β Privacy foul for soccer league app that eavesdropped on users β
π Read
via "Naked Security".
The LaLiga app used phones' GPS and microphones to sniff out bars that were broadcasting soccer matches illegally.π Read
via "Naked Security".
Naked Security
Privacy foul for soccer league app that eavesdropped on users
The LaLiga app used phonesβ GPS and microphones to sniff out bars that were broadcasting soccer matches illegally.
β Yubico recalls FIPS Yubikey tokens after flaw found β
π Read
via "Naked Security".
Security token maker Yubico has issued an important advisory affecting high-end versions of its YubiKey authentication key.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Find Your Next Favorite Cybersecurity Tool at the Black Hat USA Arsenal π΄
π Read
via "Dark Reading: ".
Learn new enterprise-grade techniques for identifying vulnerabilities, improving Active Directory security, and building trust with customers at Black Hat USA this summer.π Read
via "Dark Reading: ".
Dark Reading
Find Your Next Favorite Cybersecurity Tool at the Black Hat USA Arsenal
Learn new enterprise-grade techniques for identifying vulnerabilities, improving Active Directory security, and building trust with customers at Black Hat USA this summer.
π΄ The Life-Changing Magic of Tidying Up the Cloud π΄
π Read
via "Dark Reading: ".
Most companies' cloud security operations would benefit significantly from clean-up, alignment, and organization.π Read
via "Dark Reading: ".
Dark Reading
The Life-Changing Magic of Tidying Up the Cloud
Most companies' cloud security operations would benefit significantly from clean-up, alignment, and organization.
π΄ Utilities, Nations Need Better Plan Against Critical Infrastructure Attackers π΄
π Read
via "Dark Reading: ".
The attackers behind the Triton, or Xenotime, intrusions into critical infrastructure (CI) safety systems are testing their skills against electric power companies. Options for defense are still limited, however.π Read
via "Dark Reading: ".
Darkreading
Utilities, Nations Need Better Plan Against Critical Infrastructure Attackers
The attackers behind the Triton, or Xenotime, intrusions into critical infrastructure (CI) safety systems are testing their skills against electric power companies. Options for defense are still limited, however.
ATENTIONβΌ New - CVE-2009-5157 (wag54g2_firmware)
π Read
via "National Vulnerability Database".
On Linksys WAG54G2 1.00.10 devices, there is authenticated command injection via shell metacharacters in the setup.cgi c4_ping_ipaddr variable.π Read
via "National Vulnerability Database".
β Microsoft Pushes Azure Users to Patch Linux Systems β
π Read
via "Threatpost".
Microsoft is urging users to patch every Exim installation in their organization and make sure that they are updated to the most recent version, Exim version 4.92.π Read
via "Threatpost".
Threat Post
Microsoft Pushes Azure Users to Patch Linux Systems
Microsoft is urging users to patch every Exim installation in their organization and make sure that they are updated to the most recent version, Exim version 4.92.
π Business travelers, beware: Hackers looking over your shoulder can cause data breaches π
π Read
via "Security on TechRepublic".
Some 80% of business travelers say visual hacking is a threat, according to a 3M report.π Read
via "Security on TechRepublic".
TechRepublic
Business travelers, beware: Hackers looking over your shoulder can cause data breaches
Some 80% of business travelers say visual hacking is a threat, according to a 3M report.
ATENTIONβΌ New - CVE-2018-10239
π Read
via "National Vulnerability Database".
A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope. The vulnerability is due to a weakness in the "support access" password generation algorithm. A locally authenticated administrative user may be able to exploit this vulnerability if the "support access" feature is enabled, they know the support access code for the current session, and they know the algorithm to generate the support access password from the support access code. "Support access" is disabled by default. When enabled, the access will be automatically disabled (and support access code will expire) after the 24 hours.π Read
via "National Vulnerability Database".
β A Spate of University Breaches Highlight Email Threats in Higher Ed β
π Read
via "Threatpost".
Students at Oregon State University, Graceland University and Southern Missouri State have all been impacted by email attacks against school employees.π Read
via "Threatpost".
Threat Post
A Spate of University Breaches Highlight Email Threats in Higher Ed
Students at Oregon State University, Graceland University and Southern Missouri State have all been impacted by email attacks against school employees.
ATENTIONβΌ New - CVE-2017-9388
π Read
via "National Vulnerability Database".
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a web user interface that allows a user to manage the device. As a part of the functionality the device firmware file contains a file known as proxy.sh which allows the device to proxy a specific request to and from from another website. This is primarily used as a method of communication between the device and Vera website when the user is logged in to the https://home.getvera.com and allows the device to communicate between the device and website. One of the parameters retrieved by this specific script is "url". This parameter is not sanitized by the script correctly and is passed in a call to "eval" to execute "curl" functionality. This allows an attacker to escape from the executed command and then execute any commands of his/her choice.π Read
via "National Vulnerability Database".
