ATENTIONβΌ New - CVE-2015-9399
π Read
via "National Vulnerability Database".
The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9398
π Read
via "National Vulnerability Database".
The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9397
π Read
via "National Vulnerability Database".
The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php deletegc XSS.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9396
π Read
via "National Vulnerability Database".
The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content/plugins/auto-thickbox-plus/download.min.php?file= XSS.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9395
π Read
via "National Vulnerability Database".
The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9394
π Read
via "National Vulnerability Database".
The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9393
π Read
via "National Vulnerability Database".
The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_desc parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9392
π Read
via "National Vulnerability Database".
The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_name parameter.π Read
via "National Vulnerability Database".
π Friday Five: 9/20 Edition π
π Read
via "Subscriber Blog RSS Feed ".
A popular password manager fixes a bug, a 20 million person breach, and more - catch up on the week's infosec and privacy news with this week's Friday Five!π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 9/20 Edition
A popular password manager fixes a bug, a 20 million person breach, and more - catch up on the week's infosec and privacy news with this week's Friday Five!
π΄ Ransomware Strikes 49 School Districts & Colleges in 2019 π΄
π Read
via "Dark Reading: ".
The education sector has seen 10 new victims in the past nine days alone, underscoring a consistent trend throughout 2019.π Read
via "Dark Reading: ".
Darkreading
Ransomware Strikes 49 School Districts & Colleges in 2019
The education sector has seen 10 new victims in the past nine days alone, underscoring a consistent trend throughout 2019.
β Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica β
π Read
via "Threatpost".
Facebook said it has suspended and banned tens of thousands of apps on its platform after its investigation, launched after Cambridge Analytica, into how they collect and use data.π Read
via "Threatpost".
Threat Post
Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica
Facebook said it has suspended and banned tens of thousands of apps on its platform after its investigation, launched after Cambridge Analytica, into how they collect and use data.
π How to avoid the dreaded Video4Linux flaw in Android π
π Read
via "Security on TechRepublic".
With Google dragging its feet on the fix for Video4Linux, you might consider revoking camera permissions for certain apps.π Read
via "Security on TechRepublic".
TechRepublic
How to avoid the dreaded Video4Linux flaw in Android
With Google dragging its feet on the fix for Video4Linux, you might consider revoking camera permissions for certain apps.
π΄ HP Purchases Security Startup Bromium π΄
π Read
via "Dark Reading: ".
The purchase will bring new isolation and threat intelligence capabilities to the HP portfolio.π Read
via "Dark Reading: ".
Dark Reading
HP Purchases Security Startup Bromium
The purchase will bring new isolation and threat intelligence capabilities to the HP portfolio.
π Web-Based Firewall Logging Tool 1.1.2 π
π Go!
via "Security Tool Files β Packet Storm".
Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Web-Based Firewall Logging Tool 1.1.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Wireshark Analyzer 3.0.5 π
π Go!
via "Security Tool Files β Packet Storm".
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Wireshark Analyzer 3.0.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2015-9406
π Read
via "National Vulnerability Database".
Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. (dot dot) in the files parameter to css/css.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2014-10397
π Read
via "National Vulnerability Database".
The Antioch theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to lib/scripts/download.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2014-10396
π Read
via "National Vulnerability Database".
The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php.π Read
via "National Vulnerability Database".
π΄ 7 Ways VPNs Can Turn from Ally to Threat π΄
π Read
via "Dark Reading: ".
VPNs are critical pieces of the security infrastructure, but they can be vulnerable, hackable, and weaponized against you. Here are seven things to be aware of before you ignore your VPN.π Read
via "Dark Reading: ".
Dark Reading
7 Ways VPNs Can Turn from Ally to Threat
VPNs are critical pieces of the security infrastructure, but they can be vulnerable, hackable, and weaponized against you. Here are seven things to be aware of before you ignore your VPN.
β Monday review β the hot 22 stories of the week β
π Read
via "Naked Security".
From the Simjacker phone hack to IBM's cloud-based quantum computer - and everything in between. It's the weekly security roundup.π Read
via "Naked Security".
Naked Security
Monday review β the hot 22 stories of the week
From the Simjacker phone hack to IBMβs cloud-based quantum computer β and everything in between. Itβs the weekly security roundup.
β WannaCry β and why it never went away β
π Read
via "Naked Security".
WannaCry still hasn't died out, more than two years after the original attack. We went live to find out why...π Read
via "Naked Security".
Naked Security
WannaCry β and why it never went away
WannaCry still hasnβt died out, more than two years after the original attack. We went live to find out whyβ¦