An improper authorization in the receiver component of Email.Product: AndroidVersions: Android SoCAndroid ID: A-149813048π Read
via "National Vulnerability Database".
π‘ Cybersecurity & Privacy news π‘
An improper authorization in the receiver component of Email.Product: AndroidVersions: Android SoCAndroid ID: A-149813048An improper authorization in the receiver component of the Android Suite Daemon.Product: AndroidVersions: Android SoCAndroid ID: A-149813448An improper authorization while processing the provisioning data.Product: AndroidVersions: Android SoCAndroid ID: A-149866855In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-137015265Microsoft is the latest browser vendor to join the encrypted DNS club by supporting DNS over HTTPS in Windows 10.The agencies say it's vital to prioritize patching. Otherwise, we're making it easy for attackers who don't have to work at finding 0 days.Google Search uses open redirects by design, which is handy if you're a scammer trying to hide an iffy-looking URL.Paying ransom to cybercriminals costs companies hit with ransomware attacks more than recovering data on their own, according to a new research.In this episode Mark discusses government encryption, Duck tells us why turning your computer off is a cool idea and Greg regales us with his reply all woes. Host Anna Brading is joined by Sophos experts Mark Stockley, Paul Ducklin, Greg Iddon and Producer Alice Duckett. Listen now! LISTEN NOW Click-and-drag on the soundwaves below [β¦]A VPN is a step in the right direction, but it's not the be-all and end-all when it comes to security and falls short in many ways.If you're the Nextcloud admin for your company or home office, you might want to restrict who has access to the ONLYOFFICE suite of tools. Jack Wallen shows you how.Spoofing government and health organizations, these templates help attackers create and customize their own phishing pages to exploit the COVID-19 pandemic, says Proofpoint.Quantum encryption, which has been touted as "unhackable," debuts with Samsung, SK Telecom in a world's first.A new threat group uses NSIS as an installer to target industrial companies with revolving payloads, including LokiBot, FormBook, BetaBot, Agent Tesla and Netwire.ChatBooks suffers a data breach, the Texas court system disables its network following a ransomware attack, and the FBI issues a security warning to healthcare organizations - catch up on the week's news with the Friday Five.Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file.A new study of publicly reported data shows the average person experienced a breach every three months last year.Threatpost editors discuss recent ransomware attacks and contact-tracing app privacy concerns.Microsoft's COVID-19 intelligence will be made publicly available to help businesses fight virus-related security threats.Ready-made website templates make it simple for criminals to create fake government and NGO websites for COVID-19-related phishing campaigns.A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Subrion CMS 4.2.1 that allows a remote attacker to remove files on the server without a victim's knowledge, by enticing an authenticated user to visit an attacker's web page. The application fails to validate the CSRF token for a GET request. An attacker can craft a panel/uploads/read.json?cmd=rm URL (removing this token) and send it to the victim.An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page. A remote attacker can inject arbitrary JavaScript code in the v[language_switch] parameter (within multipart/form-data), which is reflected back within a user's browser without proper output encoding.An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted image file. NOTE: this may be related to the SDL_Image product.An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested. Versions through 6.12b01 have weak root credentials, allowing an attacker to gain remote root access. After 6.12b01, the root credentials were changed but the telnet service can still be started without authorization.Sometimes admins need to be able to test a web-based solution before deciding it's worth using. When that software requires SSL, you can enable a snake-oil SSL key for testing purposes.Sometimes admins need to be able to test a web-based solution before deciding it's worth using. When that software requires SSL, you can enable a snake oil SSL key for testing purposes.Incident comes amid US warnings about Chinese cybergroups targeting organizations involved in COVID-19-related research.The fast-moving botnet has added an exploit for an unpatched bug in an unsupported version of the security gateway.Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an attacker to create a crafted directory name on a victim's device. However, a crafted directory name can occur if a victim extracts a ZIP archive that was provided by an attacker.An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code (that accesses a user's data) via cross-origin requests.In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1" headers.In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server.An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. The requested URL is improperly displayed on the About page in the default configuration of the web server and its administrator panel. The XSS in the administrator panel can be used to reconfigure the server and execute arbitrary commands.An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c.From DHL delivery phishes to the top 10 most exploited bugs - and everything in between. It's weekly roundup time.Admins working with Microsoft Azure beware: phishers are updating their assets to reflect changes on the company's cloud-based login screen.Commentary: Developers are finally taking on more of an operational role, but they still aren't getting involved enough in security.With millions of employees now attempting to work from home, it's vital to challenge misconceptions about cybersecurity.The government can keep on surveilling your online life without a warrant. An amendment to ban it failed by just one vote.A bug introduced in an iOS software update on the Edison Mail app allowed emails to be viewed by strangers.nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.These days, "What does this malware do?" is the question