ATENTIONβΌ New - CVE-2018-11307
π Read
via "National Vulnerability Database".
An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8414 (dcs-1100_firmware, dcs-1130_firmware)
π Read
via "National Vulnerability Database".
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary orthrus in /sbin folder of the device handles all the UPnP connections received by the device. It seems that the binary performs a sprintf operation at address 0x0000A3E4 with the value in the command line parameter "-f" and stores it on the stack. Since there is no length check, this results in corrupting the registers for the function sub_A098 which results in memory corruption.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8410 (dcs-1100_firmware, dcs-1130_firmware)
π Read
via "National Vulnerability Database".
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary performs a memcpy operation at address 0x00011E34 with the value sent in the "Authorization: Basic" RTSP header and stores it on the stack. The number of bytes to be copied are calculated based on the length of the string sent in the RTSP header by the client. As a result, memcpy copies more data then it can hold on stack and this results in corrupting the registers for the caller function sub_F6CC which results in memory corruption. The severity of this attack is enlarged by the fact that the same value is then copied on the stack in the function 0x00011378 and this allows to overflow the buffer allocated and thus control the PC register which will result in arbitrary code execution on the device.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8409 (dcs-1130_firmware)
π Read
via "National Vulnerability Database".
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8406 (dcs-1130_firmware)
π Read
via "National Vulnerability Database".
An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to make calls to the device's webserver and pull any information that is stored on the device. In this case, user's credentials are stored in clear text on the device and can be pulled easily. It also seems that the device does not implement any cross-site scripting forgery protection mechanism which allows an attacker to trick a user who is logged in to the web management interface into executing a cross-site flashing attack on the user's browser and execute any action on the device provided by the web management interface which steals the credentials from tools_admin.cgi file's response and displays it inside a Textfield.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8405 (dcs-1100_firmware, dcs-1130_firmware)
π Read
via "National Vulnerability Database".
An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary loads at address 0x00012CF4 a flag called "Authenticate" that indicates whether a user should be authenticated or not before allowing access to the video feed. By default, the value for this flag is zero and can be set/unset using the HTTP interface and network settings tab as shown below. The device requires that a user logging to the HTTP management interface of the device to provide a valid username and password. However, the device does not enforce the same restriction by default on RTSP URL due to the checkbox unchecked by default, thereby allowing any attacker in possession of external IP address of the camera to view the live video feed. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.π Read
via "National Vulnerability Database".
π How to securely and completely delete files in Windows 10 without third-party software π
π Read
via "Security on TechRepublic".
Deleting files in Windows 10 does not really delete the file. Security best practice requires deleted files to be completely overwritten more than once.π Read
via "Security on TechRepublic".
TechRepublic
How to securely and completely delete files in Windows 10 without third-party software | TechRepublic
Deleting files in Windows 10 does not really delete the file. Security best practice requires deleted files to be completely overwritten more than once.
π Hotel Chain Fined $123 Million in Second Major GDPR Fine of Week π
π Read
via "Subscriber Blog RSS Feed ".
The massive fine comes one day after the ICO's fine of British Airways.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Hotel Chain Fined $123 Million in Second Major GDPR Fine of Week
The massive fine comes one day after the ICO's fine of British Airways.
π΄ What the AppSec Penetration Test Found π΄
π Read
via "Dark Reading: ".
New data drills down on the types of security misconfigurations and challenges dogging application developers.π Read
via "Dark Reading: ".
Dark Reading
What the AppSec Penetration Test Found
New data drills down on the types of security misconfigurations and challenges dogging application developers.
β Microsoft Patches A Pair of Zero-Days Under Active Attack β
π Read
via "Threatpost".
The software giant also addressed 15 critical flaws and advised on the recently disclosed Linux Kernel "SACK Panic" bug.π Read
via "Threatpost".
Threat Post
Microsoft Patches A Pair of Zero-Days Under Active Attack
The software giant also addressed 15 critical flaws and advised on the recently disclosed Linux Kernel "SACK Panic" bug.
