‼ CVE-2020-18568 ‼
📖 Read
via "National Vulnerability Database".
The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection vulnerability, which can cause remote command execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25506 ‼
📖 Read
via "National Vulnerability Database".
D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution.📖 Read
via "National Vulnerability Database".
⚠ Naked Security Live – What if my password manager gets hacked? ⚠
📖 Read
via "Naked Security".
Our latest Naked Security Live talk - watch now!📖 Read
via "Naked Security".
Naked Security
Naked Security Live – What if my password manager gets hacked?
Our latest Naked Security Live talk – watch now!
🕴 Fighting Fileless Malware, Part 1: What Is It? 🕴
📖 Read
via "Dark Reading".
Despite multiple layers of protection, fileless malware cyberattacks remain rampant and difficult to defeat. In this, the first of The Edge's three-part series about the cyberthreat and how to fight back, you'll learn what fileless malware is and why it's so dangerous.📖 Read
via "Dark Reading".
🛠 SQLMAP - Automatic SQL Injection Tool 1.5.2 🛠
📖 Read
via "Packet Storm Security".
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.📖 Read
via "Packet Storm Security".
Packetstormsecurity
SQLMAP - Automatic SQL Injection Tool 1.5.2 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
‼ CVE-2020-4934 ‼
📖 Read
via "National Vulnerability Database".
IBM Content Navigator 3.0.CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 191752.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25310 ‼
📖 Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. This occurs in do_upgrade_post in mini_httpd. NOTE: This vulnerability only affects products that are no longer supported by the maintainer📖 Read
via "National Vulnerability Database".
🕴 SonicWall Confirms Zero-Day Vulnerability 🕴
📖 Read
via "Dark Reading".
The confirmation arrives as researchers with NCC Group detect a SonicWall zero-day flaw under active attack.📖 Read
via "Dark Reading".
Darkreading
SonicWall Confirms Zero-Day Vulnerability
The confirmation arrives as researchers with NCC Group detect a SonicWall zero-day flaw under active attack.
🕴 Attackers Continue to Nibble at Apple's iOS Security 🕴
📖 Read
via "Dark Reading".
For the second time in less than three months, Apple has patched vulnerabilities in the software for iPhone and iPad, warning that the issues are already being targeted by attackers.📖 Read
via "Dark Reading".
Dark Reading
Attackers Continue to Nibble at Apple's iOS Security
For the second time in less than three months, Apple has patched vulnerabilities in the software for iPhone and iPad, warning that the issues are already being targeted by attackers.
❌ Magento Web Skimmers Piggyback in Ongoing Costway Website Compromise ❌
📖 Read
via "Threat Post".
An e-commerce credit-card skimmer is being used by a second skimmer to steal payment data - and both are on Costway's website.📖 Read
via "Threat Post".
Threat Post
Magento Web Skimmers Piggyback in Ongoing Costway Website Compromise
An e-commerce credit-card skimmer is being used by a second skimmer to steal payment data - and both are on Costway's website.
❌ Tiny Kobalos Malware Bedevils Supercomputers to Steal Logins ❌
📖 Read
via "Threat Post".
The sophisticated backdoor steals SSH credentials for servers in academic and scientific high-performance computing clusters.📖 Read
via "Threat Post".
Threat Post
Tiny Kobalos Malware Bedevils Supercomputers to Steal Logins
The sophisticated backdoor steals SSH credentials for servers in academic and scientific high-performance computing clusters.
🕴 RF Enables Takeover of Hostile Drones 🕴
📖 Read
via "Dark Reading".
Tempting as it may be to blast drones out of the sky, a less aggressive approach may yield better data about attackers - and keep bystanders safe.📖 Read
via "Dark Reading".
Dark Reading
RF Enables Takeover of Hostile Drones
Tempting as it may be to blast drones out of the sky, a less aggressive approach may yield better data about attackers - and keep bystanders safe.
❌ Crypto Crook Hired Steven Seagal to Promote Scam, Now Faces Charges ❌
📖 Read
via "Threat Post".
Feds charged California-based private detective for stealing $11M from investors, with help from actor Steven Seagal.📖 Read
via "Threat Post".
Threat Post
Crypto Crook Hired Steven Seagal to Promote Scam, Now Faces Charges
Feds charged California-based private detective for stealing $11M from investors, with help from actor Steven Seagal.
‼ CVE-2019-25018 ‼
📖 Read
via "National Vulnerability Database".
In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-21285 ‼
📖 Read
via "National Vulnerability Database".
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15097 ‼
📖 Read
via "National Vulnerability Database".
loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server contains a search index and a peer-to-peer index sharing interface. All messages are stored in an elasticsearch index. In loklak less than or equal to commit 5f48476, a path traversal vulnerability exists. Insufficient input validation in the APIs exposed by the loklak server allowed a directory traversal vulnerability. Any admin configuration and files readable by the app available on the hosted file system can be retrieved by the attacker. Furthermore, user-controlled content could be written to any admin config and files readable by the application. This has been patched in commit 50dd692. Users will need to upgrade their hosted instances of loklak to not be vulnerable to this exploit.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-21284 ‼
📖 Read
via "National Vulnerability Database".
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can modify files under "/var/lib/docker/<remapping>" that cause writing files with extended privileges. Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-25017 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious rcp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rcp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). This issue is similar to CVE-2019-6111 and CVE-2019-7283. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.📖 Read
via "National Vulnerability Database".
🔏 U.S. Intelligence Community Warns About China Collecting Healthcare Data 🔏
📖 Read
via "Digital Guardian".
China's voracious collection of U.S. healthcare data, including DNA, can pose a national security risk, not to mention harm the privacy of Americans.📖 Read
via "Digital Guardian".
Digital Guardian
U.S. Intelligence Community Warns About China Collecting Healthcare Data
China's voracious collection of U.S. healthcare data, including DNA, can pose a national security risk, not to mention harm the privacy of Americans.
‼ CVE-2020-7775 ‼
📖 Read
via "National Vulnerability Database".
This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js.📖 Read
via "National Vulnerability Database".