.
🦿 How to quickly encrypt text for Apple Mail 🦿
📖 Read
via "Tech Republic".
Jack Wallen shows you how easy it can be to encrypt text to be sent via email, using Apple Mail and the GPG Suite.📖 Read
via "Tech Republic".
TechRepublic
How to quickly encrypt text for Apple Mail
Jack Wallen shows you how easy it can be to encrypt text to be sent via email, using Apple Mail and the GPG Suite.
❌ RubyGems Packages Laced with Bitcoin-Stealing Malware ❌
📖 Read
via "Threat Post".
Two malicious software building blocks that could be baked into web applications prey on unsuspecting users.📖 Read
via "Threat Post".
Threat Post
RubyGems Packages Laced with Bitcoin-Stealing Malware
Two malicious software building blocks that could be baked into web applications prey on unsuspecting users.
❌ Air-Gap Attack Turns Memory Modules into Wi-Fi Radios ❌
📖 Read
via "Threat Post".
Attack turns SDRAM buses into a Wi-Fi radio to leak data from air-gapped computers.📖 Read
via "Threat Post".
Threat Post
Air-Gap Attack Turns Memory Modules into Wi-Fi Radios
Attack turns SDRAM buses into a Wi-Fi radio to leak data from air-gapped computers.
‼ CVE-2020-15292 ‼
📖 Read
via "National Vulnerability Database".
Lack of validation on data read from guest memory in IntPeGetDirectory, IntPeParseUnwindData, IntLogExceptionRecord, IntKsymExpandSymbol and IntLixTaskDumpTree may lead to out-of-bounds read or it could cause DoS due to integer-overflor (IntPeGetDirectory), TOCTOU (IntPeParseUnwindData) or insufficient validations.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15294 ‼
📖 Read
via "National Vulnerability Database".
Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15293 ‼
📖 Read
via "National Vulnerability Database".
Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath due to insufficient guest-data input validation may lead to denial of service conditions.📖 Read
via "National Vulnerability Database".
❌ Police Vouch for Hacker Who Guessed Trump’s Twitter Password ❌
📖 Read
via "Threat Post".
No charges for Dutch ethical hacker Victor Gevers who prosecutors say did actually access Trump’s Twitter account by guessing his password, “MAGA2020!” last October.📖 Read
via "Threat Post".
Threat Post
Police Vouch for Hacker Who Guessed Trump’s Twitter Password
No charges for Dutch ethical hacker Victor Gevers who prosecutors say did actually access Trump’s Twitter account by guessing his password, “MAGA2020!” last October.
🕴 XDR 101: What's the Big Deal About Extended Detection & Response? 🕴
📖 Read
via "Dark Reading".
Extended Detection and Response (XDR) could be the security management technology of your dreams...or not. What makes this technical 'evolution' so interesting to so many companies?📖 Read
via "Dark Reading".
Dark Reading
XDR 101: What's the Big Deal About Extended Detection & Response?
Extended Detection and Response (XDR) could be the security management technology of your dreams...or not. What makes this technical 'evolution' so interesting to so many companies?
🦿 How using tactical literacy makes it harder for cybercriminals to fool end users 🦿
📖 Read
via "Tech Republic".
End users just want to do their job, not become cybersecurity experts. When providing users with cybersecurity help, keep these tips in mind.📖 Read
via "Tech Republic".
TechRepublic
How using tactical literacy makes it harder for cybercriminals to fool end users
End users just want to do their job, not become cybersecurity experts. When providing users with cybersecurity help, keep these tips in mind.
‼ CVE-2020-35491 ‼
📖 Read
via "National Vulnerability Database".
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-4845 (security_key_lifecycle_manager) ‼
📖 Read
via "National Vulnerability Database".
IBM Security Key Lifecycle Manager 3.0.1 and 4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190289.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-35489 ‼
📖 Read
via "National Vulnerability Database".
The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-35545 ‼
📖 Read
via "National Vulnerability Database".
Time-based SQL injection exists in Spotweb 1.4.9 via the query string.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-35490 ‼
📖 Read
via "National Vulnerability Database".
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26276 ‼
📖 Read
via "National Vulnerability Database".
Fleet is an open source osquery manager. In Fleet before version 3.5.1, due to issues in Go's standard library XML parsing, a valid SAML response may be mutated by an attacker to modify the trusted document. This can result in allowing unverified logins from a SAML IdP. Users that configure Fleet with SSO login may be vulnerable to this issue. This issue is patched in 3.5.1. The fix was made using https://github.com/mattermost/xml-roundtrip-validator If upgrade to 3.5.1 is not possible, users should disable SSO authentication in Fleet.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-4846 (security_key_lifecycle_manager) ‼
📖 Read
via "National Vulnerability Database".
IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190290.📖 Read
via "National Vulnerability Database".
❌ Nuclear Weapons Agency Hacked in Widening Cyberattack – Report ❌
📖 Read
via "Threat Post".
Sources said the DoE suffered "damage" in the attack, which also likely extends beyond the initially known SolarWinds Orion attack vector.📖 Read
via "Threat Post".
Threat Post
Nuclear Weapons Agency Hacked in Widening Cyberattack
The DoE suffered "damage" in the attack, which also likely extends beyond the initially known SolarWinds Orion attack vector.
❌ How to Increase Your Security Posture with Fewer Resources ❌
📖 Read
via "Threat Post".
Plixer's Justin Jett, Compliance & Audit director, discusses how to do more with less when your security resources are thin.📖 Read
via "Threat Post".
Threat Post
How to Increase Your Security Posture with Fewer Resources
Plixer's Justin Jett, Compliance & Audit director, discusses how to prioritize when your security resources are thin.
‼ CVE-2020-8465 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-8464 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normally have access.📖 Read
via "National Vulnerability Database".