ATENTIONβΌ New - CVE-2018-10959
π Read
via "National Vulnerability Database".
Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-11430
π Read
via "National Vulnerability Database".
OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-11429
π Read
via "National Vulnerability Database".
Clever saml2-js 2.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-11428
π Read
via "National Vulnerability Database".
OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-11427
π Read
via "National Vulnerability Database".
OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.π Read
via "National Vulnerability Database".
β State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally β
π Read
via "Threatpost".
An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks.π Read
via "Threatpost".
Threat Post
State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally
An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks.
π΄ Inside the Dark Web's How-To Guides for Teaching Fraud π΄
π Read
via "Dark Reading: ".
A new study investigates nearly 30,000 guides to explore what fraudsters sell and teach aspiring cybercriminals.π Read
via "Dark Reading: ".
Darkreading
Inside the Dark Web's How-To Guides for Teaching Fraud
A new study investigates nearly 30,000 guides to explore what fraudsters sell and teach aspiring cybercriminals.
π΄ Ever-Sophisticated Bad Bots Target Healthcare, Ticketing π΄
π Read
via "Dark Reading: ".
From criminals to competitors, online bots continue to scrape information from sites and pose as legitimate users.π Read
via "Dark Reading: ".
Darkreading
Ever-Sophisticated Bad Bots Target Healthcare, Ticketing
From criminals to competitors, online bots continue to scrape information from sites and pose as legitimate users.
π΄ Legacy Apps: The Security Risk Lurking in Dusty Corners π΄
π Read
via "Dark Reading: ".
Four best practices to keep old code from compromising your enterprise environment.π Read
via "Dark Reading: ".
Darkreading
Legacy Apps: The Security Risk Lurking in Dusty Corners
Four best practices to keep old code from compromising your enterprise environment.
π Homeland Security Urges Increase in Cybersecurity Spending π
π Read
via "Subscriber Blog RSS Feed ".
A standing committee of the United States House of Representatives is requesting more money to properly secure federal cybersecurity and critical infrastructure in 2020.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Homeland Security Urges Increase in Cybersecurity Spending
A standing committee of the United States House of Representatives is requesting more money to properly secure federal cybersecurity and critical infrastructure in 2020.
π΄ New Malware Campaign Targets Financials, Retailers π΄
π Read
via "Dark Reading: ".
The attack uses a legitimate remote access system as well as several families of malware.π Read
via "Dark Reading: ".
Darkreading
New Malware Campaign Targets Financials, Retailers
The attack uses a legitimate remote access system as well as several families of malware.
β Researchers: Facebookβs Data-Leveraging Scandal Puts Users on Notice β
π Read
via "Threatpost".
After a report revealed that Facebook used user data to leverage its relationships with other companies, researchers are stressing that both firms and users need to re-assess data privacy.π Read
via "Threatpost".
Threat Post
Researchers: Facebookβs Data-Leveraging Scandal Puts Users on Notice
After a report revealed that Facebook used user data to leverage its relationships with other companies, researchers are stressing that both firms and users need to re-assess data privacy.
β Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images β
π Read
via "Threatpost".
The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.π Read
via "Threatpost".
Threat Post
Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images
The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.
π΄ Tips for the Aftermath of a Cyberattack π΄
π Read
via "Dark Reading: ".
Incident response demands technical expertise, but you can't fully recover without non-IT experts.π Read
via "Dark Reading: ".
Darkreading
Tips for the Aftermath of a Cyberattack
Incident response demands technical expertise, but you can't fully recover without non-IT experts.
π΄ VPN Vulnerabilities Point Out Need for Comprehensive Remote Security π΄
π Read
via "Dark Reading: ".
VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool.π Read
via "Dark Reading: ".
Dark Reading
VPN Vulnerabilities Point Out Need for Comprehensive Remote Security
VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool.
π΄ Nation-State Hacker Group Hijacking DNS to Redirect Email, Web Traffic π΄
π Read
via "Dark Reading: ".
'Sea Turtle' group has compromised at least 40 national security organizations in 13 countries so far, Cisco Talos says.π Read
via "Dark Reading: ".
Darkreading
Nation-State Hacker Group Hijacking DNS to Redirect Email, Web Traffic
'Sea Turtle' group has compromised at least 40 national security organizations in 13 countries so far, Cisco Talos says.
ATENTIONβΌ New - CVE-2018-0382
π Read
via "National Vulnerability Database".
A vulnerability in the session identification management functionality of the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. The vulnerability exists because the affected software does not properly clear previously assigned session identifiers for a user session when a user authenticates to the web-based interface. An attacker could exploit this vulnerability by using an existing session identifier to connect to the software through the web-based interface. Successful exploitation could allow the attacker to hijack an authenticated user's browser session on the system. Versions 8.1 and 8.5 are affected.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-0248
π Read
via "National Vulnerability Database".
A vulnerability in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an aUTHENTICated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of service (DoS) condition on an affected device. The attacker would need to have valid administrator credentials on the device. This vulnerability is due to incomplete input validation for unexpected configuration options that the attacker could submit while accessing the GUI configuration menus. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted user input when using the administrative GUI configuration feature. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Software versions prior to 8.3.150.0, 8.5.140.0, 8.8.111.0 are affected by this vulnerability.π Read
via "National Vulnerability Database".
β Oracle issues nearly 300 patches in quarterly update β
π Read
via "Naked Security".
Oracle's latest security update covers 297 vulnerabilities, many of which come with a "patch now" warning.π Read
via "Naked Security".
Naked Security
Oracle issues nearly 300 patches in quarterly update
Oracleβs latest security update covers 297 vulnerabilities, many of which come with a βpatch nowβ warning.
β Chrome flaw on iOS leads to 500 million unwanted pop-up ads β
π Read
via "Naked Security".
If you own an iOS device and use the Chrome browser, you may have encountered some strange-looking pop-up ads in the past week.π Read
via "Naked Security".
Naked Security
Chrome flaw on iOS leads to 500 million unwanted pop-up ads
If you own an iOS device and use the Chrome browser, you may have encountered some strange-looking pop-up ads in the past week.
β Google plays Whack-A-Mole with naughty Android developers β
π Read
via "Naked Security".
Android developers without a track record are going to be submitted to more checks in order to stamp out those of βbad faith.βπ Read
via "Naked Security".
Naked Security
Google plays Whack-A-Mole with naughty Android developers
Android developers without a track record are going to be submitted to more checks in order to stamp out those of βbad faith.β