ATENTIONβΌ New - CVE-2013-5581
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-6685
π Read
via "National Vulnerability Database".
Nokogiri before 1.5.4 is vulnerable to XXE attacksπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-6614
π Read
via "National Vulnerability Database".
D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-1932
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting.π Read
via "National Vulnerability Database".
π΄ 44% of Security Threats Start in the Cloud π΄
π Read
via "Dark Reading: ".
Amazon Web Services is a top source of cyberattacks, responsible for 94% of all Web attacks originating in the public cloud.π Read
via "Dark Reading: ".
Darkreading
44% of Security Threats Start in the Cloud
Amazon Web Services is a top source of cyberattacks, responsible for 94% of all Web attacks originating in the public cloud.
π΄ Zero-Factor Authentication: Owning Our Data π΄
π Read
via "Dark Reading: ".
Are you asking the right questions to determine how well your vendors will protect your data? Probably not.π Read
via "Dark Reading: ".
Darkreading
Zero-Factor Authentication: Owning Our Data
Are you asking the right questions to determine how well your vendors will protect your data? Probably not.
ATENTIONβΌ New - CVE-2012-0055
π Read
via "National Vulnerability Database".
OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.π Read
via "National Vulnerability Database".
π U.S. Warns of Ransomware Attacks Targeting Pipeline Ops π
π Read
via "Subscriber Blog RSS Feed ".
Following an attack on a gas compression facility, CISA is urging organizations to take steps to safeguard their systems.π Read
via "Subscriber Blog RSS Feed ".
Fortra's Digital Guardian
U.S. Warns of Ransomware Attacks Targeting Pipeline Ops
Following an attack on a gas compression facility, CISA is urging organizations to take steps to safeguard their systems.
β BlueKeep Flaw Plagues Outdated Connected Medical Devices β
π Read
via "Threatpost".
More than 55 percent of medical imaging devices - including MRIs, XRays and ultrasound machines - are powered by outdated Windows versions, researchers warn.π Read
via "Threatpost".
Threat Post
BlueKeep Flaw Plagues Outdated Connected Medical Devices
More than 55 percent of medical imaging devices - including MRIs, XRays and ultrasound machines - are powered by outdated Windows versions, researchers warn.
β U.S. Pipeline Disrupted by Ransomware Attack β
π Read
via "Threatpost".
The attack took a gas compression facility offline for two days, disrupting the supply chain.π Read
via "Threatpost".
Threat Post
U.S. Pipeline Disrupted by Ransomware Attack
The attack took a gas compression facility offline for two days, disrupting the supply chain.
π΄ User Have Risky Security Habits, but Security Pros Aren't Much Better π΄
π Read
via "Dark Reading: ".
Researchers spot gaps in users' and IT practitioners' security habits, and between security tools and user preferences.π Read
via "Dark Reading: ".
Dark Reading
User Have Risky Security Habits, but Security Pros Aren't Much Better
Researchers spot gaps in users' and IT practitioners' security habits, and between security tools and user preferences.
π΄ Users Have Risky Security Habits, but Security Pros Aren't Much Better π΄
π Read
via "Dark Reading: ".
Researchers spot gaps in users' and IT practitioners' security habits, and between security tools and user preferences.π Read
via "Dark Reading: ".
Dark Reading
Users Have Risky Security Habits, but Security Pros Aren't Much Better
Researchers spot gaps in users' and IT practitioners' security habits, and between security tools and user preferences.
π΄ Researchers Fool Smart Car Camera with a 2-Inch Piece of Electrical Tape π΄
π Read
via "Dark Reading: ".
McAfee researchers say they were able to get a Tesla to autonomously accelerate by tricking its camera platform into misreading a speed-limit sign.π Read
via "Dark Reading: ".
Darkreading
Researchers Fool Smart Car Camera with a 2-Inch Piece of Electrical Tape
McAfee researchers say they were able to get a Tesla to autonomously accelerate by tricking its camera platform into misreading a speed-limit sign.
ATENTIONβΌ New - CVE-2013-2018
π Read
via "National Vulnerability Database".
Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors.π Read
via "National Vulnerability Database".
π Data privacy: What consumers want businesses to know π
π Read
via "Security on TechRepublic".
A new PwC report reveals what customers expect when it comes to expectations of privacy surrounding their data.π Read
via "Security on TechRepublic".
TechRepublic
Data privacy: What consumers want businesses to know
A new PwC report reveals what customers expect when it comes to expectations of privacy surrounding their data.
ATENTIONβΌ New - CVE-2014-3484
π Read
via "National Vulnerability Database".
Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-2629
π Read
via "National Vulnerability Database".
Multiple cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator account via an addnew action to admin/administrators_add.php; or (2) conduct cross-site scripting (XSS) attacks via the page_title parameter to admin/content_pages_edit.php; the (3) category_name[] parameter to admin/products_category.php; the (4) site_name, (5) seo_title, or (6) meta_keywords parameter to admin/settings_siteinfo.php; the (7) company_name, (8) address1, (9) address2, (10) city, (11) state, (12) country, (13) author_first_name, (14) author_last_name, (15) author_email, (16) contact_first_name, (17) contact_last_name, (18) contact_email, (19) general_email, (20) general_phone, (21) general_fax, (22) sales_email, (23) sales_phone, (24) support_email, or (25) support_phone parameter to admin/settings_company.php; or the (26) system_email, (27) sender_name, (28) smtp_server, (29) smtp_username, (30) smtp_password, or (31) order_notice_email parameter to admin/settings_email.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-2498
π Read
via "National Vulnerability Database".
The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.π Read
via "National Vulnerability Database".
β Ring makes 2FA mandatory to keep hackers out of your doorbell account β
π Read
via "Naked Security".
Amazon is following Google's lead by forcing all users to use two-factor authentication when logging into their Ring accounts.π Read
via "Naked Security".
Naked Security
Ring makes 2FA mandatory to keep hackers out of your doorbell account
Amazon is following Googleβs lead by forcing all users to use two-factor authentication when logging into their Ring accounts.
β Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles β
π Read
via "Naked Security".
Firefox version 73 has only been out for a week but already Mozilla has had to update it to v73.0.1 to fix a range of browser problems.π Read
via "Naked Security".
Naked Security
Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles
Firefox version 73 has only been out for a week but already Mozilla has had to update it to v73.0.1 to fix a range of browser problems.
β MGM Grand Breach Leaked Details of 10.6 Million Guests Last Summer β
π Read
via "Threatpost".
This week a hacking forum posted data from the breachβwhich included personal and contact details for celebrities, tech CEOs, government officials and employees at large tech companies.π Read
via "Threatpost".
Threat Post
MGM Grand Breach Leaked Details of 10.6 Million Guests Last Summer
This week a hacking forum posted data from the breachβwhich included personal and contact details for celebrities, tech CEOs, government officials and employees at large tech companies.