ATENTIONβΌ New - CVE-2011-2934
π Read
via "National Vulnerability Database".
A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in WebsiteBaker 2.8.1 and earlier due to inadequate confirmation for sensitive transactions.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-2933
π Read
via "National Vulnerability Database".
An Arbitrary File Upload vulnerability exists in admin/media/upload.php in WebsiteBaker 2.8.1 and earlier due to a failure to restrict uploaded files with .htaccess, .php4, .php5, and .phtl extensions.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-2715
π Read
via "National Vulnerability Database".
An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-2714
π Read
via "National Vulnerability Database".
A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-2706
π Read
via "National Vulnerability Database".
A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71.π Read
via "National Vulnerability Database".
β Oracle Ties Previous All-Time Patch High with January Updates β
π Read
via "Threatpost".
The software giant patched 300+ bugs in its quarterly update.π Read
via "Threatpost".
Threat Post
Oracle Ties Previous All-Time Patch High with January Updates
The software giant patched 300+ bugs in its quarterly update.
π΄ Cloud Adoption & Technology Change Create Gaps in Enterprise Security π΄
π Read
via "Dark Reading: ".
Many companies are struggling to get a handle on risk exposure because of visibility issues, Radware survey shows.π Read
via "Dark Reading: ".
Darkreading
Cloud Adoption & Technology Change Create Gaps in Enterprise Security
Many companies are struggling to get a handle on risk exposure because of visibility issues, Radware survey shows.
π΄ Microsoft Patches Windows Vuln Discovered by the NSA π΄
π Read
via "Dark Reading: ".
The National Security Agency is publicly acknowledged for its finding and reporting of CVE-2020-0601, marking the start of what it says is a new approach to security.π Read
via "Dark Reading: ".
Darkreading
Microsoft Patches Windows Vuln Discovered by the NSA
The National Security Agency is publicly acknowledged for its finding and reporting of CVE-2020-0601, marking the start of what it says is a new approach to security.
β Apple says no to unlocking shooterβs phone; AG and Trump lash back β
π Read
via "Naked Security".
Attorney General Barr and President Trump are demanding Apple unlock the mass shooter's iPhone. Apple replies: You can't break just 1 phone.π Read
via "Naked Security".
Naked Security
Apple says no to unlocking shooterβs phone; AG and Trump lash back
Attorney General Barr and President Trump are demanding Apple unlock the mass shooterβs iPhone. Apple replies: You canβt break just 1 phone.
β Peekaboo Moments baby-recording app has a bad database booboo β
π Read
via "Naked Security".
No need to wait until you've gurgled out of your mother's womb to experience the joys of having your privacy breached.π Read
via "Naked Security".
Naked Security
Peekaboo Moments baby-recording app has a bad database booboo
No need to wait until youβve gurgled out of your motherβs womb to experience the joys of having your privacy breached.
β Oski Data-Stealing Malware Emerges to Target North America, China β
π Read
via "Threatpost".
The malware is new and in the early stages of its development -- but packs a sophisticated punch.π Read
via "Threatpost".
Threat Post
Oski Data-Stealing Malware Emerges to Target North America, China
The malware is new and in the early stages of its development β but packs a sophisticated punch.
β Malicious npm package taken down after Microsoft warning β
π Read
via "Naked Security".
Criminals have been caught trying to sneak a malicious package on to the popular Node.js platform npm (Node Package Manager).π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Microsoft fixes critical bugs in CryptoAPI, RD Gateway and .NET β
π Read
via "Naked Security".
Here are the most serious bugs from Microsoft's Patch Tuesday - Including CryptoAPI and RCE flaws in Windows Remote Desktop Gateway.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Why corporate boards are unprepared to handle cybersecurity risks π
π Read
via "Security on TechRepublic".
A new report recommends that corporate boards answer four key questions on a regular basis to guide cybersecurity governance.π Read
via "Security on TechRepublic".
TechRepublic
Why corporate boards are unprepared to handle cybersecurity risks
A new report recommends that corporate boards answer four key questions on a regular basis to guide cybersecurity governance.
π΄ How SD-WAN Helps Achieve Data Security and Threat Protection π΄
π Read
via "Dark Reading: ".
Enterprises currently consider the technology a best practice because of its flexibility, scalability, performance, and agility.π Read
via "Dark Reading: ".
Dark Reading
How SD-WAN Helps Achieve Data Security and Threat Protection
Enterprises currently consider the technology a best practice because of its flexibility, scalability, performance, and agility.
π Microsoft rolls out patch for serious Windows bug highlighted by NSA π
π Read
via "Security on TechRepublic".
Designed to exploit a vulnerability in Windows 10 and Windows Server 2016 and 2019, the bug could allow an attacker to remotely access and control an infected computer.π Read
via "Security on TechRepublic".
ATENTIONβΌ New - CVE-2012-1563
π Read
via "National Vulnerability Database".
Joomla! before 2.5.3 allows Admin Account Creation.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-1562
π Read
via "National Vulnerability Database".
Joomla! core before 2.5.3 allows unauthorized password change.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-1326
π Read
via "National Vulnerability Database".
Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacksπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-1316
π Read
via "National Vulnerability Database".
Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacksπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-0945
π Read
via "National Vulnerability Database".
whoopsie-daisy before 0.1.26: Root user can remove arbitrary filesπ Read
via "National Vulnerability Database".