that has dozens of possible answers... here's how and why.If you use the Nextcloud mobile app, you'll want to password protect it to ensure you don't leave your sensitive data open for anyone to see.Officials say "there can be no assurance" Forescout and Advent International will reach an agreement, though talks are ongoing.An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x81112ee0 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0. The vulnerable driver exposes a wrmsr instruction and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.A Reflected XSS was found in the server selection box inside the login page at: enginemanager/loginfailed.html in Wowza Streaming Engine <= 4.x.x.An arbitrary file download was found in the "Download Log" functionality of Wowza Streaming Engine <= 4.x.xProLock is relatively new, but already the ransomware is making waves by using QakBot infections to access networks, gain persistence and avoid detection.Ireland's data protection commission confirmed last week it planned to fine a state agency β¬75,000 for violating the General Data Protection Regulation, or GDPR.Fleeceware is an important cybersecurity threat to be aware of. Tom Merritt offers five things you should know fleeceware apps.Fleeceware is an important cybersecurity threat to be aware of. Tom Merritt offers five things you should know fleeceware apps.A group of four people calling themselves "Pentaguard" were arrested in house raids.In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.Denial of Service (DoS), ransomware, and financially-motivated data breaches were the winners in this year's Verizon DBIR.Increases in hacking, phishing, and cloud-based attacks have been even more prevalent with the influx of remote work, Verizon found.Many on the dark web are expressing the same thoughts and fears about COVID-19 as everyone else, while others are looking for ways to profit from it, says Trustwave.The attack discovered by Cofense can steal sensitive user data stored on the cloud as well as find other victims to target.The attackers behind the REvil ransomware family has also threatened to release personal data on Madonna and other celebrities to the highest bidders.Yet, less than half believe their business has an effective cybersecurity strategy in place, according to a Forcepoint survey.Security isn't about tools or technology; it's about establishing a broad, fundamental awareness and sense of responsibility among all employees.Mozilla is fixing a longstanding password problem to alert users when their password exceeds the maximum length allowed.The FBI nabbed "Plinofficial" when he arrived at Miami airport carrying $20K cash, allegedly made off of the defunct, fraud-fav exchange.nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.A critical remote code execution flaw in Adobe Character Animator was fixed in an out-of-band Tuesday patch.Learn to secure multiple documents by encrypting compressed files on various OSes using a password.Job experience and degrees outside of the cybersecurity or IT world can provide invaluable diversity of thinking and problem-solving.A host of unpatched security bugs that allow BIAS attacks affects Bluetooth chips from Apple, Intel, Qualcomm, Samsung and others.More than 2,000 customers also had credit card information taken in the attack.Researchers link the malware to Wolf Research operators with "high confidence" after it was spotted in campaigns targeting Thai users.Apple's efforts to overcome the limitations of Bluetooth is a proprietary system called MagicPairing, but there are flaws in the magic.The pandemic has changed how we get work done. Now, data security must catch up.Verizon's annual data breach report shows most attackers are external, money remains their top motivator, and web applications and unsecured cloud storage are hot targets.The vacation-centric airline is warning victims about social-engineering attacks.The Verizon Business 2020 Data Breach Investigations Report analyzed more than 32,000 incidents.PHP and JavaScript developers need to pay close attention because different languages and frameworks have different rates of vulnerability, research finds.Nearly a quarter of endpoints still run Windows 7, even though support and security patches have ended.The Chrome browser will tell users if their browser is up to date, malicious extensions are installed, and/or a password has been compromised.The line between browsers and password managers keeps blurring. Firefox and Chrome recently incorporated new ways for users to tell if passwords theyβre using are compromised.Available online classes include ways to upgrade your resume, add to current skills, or land a better job.The FBI has warned ecommerce sites about attacks targeting a more than three-year-old flaw in the Magmi mass importer.In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.The FBI's Apple problem.Video Insight VMS 7.5 and earlier allows remote attackers to conduct code injection attacks via unspecified vectors.Itβs not clear how many accounts were involved, but Microsoft is said to have made URLs and metadata available so admins can investigate.These postings provide cybercriminals with the information needed to hack into networks where they can infect critical machines with malware, according to Positive Technologies.The threat actor known as βSanixβ had terabytes of stolen credentials at his residence, authorities said.Problems are everywhere, but most fixes are easy to find and implement, according to a Veracode report that analyzed .Enterprises need to recognize that remote access and other pandemic-related security challenges cannot be fixed with buzzwords or silver-bullet security tools.Threatpost talks to Verizon DBIR co-author Gabriel Bassett about the top takeaways from this year's Data Breach Investigations Report.As COVID-19-themed spam rises, phishing-not so much. An analysis of newly registered domains finds that only 2.4% are actually phishing sites aiming to steal credentials.LogMeIn is the parent company of LastPass, so attackers may also be attempting to access the password managers of compromised users, says Abnormal Security.With more people working from home, cybercrimes skyrocketed, forcing companies to rethink tech budgets, LearnBonds found.Adjusting to remote work has created many opportunities and challenges in business and IT.A new security advisory addresses a vulnerability that could be exploited to cause a denial-of-service attack.A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host. This is caused by a missing validity check of the descriptor address in the function `virtio_dev_rx_batch_packed()`.Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.These charts aren't "horrible" because of their coronavirus data - they're horrible because they could let criminals conquer your computer.The hackers claim the high-profile law firm where the files originated has refused to pay their ransom.The business email compromise (BEC) gang Scattered Canary has filed more than 200 fraudulent claims for unemployment benefits and for COVID-19 relief funds.The operators behind the Toll Group attack are taking applications for technically advanced partners.Why making every front-end developer a DevSecOps expert will lead to a more holistic approach to web and native application security.In contrast, Q1 2019 saw more interest in selling and buying access to individual servers.The sudo system is about to undergo some radical changes. Find out how to begin working with the new policy system, to make sudo even more powerful.Researchers shows most "flight-risk" employees planning to leave an organization tend to start stealing data two to eight weeks before they go.The number of data breaches for financial gain are up, so are cloud-based data attacks, while cyber-espionage is down, according to the annual report.The long debate over whether encryption and anonymity shield too much criminal behavior also has staged a resurgence.Cyberattacks against hospitals and medical facilities have risen this year, often via ransomware and social engineering exploits, says IntSights.This week sees the early arrival of Chrome 83 with a longer list of new security features than originally planned.Cybercriminals are taking advantage of the Google name and the cloud to convince victims into handing over their login details.Cybercriminals are hunting out victims' Office 365 credentials -- by dishing out Supreme court "summons" in a phishing attack.US states are being flooded by fraudulent unemployment applications in a scam run by a sophisticated cybergang.Vulnerabilities in the Bluetooth authentication process give attackers a way to insert rogue devices between two securely paired devices, academic researchers find.Looks as though at least one of these patches was supposed to come out a week ago but ended up delayed until now...This week we discuss a customer who went to Subway for a sandwich and left with a stalker, demon printers and the things you should patch now. I host the show this week with Sophos experts Mark Stockley, Paul Ducklin and Greg Iddon. Listen now! LISTEN NOW Click-and-drag on the soundwaves below to skip to [β¦]With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That's a big mistake.The malware-as-a-service is advanced, obfuscated and modular -- and built for mass campaigns.Cisco has fixed a critical remote code-execution flaw in its popular customer interaction management solution.Stolen in a recent breach, the names, email addresses, encrypted passwords, and other data of Home Chef customers are being sold on the Dark Web.Working remotely presents key security challenges, but employees may actually be following security rules more carefully when working from home, says 1Password.Many infosec conferences are going virtual in 2020 due to the COVID-19 pandemic. Is your favorite conference going virtual? Check out our list of events and update your calendar!By committing to independent testing to determine value, vendors will ensure that their products do what they say they do.A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remote code execution.Looking for niche anomalies in an automated way with AI and machine learning is the future.The shift of moving telecommunications networks toward more commercial networking equipment and systems also expanded their attack surface.Some 8 million of the meal delivery company's customer records have been offered for sale on the Dark Web.The economic impact of bot traffic can be unexpectedly substantial, a PerimeterX-commissioned study finds.Cross-site scripting has been around longer than most security professionals have been on the job. Why is it still such an issue when we've known about it for so long?Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built.A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1058, CVE-2020-1060, CVE-2020-1093.A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1126, CVE-2020-1136, CVE-2020-1150.A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1102.A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1024, CVE-2020-1102.An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088.An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1068, CVE-2020-1079.An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1141, CVE-2020-1145, CVE-2020-1179.A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to properly handle these network packets., aka 'Windows Hyper-V Denial of Service Vulnerability'.A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account.Gila CMS before 1.11.6 has reflected XSS via the admin/content/postcategory id parameter, which is mishandled for g_preview_theme.Jodd before 5.0.4 performs Deserialization of Untrusted JSON Data when setClassMetadataName is set.Mobile security experts share their go-to advice for protecting iPhones from hackers, thieves, and fraudsters.The first phase of Apple and Google's contact tracing framework allows public health authorities across the world to connect their apps with data that could help them identify people at risk from coronavirus.Government and air transportation companies in Kuwait and Saudi Arabia were targeted in a recent attack tracked back to the Chafer APT.nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.An investigation traces an NSO Group-controlled IP address to a fake Facebook security portal.Scattered Canary has siphoned over $4 million in unemployment benefits and federal funding through a variety of scams, according to the Secret Service and the cybersecurity company Agari.The meal-kit company's customer records were leaked as part of the