β Nvidia Warns Windows Gamers on GPU Driver Flaws β
π Read
via "Threatpost".
Nvidia has patched three vulnerabilities in its Windows GPU display driver that could enable information disclosure, denial of service and privilege escalation.π Read
via "Threatpost".
Threat Post
Nvidia Warns Windows Gamers on GPU Driver Flaws
Nvidia has patched three vulnerabilities in its Windows GPU display driver that could enable information disclosure, denial of service and privilege escalation.
ATENTIONβΌ New - CVE-2017-12885
π Read
via "National Vulnerability Database".
OX Software GmbH App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-12795
π Read
via "National Vulnerability Database".
OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: (Improper Input Validation).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-12789
π Read
via "National Vulnerability Database".
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/interface/online/delete.php. The attack vector is: The administrator clicks on the malicious link in the login state.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-1006
π Read
via "National Vulnerability Database".
A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versions prior to R9.4f, OptoOPCServer versions prior to R9.4c, and OptoDataLink version R9.4d and prior versions that were installed by PAC Project installer, versions prior to R9.4006, is susceptible to a heap-based buffer overflow condition that may allow remote code execution on the target system. Opto 22 suggests upgrading to the new product version as soon as possible.π Read
via "National Vulnerability Database".
β The WannaCry Security Legacy and Whatβs to Come β
π Read
via "Threatpost".
The WannaCry attack proved pivotal, changing the way organizations go about securing their environments.π Read
via "Threatpost".
Threat Post
The WannaCry Security Legacy and Whatβs to Come
The WannaCry attack proved pivotal, changing the way organizations go about securing their environments.
π΄ Microsoft SharePoint Bug Exploited in the Wild π΄
π Read
via "Dark Reading: ".
A number of reports show CVE-2019-0604 is under active attack, Alien Labs researchers say.π Read
via "Dark Reading: ".
Darkreading
Microsoft SharePoint Bug Exploited in the Wild
A number of reports show CVE-2019-0604 is under active attack, Alien Labs researchers say.
ATENTIONβΌ New - CVE-2017-12884
π Read
via "National Vulnerability Database".
OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information Exposure.π Read
via "National Vulnerability Database".
β News Wrap: Facebook Regulation, Verizon DBIR, Hidden Airbnb Cameras β
π Read
via "Threatpost".
From a creepy Airbnb incident to Verizon's Data Breach Investigations Report, Threatpost editors break down the top privacy and security stories for the week ended May 10.π Read
via "Threatpost".
Threat Post
News Wrap: Facebook Regulation, Verizon DBIR, Hidden Airbnb Cameras
From a creepy Airbnb incident, to Verizon's Data Breach Investigations Report, Threatpost editors break down the top privacy and security stories for the week ended May 10.
π΄ Demystifying the Dark Web: What You Need to Know π΄
π Read
via "Dark Reading: ".
The Dark Web and Deep Web are not the same, neither is fully criminal, and more await in this guide to the Internet's mysterious corners.π Read
via "Dark Reading: ".
Darkreading
Demystifying the Dark Web: What You Need to Know
The Dark Web and Deep Web are not the same, neither is fully criminal, and more await in this guide to the Internet's mysterious corners.
β FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug β
π Read
via "Threatpost".
Using a bug patched in March, the attacks are starting to ramp up worldwide.π Read
via "Threatpost".
Threat Post
FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug
Using a bug patched in March, the attacks are starting to ramp up worldwide.
β Monday review β the hot 18 stories of the week β
π Read
via "Naked Security".
From spying Airbnb creeps to the CSS trick that tracks your mouse movements - and everything in between. It's weekly roundup time.π Read
via "Naked Security".
Naked Security
Monday review β the hot 18 stories of the week
From spying Airbnb creeps to the CSS trick that tracks your mouse movements β and everything in between. Itβs weekly roundup time.
β Break up Facebook, cofounder says: itβs an un-American monopoly β
π Read
via "Naked Security".
During the 2018 "annus horribilis", users disgusted at privacy flops swore to dump Facebook. But where else is there to go?π Read
via "Naked Security".
Naked Security
Break up Facebook, cofounder says: itβs an un-American monopoly
During the 2018 βannus horribilisβ, users disgusted at privacy flops swore to dump Facebook. But where else is there to go?
β Study finds Android smartphones riddled with suspect βbloatwareβ β
π Read
via "Naked Security".
According to a new study, Android bloatware can create hidden security and privacy risks.π Read
via "Naked Security".
Naked Security
Study finds Android smartphones riddled with suspect βbloatwareβ
According to a new study, Android bloatware can create hidden security and privacy risks.
β Two Chinese hackers indicted for massive Anthem breach β
π Read
via "Naked Security".
They're part of a gang that spearphished millions of records out of the health insurer and other businesses, the DOJ says.π Read
via "Naked Security".
Naked Security
Two people indicted for massive Anthem health data breach
Theyβre part of a gang that spearphished millions of records out of the health insurer and other businesses, the DOJ says.
π Top 5 challenges keeping IT pros up at night π
π Read
via "Security on TechRepublic".
IT professionals face a slew of concerns in today's connected ecosystem, according to an Insight Enterprises report.π Read
via "Security on TechRepublic".
TechRepublic
Top 5 challenges keeping IT pros up at night
IT professionals face a slew of concerns in today's connected ecosystem, according to an Insight Enterprises report.
ATENTIONβΌ New - CVE-2018-12303
π Read
via "National Vulnerability Database".
Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via directory names.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12302
π Read
via "National Vulnerability Database".
Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal session tokens via cross-site scripting.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12301
π Read
via "National Vulnerability Database".
Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12300
π Read
via "National Vulnerability Database".
Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Referer header via the 'state' URL parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12299
π Read
via "National Vulnerability Database".
Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via uploaded file names.π Read
via "National Vulnerability Database".