ATENTIONβΌ New - CVE-2018-11427 (oncell_g3150-hspa-t_firmware, oncell_g3150-hspa_firmware)
π Read
via "National Vulnerability Database".
CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.π Read
via "National Vulnerability Database".
π΄ Microsoft Patches Zero-Day Vulnerabilities Under Active Attack π΄
π Read
via "Dark Reading: ".
Microsoft issued fixes for 77 unique vulnerabilities this Patch Tuesday, including two zero-day privilege escalation vulnerabilities seen exploited in the wild.π Read
via "Dark Reading: ".
Dark Reading
Cyber Risk recent news | Dark Reading
Explore the latest news and expert commentary on Cyber Risk, brought to you by the editors of Dark Reading
π΄ Zoom Client for Mac Exposing Users to Serious Risks π΄
π Read
via "Dark Reading: ".
Videoconferencing software maker downplays risks and says mitigations are on the way.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π΄ Coast Guard Warns Shipping Firms of Maritime Cyberattacks π΄
π Read
via "Dark Reading: ".
A commercial vessel suffered a significant malware attack in February, prompting the US Coast Guard to issues an advisory to all shipping companies: Here be malware.π Read
via "Dark Reading: ".
Darkreading
Coast Guard Warns Shipping Firms of Maritime Cyberattacks
A commercial vessel suffered a significant malware attack in February, prompting the US Coast Guard to issues an advisory to all shipping companies: Here be malware.
π΄ Financial Impact of Cybercrime Exceeded $45B in 2018 π΄
π Read
via "Dark Reading: ".
Cybersecurity analysts explore a range of industry research to examine trends around cyber incidents and their financial impact.π Read
via "Dark Reading: ".
Dark Reading
Financial Impact of Cybercrime Exceeded $45B in 2018
Cybersecurity analysts explore a range of industry research to examine trends around cyber incidents and their financial impact.
π΄ Organizations Are Adapting Authentication for Cloud Applications π΄
π Read
via "Dark Reading: ".
Companies see the changing demands of cloud identity management but are mixed in their responses to those demands.π Read
via "Dark Reading: ".
Dark Reading
Organizations Are Adapting Authentication for Cloud Applications
Companies see the changing demands of cloud identity management but are mixed in their responses to those demands.
β Intel Patches High-Severity Flaw in Processor Diagnostic Tool β
π Read
via "Threatpost".
Intel issued patches for a high-severity flaw in its processor diagnostic tool as well as a fix for a medium-severity vulnerability in its data center SSD lineup.π Read
via "Threatpost".
Threat Post
Intel Patches High-Severity Flaw in Processor Diagnostic Tool
Intel issued patches for a high-severity flaw in its processor diagnostic tool as well as a fix for a medium-severity vulnerability in its data center SSD lineup.
β Instagram asks bullies, βAre you sure you want to say that?β β
π Read
via "Naked Security".
A new anti-bullying feature uses AI to recognize mean words in comments and warns users before they post them.π Read
via "Naked Security".
Naked Security
Instagram asks bullies, βAre you sure you want to say that?β
A new anti-bullying feature uses AI to recognize mean words in comments and warns users before they post them.
β Rogue Android apps ignore your permissions β
π Read
via "Naked Security".
New research has revealed that apps are snooping on data such as location and unique ID number - even when users haven't given permission.π Read
via "Naked Security".
Naked Security
Rogue Android apps ignore your permissions
New research has revealed that apps are snooping on data such as location and unique ID number β even when users havenβt given permission.
β Two zero days and 15 critical flaws fixed in Julyβs Patch Tuesday β
π Read
via "Naked Security".
Patch Tuesday July 2019 offers fixes for a total of 77 vulnerabilities, including 15 marked critical, rounded out by two zero-day flaws.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Corporate users struggle to identify phishing attacks, other security threats π
π Read
via "Security on TechRepublic".
An audit of security awareness conducted by Proofpoint found that users on average answered 22% of security-related questions incorrectly.π Read
via "Security on TechRepublic".
TechRepublic
Corporate users struggle to identify phishing attacks, other security threats
An audit of security awareness conducted by Proofpoint found that users on average answered 22% of security-related questions incorrectly.