ATENTIONβΌ New - CVE-2015-5290
π Read
via "National Vulnerability Database".
ircd-ratbox 3.0.9 mishandles the MONITOR command which allows remote attackers to cause a denial of service (system out-of-memory event).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4318
π Read
via "National Vulnerability Database".
File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-2011
π Read
via "National Vulnerability Database".
WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-4420
π Read
via "National Vulnerability Database".
An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-3462
π Read
via "National Vulnerability Database".
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-3088
π Read
via "National Vulnerability Database".
Belkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging".π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-3085
π Read
via "National Vulnerability Database".
An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2.π Read
via "National Vulnerability Database".
π΄ How Should My Security Department Begin Future-Proofing for Quantum Computing? π΄
π Read
via "Dark Reading: ".
Knowing where your digital certificates are is just the start.π Read
via "Dark Reading: ".
Dark Reading
How Can My Security Team Begin Future-Proofing for Quantum Computing?
Knowing where your digital certificates are is just the start.
π΄ Two-Thirds of Security Pros Ready to or Already Volunteer Their Services π΄
π Read
via "Dark Reading: ".
Majority of survey respondents seek to share their security expertise with causes they care about.π Read
via "Dark Reading: ".
Dark Reading
Poll Results: Security Pros Are Not Only Smart -- They're Generous, Too
Altruism is alive and well among Edge readers, who seek to share their security expertise with causes they care about.
π΄ Gauging the Cybersecurity Climate π΄
π Read
via "Dark Reading: ".
Is climate change impacting your cybersecurity, cyber-risk, or cyber-incident response plans?π Read
via "Dark Reading: ".
Dark Reading
Gauging the Cybersecurity Climate
Is climate change impacting your cybersecurity, cyber-risk, or cyber-incident response plans?
π How to protect specific folders and files in Windows π
π Read
via "Security on TechRepublic".
Learn how to hide or encrypt specific files in Windows in order to better protect them.π Read
via "Security on TechRepublic".
TechRepublic
How to protect specific folders and files in Windows
Learn how to hide or encrypt specific files in Windows in order to better protect them.
π Security teams have a challenging and ever-changing role. Here's how a SOC can keep up π
π Read
via "Security on TechRepublic".
Security teams should coordinate and operate by standard practices to ensure their efforts yield the maximum results. Learn some tips from an industry insider on how to make it happen.π Read
via "Security on TechRepublic".
TechRepublic
Security teams have a challenging and ever-changing role. Here's how a SOC can keep up
Security teams should coordinate and operate by standard practices to ensure their efforts yield the maximum results. Learn some tips from an industry insider on how to make it happen.
β Podcast: The Roadblocks and Opportunities For Women in Cybersecurity β
π Read
via "Threatpost".
Threatpost examines the challenges - and opportunities - that women are facing in the cybersecurity landscape.π Read
via "Threatpost".
Threat Post
Podcast: The Roadblocks and Opportunities For Women in Cybersecurity
Lindsey OβDonnell: This is Lindsey OβDonnell with the Threatpost Podcast and Iβm here today with Jessica LaBouve, Jessicaβs a penetration tester at A-LIGN. Hi Jessica. Howβs your week going? Jessica LaBouve: Hey, Lindsey. Itβs going great. Really excitedβ¦
β Facebook Security Debacles: 2019 Year in Review β
π Read
via "Threatpost".
2019 was a tumultuous year for Facebook as it continued to grapple with privacy fallout after Cambridge Analytica, as well as dealing with a slew of security challenges.π Read
via "Threatpost".
Threat Post
Facebook Security Debacles: 2019 Year in Review
2019 was a tumultuous year for Facebook as it continued to grapple with privacy fallout after Cambridge Analytica, as well as dealing with a slew of security challenges.
π΄ Defensive Wish List for 2020: Faster Responses to Threats π΄
π Read
via "Dark Reading: ".
Security professionals recommend technology to detect attacks that have already infiltrated a network.π Read
via "Dark Reading: ".
Dark Reading
Defensive Wish List for 2020: Faster Responses to Threats
Security professionals recommend technology to detect attacks that have already infiltrated a network.
π΄ Poll Results: Security Pros Are Not Only Smart -- They're Generous, Too π΄
π Read
via "Dark Reading: ".
Altruism is alive and well among Edge readers, who seek to share their security expertise with causes they care about.π Read
via "Dark Reading: ".
Dark Reading
Poll Results: Security Pros Are Not Only Smart -- They're Generous, Too
Altruism is alive and well among Edge readers, who seek to share their security expertise with causes they care about.
ATENTIONβΌ New - CVE-2014-4559
π Read
via "National Vulnerability Database".
Multiple cross-site scripting (XSS) vulnerabilities in test-plugin.php in the Swipe Checkout for WP e-Commerce plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) api_key, (2) payment_page_url, (3) merchant_id, (4) api_url, or (5) currency parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2014-4525
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in the Ebay Feeds for WordPress plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2014-4523
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in the Easy Career Openings plugin 0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.π Read
via "National Vulnerability Database".
β Google Chrome Affected By Magellan 2.0 Flaws β
π Read
via "Threatpost".
Researchers warn that five vulnerabilities that stem from SQLite could enable remote code execution.π Read
via "Threatpost".
Threat Post
Google Chrome Affected By Magellan 2.0 Flaws
Researchers warn that five vulnerabilities that stem from SQLite could enable remote code execution.
ATENTIONβΌ New - CVE-2016-1000029
π Read
via "National Vulnerability Database".
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269).π Read
via "National Vulnerability Database".