π How to create an administrator IAM user and group in AWS π
π Read
via "Security on TechRepublic".
AWS best practices dictate that you should not use root user credentials for everyday admin tasks. Proper data security requires the use of special administrator account.π Read
via "Security on TechRepublic".
TechRepublic
How to create an administrator IAM user and group in AWS
AWS best practices dictate that you should not use root user credentials for everyday admin tasks. Proper data security requires the use of special administrator account.
π Nevada Beats California With New Privacy Law π
π Read
via "Subscriber Blog RSS Feed ".
Nevada's new law, which will require website operators to honor opt-out procedures, goes into effect on October 1, three months before the CCPA's compliance deadline, January 1, 2010.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Nevada Beats California With New Privacy Law
Nevada's new law, which will require website operators to honor opt-out procedures, goes into effect on October 1, three months before the CCPA's compliance deadline, January 1, 2010.
π΄ New Decryptor Unlocks Latest Versions of Gandcrab π΄
π Read
via "Dark Reading: ".
The decryptor neutralizes GandCrab versions 5.0 through 5.2 and lets victims unlock their files for free.π Read
via "Dark Reading: ".
Darkreading
New Decryptor Unlocks Latest Versions of Gandcrab
The decryptor neutralizes GandCrab versions 5.0 through 5.2 and lets victims unlock their files for free.
β 5,000 Twitter Accounts Linked to Disinformation Campaigns β
π Read
via "Threatpost".
The social platform has suspended six sets of accounts across four jurisdictions for running alleged influence campaigns, including Iran.π Read
via "Threatpost".
Threat Post
5,000 Twitter Accounts Linked to Disinformation Campaigns
The social platform has suspended six sets of accounts across four jurisdictions for running alleged influence campaigns, including Iran.
ATENTIONβΌ New - CVE-2017-9384
π Read
via "National Vulnerability Database".
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a web user interface that allows a user to manage the device. As a part of the functionality the device firmware file contains a file known as relay.sh which allows the device to create relay ports and connect the device to Vera servers. This is primarily used as a method of communication between the device and Vera servers so the devices can be communicated with even when the user is not at home. One of the parameters retrieved by this specific script is "remote_host". This parameter is not sanitized by the script correctly and is passed in a call to "eval" to execute another script where remote_host is concatenated to be passed a parameter to the second script. This allows an attacker to escape from the executed command and then execute any commands of his/her choice.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-9381
π Read
via "National Vulnerability Database".
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a user with the capability of installing or deleting apps on the device using the web management interface. It seems that the device does not implement any cross-site request forgery protection mechanism which allows an attacker to trick a user who navigates to an attacker controlled page to install or delete an application on the device. Note: The cross-site request forgery is a systemic issue across all other functionalities of the device.π Read
via "National Vulnerability Database".
π΄ Power Outage Hits Millions in South America π΄
π Read
via "Dark Reading: ".
The outage, which is not (so far) seen as the result of a cyberattack, still had a significant impact on network and server availability.π Read
via "Dark Reading: ".
Dark Reading
Power Outage Hits Millions in South America
The outage, which is not (so far) seen as the result of a cyberattack, still had a significant impact on network and server availability.
β Irked Researcher Discloses Facebook WordPress Plugin Flaws β
π Read
via "Threatpost".
Researchers at Plugin Vulnerabilities cite grudge and irresponsibly disclose bugs in two WordPress plugins from Facebook.π Read
via "Threatpost".
Threat Post
Irked Researcher Discloses Facebook WordPress Plugin Flaws
Researchers at Plugin Vulnerabilities cite grudge and irresponsibly disclose bugs in two WordPress plugins from Facebook.
π΄ DHS Tests Remote Exploit for BlueKeep RDP Vulnerability π΄
π Read
via "Dark Reading: ".
Agency urges organizations with vulnerable systems to apply mitigations immediately.π Read
via "Dark Reading: ".
Dark Reading
DHS Tests Remote Exploit for BlueKeep RDP Vulnerability
Agency urges organizations with vulnerable systems to apply mitigations immediately.
ATENTIONβΌ New - CVE-2017-9392
π Read
via "National Vulnerability Database".
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP services provide "request_image" as one of the service actions for a normal user to retrieve an image from a camera that is controlled by the controller. It seems that the "res" (resolution) parameter passed in the query string is not sanitized and is stored on the stack which allows an attacker to overflow the buffer. The function "LU::Generic_IP_Camera_Manager::REQ_Image" is activated when the lu_request_image is passed as the "id" parameter in the query string. This function then calls "LU::Generic_IP_Camera_Manager::GetUrlFromArguments". This function retrieves all the parameters passed in the query string including "res" and then uses the value passed in it to fill up buffer using the sprintf function. However, the function in this case lacks a simple length check and as a result an attacker who is able to send more than 184 characters can easily overflow the values stored on the stack including the $RA value and thus execute code on the device.π Read
via "National Vulnerability Database".