ATENTIONβΌ New - CVE-2018-15520
π Read
via "National Vulnerability Database".
Various Lexmark devices have a Buffer Overflow (issue 2 of 2).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-15519
π Read
via "National Vulnerability Database".
Various Lexmark devices have a Buffer Overflow (issue 1 of 2).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-14919
π Read
via "National Vulnerability Database".
LOYTEC LGATE-902 6.3.2 devices allow XSS.π Read
via "National Vulnerability Database".
π How to set up multi-factor authentication for an IAM user in AWS π
π Read
via "Security on TechRepublic".
MFA protocols are a simple best practice for increasing the overall access security of AWS cloud services and could prevent costly security breaches in your enterprise.π Read
via "Security on TechRepublic".
TechRepublic
How to set up multi-factor authentication for an IAM user in AWS
MFA protocols are a simple best practice for increasing the overall access security of AWS cloud services and could prevent costly security breaches in your enterprise.
β MongoDB Leak Exposed Millions of Medical Insurance Records β
π Read
via "Threatpost".
Millions of records containing personal information and medical insurance data were exposed by a database belonging to insurance marketing website MedicareSupplement.com.π Read
via "Threatpost".
Threat Post
MongoDB Leak Exposed Millions of Medical Insurance Records
Millions of records containing personal information and medical insurance data were exposed by a database belonging to insurance marketing website MedicareSupplement.com.
β New Dridex Variant Slips By Anti-Virus Detection β
π Read
via "Threatpost".
A never-before-seen Dridex variant has been spotted in phishing emails using anti-virus detection evasion tactics.π Read
via "Threatpost".
Threat Post
New Dridex Variant Slips By Anti-Virus Detection
A never-before-seen Dridex variant has been spotted in phishing emails using anti-virus detection evasion tactics.
π΄ MageCart Launches Customizable Campaign π΄
π Read
via "Dark Reading: ".
A tool new to MageCart bolsters the group's ability to evade detection and steal data.π Read
via "Dark Reading: ".
Darkreading
MageCart Launches Customizable Campaign
A tool new to MageCart bolsters the group's ability to evade detection and steal data.
ATENTIONβΌ New - CVE-2018-14918
π Read
via "National Vulnerability Database".
LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-14916
π Read
via "National Vulnerability Database".
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-14887
π Read
via "National Vulnerability Database".
Improper Host header sanitization in the dbfilter routing component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows a remote attacker to deny access to the service and to disclose database names via a crafted request.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-14886
π Read
via "National Vulnerability Database".
The module-description renderer in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier does not disable RST's local file inclusion, which allows privileged authenticated users to read local files via a crafted module description.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-14885
π Read
via "National Vulnerability Database".
Incorrect access control in the database manager component in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows a remote attacker to restore a database dump without knowing the super-admin password. An arbitrary password succeeds.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-14868
π Read
via "National Vulnerability Database".
Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-14867
π Read
via "National Vulnerability Database".
Incorrect access control in the portal messaging system in Odoo Community 9.0 and 10.0 and Odoo Enterprise 9.0 and 10.0 allows remote attackers to post messages on behalf of customers, and to guess document attribute values, via crafted parameters.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10761
π Read
via "National Vulnerability Database".
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.π Read
via "National Vulnerability Database".
β Monday review β the hot 21 stories of the week β
π Read
via "Naked Security".
From the controversial DeepNude app to the Molotov-cocktail-throwing hacker who dropped his USB stick - and everything in between.π Read
via "Naked Security".
Naked Security
Monday review β the hot 21 stories of the week
From the controversial DeepNude app to the Molotov-cocktail-throwing hacker who dropped his USB stick β and everything in between.
β Crave that Instagram verified badge? Donβt fall for this login-stealing scam β
π Read
via "Naked Security".
It's yet another way to trick Instagram users out of their login credentials. Don't fall for it, lest your account be hijacked!π Read
via "Naked Security".
Naked Security
Crave that Instagram verified badge? Donβt fall for this login-stealing scam
Itβs yet another way to trick Instagram users out of their login credentials. Donβt fall for it, lest your account be hijacked!
β Cloud computing giant PCM hacked β
π Read
via "Naked Security".
The attackers allegedly stole admin credentials for Office 365 accounts, and planned to use stolen data to conduct gift card fraud.π Read
via "Naked Security".
Naked Security
Cloud computing giant PCM hacked
The attackers allegedly stole admin credentials for Office 365 accounts, and planned to use stolen data to conduct gift card fraud.
π΄ Too Many Tools? Tidy Up in 'KonMari' Style π΄
π Read
via "Dark Reading: ".
You've no doubt heard about Marie Kondo's method of decluttering the home. Turns out, it can help security pros tackle all of those security tools piling up around the organization.π Read
via "Dark Reading: ".
Dark Reading
Too Many Tools? Tidy Up in 'KonMari' Style
You've no doubt heard about Marie Kondo's method of decluttering the home. Turns out, it can help security pros tackle all of those security tools piling up around the organization.
π΄ Planning a Bug Bounty Program? Follow In Shopify's Footsteps π΄
π Read
via "Dark Reading: ".
Four years, $1 million in payouts, and the identification of 950 bugs later, Shopify provides an excellent example for organizations looking to launch their own programs.π Read
via "Dark Reading: ".
Dark Reading
Planning a Bug Bounty Program? Follow In Shopify's Footsteps
Four years, $1 million in payouts, and the identification of 950 bugs later, Shopify provides an excellent example for organizations looking to launch their own programs.
π΄ To Pay or Not To Pay? That Is the (Ransomware) Question π΄
π Read
via "Dark Reading: ".
From Albany, New York, to Atlanta, Georgia, to Del Rio, Texas, cities across the US have been hit with ransomware attacks.π Read
via "Dark Reading: ".
Dark Reading
To Pay or Not To Pay? That Is the (Ransomware) Question
From Albany, New York, to Atlanta, Georgia, to Del Rio, Texas, cities across the US have been hit with ransomware attacks.