ATENTIONβΌ New - CVE-2010-5340
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5339
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5338
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5337
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5336
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5335
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (script to basic/minimizer/index.php) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5334
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (_c to basic/index.html) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files.π Read
via "National Vulnerability Database".
β Iran-Linked βCharming Kittenβ Touts New Spearphishing Tactics β
π Read
via "Threatpost".
A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trumpβs 2020 re-election campaign.π Read
via "Threatpost".
Threat Post
Iran-Linked βCharming Kittenβ Touts New Spearphishing Tactics
A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trumpβs 2020 re-election campaign.
π΄ Close the Gap Between Cyber-Risk and Business Risk π΄
π Read
via "Dark Reading: ".
Four steps outlining how security teams can better understand their company's cyber-risk and demonstrate to company leadership what's being done to mitigate the resulting business risk.π Read
via "Dark Reading: ".
Darkreading
Close the Gap Between Cyber-Risk and Business Risk
Four steps outlining how security teams can better understand their company's cyber-risk and demonstrate to company leadership what's being done to mitigate the resulting business risk.
π΄ Creative Wi-Fi Passwords π΄
π Read
via "Dark Reading: ".
Let's see a hacker figure out one of these.π Read
via "Dark Reading: ".
Dark Reading
Creative Wi-Fi Passwords
Let's see a hacker figure out one of these.
β S2 Ep12: Dark Web, O.MG Cable spying and securing new laptops β Naked Security Podcast β
π Read
via "Naked Security".
Listen to the latest episode now!π Read
via "Naked Security".
Naked Security
S2 Ep12: Dark Web, O.MG Cable spying and securing new laptops β Naked Security Podcast
Listen to the latest episode now!
π΄ Build Your Cybersecurity Toolkit at Black Hat Europe in December π΄
π Read
via "Dark Reading: ".
Now's the time to start planning what to see and do at Black Hat Europe, which is jam-packed with relevant Briefings and Arsenal demos.π Read
via "Dark Reading: ".
Dark Reading
Build Your Cybersecurity Toolkit at Black Hat Europe in December
Now's the time to start planning what to see and do at Black Hat Europe, which is jam-packed with relevant Briefings and Arsenal demos.
π How to enable SSH session recording in CentOS 8 π
π Read
via "Security on TechRepublic".
Learn how to enable SSH session recording in CentOS 8.π Read
via "Security on TechRepublic".
TechRepublic
How to enable SSH session recording in CentOS 8
Learn how to enable SSH session recording in CentOS 8.
π How to enable SSH session recording in CentOS 8 π
π Read
via "Security on TechRepublic".
Learn how to enable SSH session recording in CentOS 8.π Read
via "Security on TechRepublic".
TechRepublic
How to enable SSH session recording in CentOS 8
Learn how to enable SSH session recording in CentOS 8.
π Friday Five: 10/11 Edition π
π Read
via "Subscriber Blog RSS Feed ".
News on a new military cyber alert system, Twitter mishandles user data, and what to do with data if there's a no-deal Brexit. Catch up on the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 10/11 Edition
News on a new military cyber alert system, Twitter mishandles user data, and what to do with data if there's a no-deal Brexit. Catch up on the week's news with the Friday Five.
β Fin7 Cybergang Retools With New Malicious Code β
π Read
via "Threatpost".
A new dropper and payload show that Fin7 isn't going anywhere despite a crackdown on the infamous group by law enforcement in 2018.π Read
via "Threatpost".
Threat Post
Fin7 Cybergang Retools With New Malicious Code
A new dropper and payload show that Fin7 isn't going anywhere despite a crackdown on the infamous group by law enforcement in 2018.
π΄ A Murderers' Row of Poisoning Attacks π΄
π Read
via "Dark Reading: ".
Poisoning can be used against network infrastructure and applications. Understanding how DNS cache poisoning, machine learning model poisoning and other attacks work can help you prepare the proper antidote.π Read
via "Dark Reading: ".
Dark Reading
A Murderers' Row of Poisoning Attacks
Poisoning can be used against network infrastructure and applications. Understanding how DNS cache poisoning, machine learning model poisoning and other attacks work can help you prepare the proper antidote.
π΄ Works of Art: Cybersecurity Inspires 6 Winning Ideas π΄
π Read
via "Dark Reading: ".
The Center for Long Term Cybersecurity recently awarded grants to six artists in a contest to come up with ideas for works with security themes and elements. Check 'em out.π Read
via "Dark Reading: ".
Dark Reading
Works of Art: Cybersecurity Inspires 6 Winning Ideas
The Center for Long Term Cybersecurity recently awarded grants to six artists in a contest to come up with ideas for works with security themes and elements. Check 'em out.
β Imperva: Data Breach Caused by Cloud Misconfiguration β
π Read
via "Threatpost".
Hackers were able to steal an AWS administrative API key housed in a compute instance left exposed to the public internet.π Read
via "Threatpost".
Threat Post
Imperva: Data Breach Caused by Cloud Misconfiguration
Hackers were able to steal an AWS administrative API key housed in a compute instance left exposed to the public internet.
π΄ FBI: Phishing Can Defeat Two-Factor Authentication π΄
π Read
via "Dark Reading: ".
A recent Privacy Industry Notification points to two new hacker tools that can turn a victim's browser into a credential-stealing zombie.π Read
via "Dark Reading: ".
Darkreading
FBI: Phishing Can Defeat Two-Factor Authentication
A recent Privacy Industry Notification points to two new hacker tools that can turn a victim's browser into a credential-stealing zombie.