Shiny Hunters breach.Attackers used malicious Excel 4.0 documents to spread the weaponized NetSupport RAT in a spear-phishing campaign.Signal decouples its secure messaging service from your phone number - a bit.In a recent attack, Ragnar Locker ransomware was seen encrypting victim's files while shielded from security software inside a virtual machine.Phishing ratings, security ratings, human-ness ratings -- we are looking at a future filled with grades of security and trustworthiness. But there is a downside.Have a hard time coming up with the answers to these puzzle questions? We know a great place to look for more clues...Cloud-based API service stores and manages sensitive consumer data with a zero-trust, database-as-a service approach.The European Parliament suffers a cyber-attack, ransomware gang threatens to leak celebrities' information, and Microsoft warns of a COVID-19 themed phishing campaign - catch up on the week's news with the Friday Five.E-commerce is on the rise, and digital transformation for businesses must be a top priority in the coronavirus era, according to a new report. Here are the three takeaways.Results from separate studies by Checkmarx and ExpressVPN reveal consumers won't easily share their personal information with tracing apps due to concern for misuse.With stolen credentials an easy find online, what are some measures to put in place to keep hackers from breaking into secure accounts?Find out how G Suite and Google Meet help employees and students work and study at home, and why encryption is key.From virtual machine ransomware to changes in Signal secure messaging - and everything in between. It's your weekly roundup time.Watch this new video from our YouTube channel - the dark web explained without jargon or judgment.A lack of awareness about where and how open-source libraries are being used is problematic, researchers say.Even seeing data breaches in the news, more than half of consumers are still reusing passwords.Akamai's CTO discusses why machine learning and cloud are important when it comes to security breaches, IoT-related attacks, and credential stuffing.Akamai's CTO discusses why machine learning and cloud are important when it comes to security breaches, IoT-related attacks, and credential stuffing.Learn what a bot is, the spectrum of ways bots are used online (especially in social media), and how bots might be used in the next election cycle.Learn what a bot is, the spectrum of ways bots are used online (especially in social media), and how bots might be used in the next election cycle.Akamai CTO Patrick Sullivan explains how bots affect pricing and availability for various retail items. He also offers consumers advice on protecting themselves from fraud.Looking for a way to gain a bit more security and privacy for your SSH connections? Jack Wallen shows you how with the help of Tor.Latest version of UnC0ver uses unpatched zero-day exploit to take complete control of devices, even those running iOS 13.5.Any notion that AI is going to solve the cyber skills crisis is very wide of the mark. Here's why.A new document from Zoom illustrates how the company hopes to beef up the security and privacy of its virtual meeting platform.I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.Docker has fixed a vulnerability that could have allowed an attacker to gain control of a Windows system using its service.An updated version of the ComRAT malware was discovered in attacks on governmental targets.7 internet giants, including Mozilla, Reddit and Twitter, asked the House to do what the Senate narrowly missed doing: protect browsing history.Appleβs latest iOS versions have only been out for a week, but there's already a jailbreak available.Modern web applications make significant use of third-party code to drive innovation, but the software supply chain has also turned into a major source of threat. CDNs aim to change that.The global call to end cybercrime targeting healthcare facilities has been signed by government leaders and Nobel laureates.The CEO and co-founder of eponymously named security vendor has launched a new travel accelerator program amid the COVID-19 crisis.Akamai CTO Patrick Sullivan explains how bots affect pricing and availability for various retail items. He also offers consumers advice on protecting themselves from fraud.A cyber range is an irreplaceable tool that allows cybersecurity professionals to improve their response capabilities as well as their ability to identify risks.Even prior to the COVID-19 pandemic, ransomware attacks were on the rise and becoming more expensive. Now your organization has fallen victim and is going to pay. Here's how to handle it.Bryson Bort, founder and CEO of cybersecurity company SCYTHE, fears "death by a thousand paper cuts" more than than a digital apocalypse. He also shares his views on how well cyber-deterrence works.Bryson Bort, founder and CEO of cybersecurity company SCYTHE, fears "death by a thousand paper cuts" more than than a digital apocalypse. He also shares his views on how well cyber-deterrence works.a malicious app installed on a device can hide behind legitimate apps.The latest version of ComRAT is another sign of the threat actor's continued focus on targets in the government, military, and other sectors.Most Americans say they're very concerned about online security but still behave in insecure ways, according to a new survey.The vulnerability, which exists in almost every version of Android, is both more dangerous and harder to detect than its predecessor.An issue was discovered in Aviatrix Controller before 5.4.1204. An API call on the web interface lacked a session token check to control access, leading to CSRF.An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetNetControlList list parameter for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/saveParentControlInfo deviceId and time parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/setcfm funcpara1 parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetSpeedWan speed_dir parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/addressNat entrys and mitInterface parameters for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/openSchedWifi schedStartTime and schedEndTime parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because safe_load is not used.Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0.Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76.Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76.The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76.Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the homedir path. This flaw allows an attacker to leverage this issue by creating a symlink point to a target folder, which then has its ownership transferred to the new home directory's unprivileged user.The dogfood version of the recently updated app shows multiple references to encryption for RCS, the feature-rich successor to SMS messaging.How many vulnerabilities lurk inside the open source libraries that todayβs developers happily borrow to build their applications?A new report from Bitglass examines how businesses adjusted to the shift from offices to working from home; 84% support remote work, but are ill-equipped to keep data secure.Attackers are increasingly hitting collaboration services such as Microsoft 365 to access cloud accounts with stolen credentials, says McAfee.Attendees can look forward to the same high-quality Briefings and Trainings from the comfort of their own desk.Passwords and other credentials have been listed on Have I Been Pwned as attack rumors circulate.Without the luxury of an IT security team to help them after a breach or credit card compromise, consumers will want to keep these tips in mind.How to protect anyone and anything, from the perspective of a career Secret Service agent and former special operations marine.In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. Additionally, when the product is installed, two scheduled tasks are created on the machine, SDMsgUpdate (Local) and SDMsgUpdate (TE). The scheduled tasks run in the context of the user who installed the product. Both scheduled tasks attempt to run the same binary, C:\SmartDraw 2020\Messages\SDNotify.exe. The folder Messages doesn't exist by default and (by extension) neither does SDNotify.exe. Due to the weak folder permissions, these can be created by any user. A malicious actor can therefore create a malicious SDNotify.exe binary, and have it automatically run, whenever the user who installed the product logs on to the machine. The malicious SDNotify.exe could, for example, create a new local administrator account on the machine.An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75.Even prior to the COVID-19 pandemic, ransomware attacks were on the rise and becoming more expensive. Now your, um, friend's organization has fallen victim and is going to pay. Here's how they should handle it.The COVID-19 pandemic has forced some countries to consider delaying data protection law implementation.Apple's current round of updates have been officially anounced in the company's latest Security Advisory emails.PonyFinal is deployed in human-operated ransomware attacks, in which adversaries tailor their techniques based on knowledge of a target system.This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.Firmware for the ChameleonMini RevE rebooted device. It compiles without errors or warnings and gives you more or less the same functionality as the stock firmware. This version compiles and gives you the same functionality (and more) as the original Chameleon Mini rebooted GUI.sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.The new malware family was seen pretending to be an official Italian app, called Immuni.The European Union has given some organizations more breathing room to remedy violations, yet no one should think regulators are planning to abandon the privacy legislation in the face of COVID-19.The credential is a commodity and will continue to be breached. As a result, focus and spending must shift toward the access that the credentials provide.Developed nations have higher incomes, technology, urbanization, and digitalization, which are all factors for greater cyber risk, says VPN provider NordVPN.Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget.Centreon before 19.10.7 exposes Session IDs in server responses.An anti-phishing firm discovered that most of the malicious coronavirus emails were coming from the United States.The bug-hunting platform has now paid more than $100 million in bounties since October 2013.A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat.Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.The FBI on Wednesday shared details around a recent $1 billion trade secret theft case and reminded companies to report suspected crimes like trade secret theft.Sympa before 6.2.56 allows privilege escalation.The latest campaign spread malware via pirate gaming portals.A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir publish and aegir build may leak secrets from environment variables in the browser bundle published to npm. This has been fixed in 21.10.1.Malware and related files show that ransomware operators don't need a cutting-edge arsenal to be effective.In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. The image analysis operation can only be executed by an authenticated user via a valid API request to anchore engine, or if an already added image that anchore is monitoring has its manifest altered to exploit the same flaw. A successful attack can be used to execute commands that run in the analyzer environment, with the same permissions as the user that anchore engine is run as - including access to the credentials that Engine uses to access its own database which have read-write ability, as well as access to the running engien analyzer service environment. By default Anchore Engine is released and deployed as a container where the user is non-root, but if users run Engine directly or explicitly set the user to 'root' then that level of access may be gained in the execution environment where Engine runs. This issue is fixed in version 0.7.1.A critical security flaw in Android could be used by attackers to βassume the identityβ of legitimate apps in order to carry out on-device phishing attacks, say researchers.Hackers are trying to sell 26 million LiveJournal account credentials following a reported data breach that happened years ago.The emails spoof an automated notification from AWS to try to capture Amazon account credentials, according to Abnormal Security.A survey of IT pros