βΌ CVE-2020-8569 βΌ
π Read
via "National Vulnerability Database".
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes, is automatically restarted by Kubernetes, and processes the same VolumeSnapshot custom resource after the restart, entering an endless crashloop. Only the volume snapshot feature is affected by this vulnerability. When exploited, users canΓΒ’Γ’β¬ÒβΒ’t take snapshots of their volumes or delete the snapshots. All other Kubernetes functionality is not affected.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8554 βΌ
π Read
via "National Vulnerability Database".
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8570 βΌ
π Read
via "National Vulnerability Database".
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executing the client code.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8568 βΌ
π Read
via "National Vulnerability Database".
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that contain other Kubernetes Secrets.π Read
via "National Vulnerability Database".
β Einstein Healthcare Network Announces August Breach β
π Read
via "Threat Post".
Einstein is in violation of the the HHS 60-day breach notification rule, but unlikely to face penalty.π Read
via "Threat Post".
Threat Post
Einstein Healthcare Network Announces August Breach
Einstein is in violation of the the HHS 60-day breach notification rule, but unlikely to face penalty.
β SQL Server Malware Tied to Iranian Software Firm, Researchers Allege β
π Read
via "Threat Post".
Researchers have traced the origins of a campaign - infecting SQL servers to mine cryptocurrency - back to an Iranian software firm.π Read
via "Threat Post".
Threat Post
SQL Server Malware Tied to Iranian Software Firm, Researchers Allege
Researchers have traced the origins of a campaign - infecting SQL servers to mine cryptocurrency - back to an Iranian software firm.
π¦Ώ 2020 sees huge increase in records exposed in data breaches π¦Ώ
π Read
via "Tech Republic".
The number of breaches may have fallen, but the number of exposed records hit a high not seen since 2005, says Risk Based Security.π Read
via "Tech Republic".
π EDPB Issues Draft Guidelines for Data Breach Notifications π
π Read
via "Digital Guardian".
The guidelines are supposed to help data controllers when it comes to deciding how to handle data breaches and what factors to consider during risk assessment.π Read
via "Digital Guardian".
Digital Guardian
EDPB Issues Draft Guidelines for Data Breach Notifications
The guidelines are supposed to help data controllers when it comes to deciding how to handle data breaches and what factors to consider during risk assessment.
π΄ Attackers Leave Stolen Credentials Searchable on Google π΄
π Read
via "Dark Reading".
Operators behind a global phishing campaign inadvertently left thousands of stolen credentials accessible via Google Search.π Read
via "Dark Reading".
Dark Reading
Attackers Leave Stolen Credentials Searchable on Google
Operators behind a global phishing campaign inadvertently left thousands of stolen credentials accessible via Google Search.
π¦Ώ Google: How and when to change your password π¦Ώ
π Read
via "Tech Republic".
If you've ever been tempted to change your Google account password, but weren't sure how, don't let that confusion stop you. Jack Wallen walks you through the process.π Read
via "Tech Republic".
TechRepublic
How and when to change your Google password
If you've ever been tempted to change your Google account password, but weren't sure how, don't let that confusion stop you. Jack Wallen walks you through the process.
π΄ Breach Data Shows Attackers Switched Gears in 2020 π΄
π Read
via "Dark Reading".
Attackers focused more on ransomware, while the consolidation of data into large databases led to fewer reported breaches but more records leaked.π Read
via "Dark Reading".
Dark Reading
Breach Data Shows Attackers Switched Gears in 2020
Attackers focused more on ransomware, while the consolidation of data into large databases led to fewer reported breaches but more records leaked.
π΄ DreamBus, FreakOut Botnets Pose New Threat to Linux Systems π΄
π Read
via "Dark Reading".
Researchers from Zscaler and Check Point describe botnets as designed for DDoS attacks, cryptocurrency mining, and other malicious purposes.π Read
via "Dark Reading".
Dark Reading
DreamBus, FreakOut Botnets Pose New Threat to Linux Systems
Researchers from Zscaler and Check Point describe botnets as designed for DDoS attacks, cryptocurrency mining, and other malicious purposes.
