π΄ Critical Vulnerability Patched in 'sudo' Utility for Unix-Like OSes π΄
π Read
via "Dark Reading".
Flaw exists in versions of sudo going back nearly 10 years; USCYBERCOM recommends organizations patch immediately.π Read
via "Dark Reading".
Dark Reading
Critical Vulnerability Patched in 'sudo' Utility for Unix-Like OSes
Flaw exists in versions of sudo going back nearly 10 years; USCYBERCOM recommends organizations patch immediately.
π΄ Intl. Law Enforcement Operation Disrupts Emotet Botnet π΄
π Read
via "Dark Reading".
Global law enforcement agencies have seized control of Emotet infrastructure, disrupting one of the world's most pervasive and dangerous cyber threats.π Read
via "Dark Reading".
Dark Reading
Intl. Law Enforcement Operation Disrupts Emotet Botnet
Global law enforcement agencies have seized control of Emotet infrastructure, disrupting one of the world's most pervasive and dangerous cyber threats.
βΌ CVE-2021-3331 βΌ
π Read
via "National Vulnerability Database".
WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. (For example, this is exploitable in a default installation in which WinSCP is the handler for sftp:// URLs.)π Read
via "National Vulnerability Database".
π΄ Data Privacy Day 2021: Pandemic Response Data Must Align with Data Privacy Rules π΄
π Read
via "Dark Reading".
Amid a pandemic, Data Privacy Day this year brings forth expanded responsibilities for organizations in the response to COVID-19.π Read
via "Dark Reading".
Dark Reading
Data Privacy Day 2021: Pandemic Response Data Must Align with Data Privacy Rules
Amid a pandemic, Data Privacy Day this year brings forth expanded responsibilities for organizations in the response to COVID-19.
βΌ CVE-2020-25785 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CFtpProtocol::FtpLogin during the update procedure.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25783 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated heap-based buffer overflow in the function CNetClientTalk::OprMsg during incoming message handling.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25784 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientGuard::SubOprMsg during incoming message handling.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25782 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientManage::ServerIP_Proto_Set during incoming message handling.π Read
via "National Vulnerability Database".
βΌ CVE-2020-0237 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26067 βΌ
π Read
via "National Vulnerability Database".
Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint. The affected versions are before version 7.2.2.π Read
via "National Vulnerability Database".
β Cybersecurity tips for university students β
π Read
via "Naked Security".
An informal survey of 15 students suggested that most were unconcerned about cybersecurity. Don't be one of them!π Read
via "Naked Security".
Naked Security
Cybersecurity tips for university students
An informal survey of 15 students suggested that most were unconcerned about cybersecurity. Donβt be one of them!
βΌ CVE-2021-20620 βΌ
π Read
via "National Vulnerability Database".
Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20622 βΌ
π Read
via "National Vulnerability Database".
Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5626 βΌ
π Read
via "National Vulnerability Database".
Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20621 βΌ
π Read
via "National Vulnerability Database".
Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.π Read
via "National Vulnerability Database".
β S3 Ep17: Facemasks, hidden ads and paranormal hacking [Podcast] β
π Read
via "Naked Security".
Latest podcast - listen now! And don't forget to leave us a review if you like us...π Read
via "Naked Security".
Naked Security
S3 Ep17: Facemasks, hidden ads and paranormal hacking [Podcast]
Latest podcast β listen now! And donβt forget to leave us a review if you like usβ¦
π Sifter 11.5 π
π Read
via "Packet Storm Security".
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.π Read
via "Packet Storm Security".
Packetstormsecurity
Sifter 11.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Digital Identity Is the New Security Control Plane π΄
π Read
via "Dark Reading".
Simplifying the management of security systems helps provide consistent protection for the new normal.π Read
via "Dark Reading".
Dark Reading
Digital Identity Is the New Security Control Plane
Simplifying the management of security systems helps provide consistent protection for the new normal.
π΄ Building Your Personal Privacy Risk Tolerance Profile π΄
π Read
via "Dark Reading".
Even today, on Data Privacy Day, privacy professionals give you permission to admit you actually love targeted ads.π Read
via "Dark Reading".
Dark Reading
Building Your Personal Privacy Risk Tolerance Profile
Even today, on Data Privacy Day, privacy professionals give you permission to admit you actually love targeted ads.
βΌ CVE-2020-4682 βΌ
π Read
via "National Vulnerability Database".
IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 186509.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4888 βΌ
π Read
via "National Vulnerability Database".
IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 190912.π Read
via "National Vulnerability Database".