and top execs found that IT is worried about the lax attitude their bosses have toward security.92% of Americans say they care about online safety and data privacy, yet a new report from iProov showed 44% polled shared passwords and mobile devices with their partners.Scammers are increasingly exploiting file sharing sites such as Google Docs and Microsoft Sway to steal user credentials, according to Barracuda Networks.Roberto Escobar says a FaceTime eavesdropping bug led to his address being leaked, assassination threats, and being forced into hiding.Phishing campaigns targeting enterprises in U.S. and Germany have been used to nab enterprise mailing info, passwords and certificates.The latest Naked Security podcast is out now!There is no silver bullet for cybersecurity. It takes the right people, with the right mindset, applying the right elements of good security from the data center to the SOC.VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices.testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. For example, this affects IT9388-HT devices.Ransomware's changed a lot over the years - here's a peek into a criminal gang's current toolbox...With nearly everyone these days working from home, how has the COVID-19 crisis impacted the risk of sensitive data loss?Though hacktivism can sometimes stem from a legitimate cause, one person couldn't resist turning to true cybercrime, according to Check Point Research.Microsoft has warned on a new breed of patient ransomware attacks that lurk in networks for weeks before striking.Two new reports suggest a massive gap between how organizations have prepared their cybersecurity defenses and the reality of their efficacy.Attackers are preying on users' inclination to click on familiar-looking websites, but instead trick them into sharing usernames and passwords.Even with more security issues published on Patch Tuesdays, the total number of software flaws dropped for the first three months of 2020, according to one tally.Protecting your Linux servers against SYN attacks and IP spoofing isn't nearly as hard you think. Jack Wallen shows you how.In QEMU 4.2.0, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.In QEMU 4.2.0, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).The lawsuit, filed against Google by Arizona's Attorney General, alleges that the tech giant uses βdeceptive and unfair conductβ to obtain usersβ location data.Small and midsize businesses are better at cyber resilience than you might think.The Russian military group has been exploiting a flaw in the Exim mail transfer agent since last August, the NSA reports.If you use Bitwarden as your password manager of choice, you owe it to yourself to enable two-factor authentication.Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P.node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1.Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabilities.Once considered a loader for other malware, Valak regularly conducts reconnaissance and steals information and credentials, new analysis shows.Opsec mistakes lead a Check Point researcher to an individual in Brazil who was behind a longtime hacking campaign.Octopus Scanner is a new malware used to compromise 26 open source projects in a massive GitHub supply chain attack.The DDoS group sets itself apart by using exploits -- but it doesn't always pan out.In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1.An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4.MacOS isn't immune from malware. Being prepared means understanding the nature of the worst threats a security team is likely to see attacking Macs in the enterprise.Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe.Maps, weather, searches et al. suck up location data in the background, even if Tracking is turned off. Arizona says it's consumer fraud.Windows 10 release 2004 is out, with a slew of new features, including several updates to its security and privacy.COVID-19 testing kits, Hydroxychloroquine and PPE - it's all for sale on the dark web.Watchdog group said company has violated the Illinois BIPA and βwill end privacy as we know itβ without intervention.The acquisition is Zscaler's second major buy this quarter.Google TAG report reveals that "hack for hire" firms are tapping into the coronavirus pandemic via WHO phishing lures.Today is a perfect day for a security breach.Physical distancing has blunted a virus's impact; the same idea can be applied to computers and networks to minimize breaches, attacks, and infections.The malicious campaign is aimed at people in general in an effort to grab their email addresses and passwords, says Abnormal Security.Clearview AI, the company that's scraped billions of images to build a facial recognition system, is getting sued again.The Russian spy group, a.k.a. BlackEnergy, is actively compromising Exim mail servers via a critical security vulnerability.Attackers managed to compromise NTT Communicationβs Active Directory server and a construction information management server.Security concerns remain prominent across all network environments, with some unique to the network edge, SDN, and other services. Get some tips from industry insiders.The patches came after Cisco was notified by the Salt Open Core team that the vulnerabilities and updates were available.Mobile providers don't often update users when applications are not supported by developers, security firm says.The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077.In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.In the digital age, paper files--even those containing sensitive information--are not usually considered as high a security risk. Experts say that's a mistake.Ongoing spear-phishing attacks aim at stolen Windows credentials for ICS suppliers worldwide.The incident occurred when Paycheck Protection Program applications were uploaded to a test platform and accidentally shared.Costa Rica's state bank deals with hackers, North Dakota's contact tracing app causes controversy, Google issues warnings of government-backed attackers - catch up on all the week's news with the Friday Five.In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot upgrade to the patched version, a workaround is to disable sound for the session. This has been patched in 