π¦Ώ These Microsoft tools help you reduce, remove or lock down admin access to improve security π¦Ώ
π Read
via "Tech Republic".
The SolarWinds compromise means you can no longer put off privileged account management.π Read
via "Tech Republic".
TechRepublic
These Microsoft tools help you reduce, remove or lock down admin access to improve security
The SolarWinds compromise means you can no longer put off privileged account management.
π¦Ώ Bosses are using monitoring software to keep tabs on working at home. Privacy rules aren't keeping up π¦Ώ
π Read
via "Tech Republic".
Worker's union Prospect warned that the UK was at risk of 'sleepwalking into a world of surveillance' as more businesses turn to digital tools to keep tabs on remote workers.π Read
via "Tech Republic".
TechRepublic
Bosses are using monitoring software to keep tabs on working at home. Privacy rules aren't keeping up
Professionals union Prospect warned that the UK was at risk of 'sleepwalking into a world of surveillance' as more businesses turn to digital tools to keep tabs on remote workers.
β Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks β
π Read
via "Threat Post".
Netscout researchers identify more than 14,000 existing servers that can be abused by βthe general attack populationβ to flood organizationsβ networks with traffic.π Read
via "Threat Post".
Threat Post
Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks
Netscout researchers identify more than 14,000 existing servers that can be abused by βthe general attack populationβ to flood organizationsβ networks with traffic.
β US administration adds βsubliminalβ ad to White House website β
π Read
via "Naked Security".
Hiding digital "secrets" where they're supposed to be found is good fun. Just don't hide actual secrets and hope no one will notice!π Read
via "Naked Security".
Naked Security
US administration adds βsubliminalβ ad to White House website
Hiding digital βsecretsβ where theyβre supposed to be found is good fun. Just donβt hide actual secrets and hope no one will notice!
π¦Ώ The new Microsoft Edge browser will warn you if your password has been leaked online π¦Ώ
π Read
via "Tech Republic".
The new Edge 88 browser includes tough new security features, including a password generator and a tool for monitoring whether your login details have been exposed to the dark web.π Read
via "Tech Republic".
TechRepublic
The new Microsoft Edge browser will warn you if your password has been leaked online
The new Edge 88 browser includes tough new security features, including a password generator and a tool for monitoring whether your login details have been exposed to the dark web.
π΄ Why North Korea Excels in Cybercrime π΄
π Read
via "Dark Reading".
North Korea is laser-focused on boosting its cyber capabilities, and it's doing a remarkable job of it.π Read
via "Dark Reading".
Dark Reading
Why North Korea Excels in Cybercrime
North Korea is laser-focused on boosting its cyber capabilities, and it's doing a remarkable job of it.
π Friday Five 1/22 π
π Read
via "Digital Guardian".
Copycats, searchable phishing campaigns, and cybersecurity policy in the new administration - catch up on all of the week's infosec news with the Friday Five!π Read
via "Digital Guardian".
Digital Guardian
Friday Five 1/22
Copycats, searchable phishing campaigns, and cybersecurity policy in the new administration - catch up on all of the week's infosec news with the Friday Five!
βΌ CVE-2020-28488 βΌ
π Read
via "National Vulnerability Database".
This affects all versions of package jquery-ui; all versions of package org.fujion.webjars:jquery-ui. When the "dialog" is injected into an HTML tag more than once, the browser and the application may crash.π Read
via "National Vulnerability Database".
β Ransomware Attackers Publish 4K Private Scottish Gov Agency Files β
π Read
via "Threat Post".
Up to 4,000 stolen files have been released by hackers who launched a ransomware attack against the Scottish Environmental Protection Agency on Christmas Eve.π Read
via "Threat Post".
Threat Post
Ransomware Attackers Publish 4K Private Scottish Gov Agency Files
Up to 4,000 stolen files have been released by hackers who launched a ransomware attack against the Scottish Environmental Protection Agency on Christmas Eve.