2.1.0.In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0.In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the server can manipulate the client to write data out of bound to the previously allocated buffer. This has been patched in 2.1.0.In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0.Zero trust means rethinking the safety of every bit of tech on a network. Learn five steps to building a zero trust environment.People, like computers, can be hacked using a process called social engineering, and there's a good chance a cybersecurity attack on your organization could start with this technique.In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0.In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0.In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.From iPhone jailbreaks to questions about the dark web, and everything in between. It's weekly roundup time!Hopefully it's a COVID-19 version of what it did post-2016 elections, when it required verification of those buying political or issue ads.GitHub has uncovered a form of malware that spreads via infected repositories on its system.Without the right tools and with not enough cybersecurity pros to fill the void, the talent gap will continue to widen.Schools, paying customers and potentially high-risk users could be offered stronger encryption for video meetings under new plans being explored by Zoom.Are you concerned someone might intercept your newly-purchased mobile device during transit and do bad things with it? Purism is aware this happens and takes a lo-fi approach to the problem.Database of sensitive info, including emails and passwords, from owners of Danielβs Hosting portals could be incriminating.A bug bounty hunter found a way to login using "Sign in with Apple"... but without the part where you have to put in a password.Troy Hunt said that the supposed data breach perpetrated by Anonymous is most likely a hoax.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.Apple has fixed a critical flaw in its Sign in with Apple feature, which could have been abused by attackers to takeover victims' third-party applications.sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.The Sandworm group -- behind disinformation and election-hacking campaigns and responsible for a 2016 power outage in the Ukraine -- is now targeting e-mail servers.system/classes/DbPDO.php in Cmfive through 2015-03-15, when database connectivity malfunctions, allows remote attackers to obtain sensitive information (username and password) via any request, such as a password reset request.admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and password fields.Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.php?page=config install_name, intro_message, or new_file_content parameter.Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter.Lexiglot through 2014-11-20 allows CSRF.Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin.php?page=history&limit= URI.Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (names and details of projects) by visiting the /update.log URI.Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path) via an include/smarty/plugins/modifier.date_format.php request if PHP has a non-recommended configuration that produces warning messages.Lexiglot through 2014-11-20 allows local users to obtain sensitive information by listing a process because the username and password are on the command line.Lexiglot through 2014-11-20 allows denial of service because api/update.php launches svn update operations that use a great deal of resources.FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbitrary data to fsUI.xyz via fsSaveUIPersistence.php.FarLinX X25 Gateway through 2014-09-25 allows directory traversal via the log-handling feature.FarLinX X25 Gateway through 2014-09-25 allows command injection via shell metacharacters to sysSaveMonitorData.php, fsx25MonProxy.php, syseditdate.php, iframeupload.php, or sysRestoreX25Cplt.php.A ransomware incident analyzed by IBM X-Force shows that the attacker wouldn't have been able to decrypt the data, even if the ransom was paid.Research details vulnerabilities in the Zephyr Real Time Operating Systems and MCUboot, both used in IoT devices and sensors.The campaign impersonates Zoom emails, but steals the Microsoft account credentials of its victims, says security firm Abnormal Security.According to a Tessian survey, data protection concerns go out the window for remote employees.Apple has fixed a flaw in the "Sign in with Apple" feature that could have enabled attackers to break into user accounts for third-party services.Over 7 million records exposed, according to vpnMentor, but app maker says there is no sign of malicious use.The UK's National Crime Agency has hit on a simple way to stop teens from being sucked into cybercrime β using Google Ads.Some 7,600 dark-web sites were obliterated in an attack on the most popular provider of .onion free hosting services, Daniel's Hosting.DivvyCloud discusses the changing nature of identity access management (IAM) - and what kind of challenges and opportunities that is creating for businesses.The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the "Uncover" jailbreak tool released last week.How banks can maintain security and data integrity in the middle of a pandemic.BEC scams accounted for half of all cybercrime losses in the US in 2019, according to Check Point Research.For now, security teams face freezes in projects and hiring - and budget cuts, security industry analysts say.At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain.The acquisition brings three new products into Thycotic's privileged access management lineup.This year could see the second-highest value in cryptocurrency crimes recorded, with coronavirus-themed attacks contributing to growth, CipherTrace found.Cisco has patched a high-severity flaw that could lead to denial-of-service attacks on its Nexus switch lineup.If you're getting TLS connection errors that suddenly started this weekend, a tired old encryption library might be the problem.Google and Qualcomm both addressed significant vulnerabilities in their June updates.Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.A Lookout study found that organizations could lose millions through the growing number of unmitigated mobile phishing attacks.The MailPoet plugin before 3.23.2 for WordPress allows remote attackers to inject arbitrary web script or HTML using extra parameters in the URL (Reflective Server-Side XSS).Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.Grafana 5.3.1 has XSS via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.In an advisory last week, the NSA warned that a flaw in the Exim mail transfer agent (MTA) has been exploited by Russian cyber military actors since last August.The breach exposed usernames and passwords of an undisclosed number of program members.Understaffed and under fire, companies fail to report cybercrimes even when they are legally obligated to notify authorities, results of a new survey show.Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.Insider cyber threats are always an issue during layoffs -- but with record numbers of home office workers heading for the unemployment line, it's never been harder to maintain cybersecurity during offboarding.Full backup copies of website, including all user data, was exposed for 2,700 JRD users.We're absolutely delighted - delighted and proud! - to report that we won not one but two awards at last night's European Security Blogger Awards 2020.Cybersecurity, remote IT troubleshooting and cloud support will be the most sought-after skills for businesses in the months following the COVID-19 pandemic, according to a survey of CIOs and tech executives.Here's how employees in the US, UK, France and Germany are putting systems at risk, according to CyberArk.Unauthorized access was the most common type of attack in 2019, and it was responsible for 40% of all data breaches, says ForgeRock.Increase of 37 percent from Q4 2019 to Q1 2020 attributed to creation of remote workforce due to COVID-19 stay-at-home orders.Security pros need to double down around prevention of lateral movement by attackers, especially if IoT devices are connected to the network.The US rail service hasn't disclosed the number of passengers affected in a 16 April breach.VMWareβs VMware Cloud Director has a security flaw that researchers believe could be exploited to compromise multiple customer accounts using the same cloud infrastructure.If you're the Nextcloud admin for your company or home office, you might want to restrict who has access to the ONLYOFFICE suite of tools. Jack Wallen shows you how.A privilege-escalation vulnerability patched in February by Microsoft continues to affect Exchange servers, with more than 80% of Internet-connected servers remaining vulnerable, one firm reports.Researchers warn of critical flaws in SAP's Sybase Adaptive Server Enterprise software.The stealthy backdoor is delivered via mass-market phishing emails that are well-crafted to appear convincing.How time flies - the latest four-weekly Firefox update is out.If you use the Nextcloud mobile app, you'll want to password protect it to ensure you don't leave your sensitive data open for anyone to see.Organizations that fail to comply with these rules can get hit with backbreaking fines and class-action lawsuits.The platform from Sensory helps people adapt to the COVID-19 world, providing a way to unlock devices without having to remove protective face coverings.A 30-year-old macro technology for Microsoft Excel is finding new popularity as a cybersecurity attack vector.A security researcher details how RobbinHood has changed and why it remains a threat for businesses to watch.Findings from the latest FISMA report are out and while the number of total cybersecurity incidents in 2019 were down, the federal government continues to face challenges mitigating basic security vulnerabilities.A phishing email claims to send the recipient to a VPN configuration page for home access but instead leads them to a credential-stealing site, said Abnormal Security.A proposed class-action lawsuit accuses Google of collecting browser data from people who used "private" mode.An attack over the weekend unsuccessfully targeted 1.3 million WordPress websites, in attempts to download their configuration files and harvest database credentials.The newly discovered USBCulprit malware is part of the arsenal of an APT known as Cycldek, which targets government entities.Remote Access Trojans (RATs) can be the beginning of very bad things on your network or workstations.'USBCulprit' is one of several tools that suggest previously known Cycldek group is more dangerous than previous assumed, security vendor says.A OneLogin survey covered how employees are using work devices for a variety of other things.Insufficient policy enforcement in V8 in Google Chrome prior to 14.0.0.0 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.Researchers are warning of spear-phishing emails with CV lures that spread the ZLoader malware, which steals banking credentials from victims.Google has deleted an app from the Play Store that offered to delete Android software associated with China.Malicious files masquerading as curriculum vitae are being sent to businesses to install malware that can capture passwords and other sensitive information, says Check Point Research.Attackers hacked and encrypted the computers of a contractor whose clients include the US military, government agencies and major military contractors.The last thing cybersecurity executives and practitioners need are even more tools that are difficult to operate. Here's what they look for when assessing new tools.A $5 billion class-action lawsuit filed in a California federal court alleges that Google's Chrome incognito mode collects browser data without peopleβs knowledge or consent.Five skills to ensure job security in the Age of Automation.Looking to encrypt removable storage on macOS, but can't figure out how? Jack Wallen shows you the way to make this work.Aimed at SMBs, educational facilities, and software companies, the ransomware leverages Java to encrypt server-based files, according to BlackBerry and KPMG.A new report examines attacker methodologies to better understand how exploit testing is conducted in the wild.A new partnership with Dedrone has led to a platform that can instantly detect and notify security personnel of drones in sensitive airspace.Westech International provides maintenance for the Minuteman III nuclear-missile program and runs programs for multiple branches of the military.The end-to-end encryption feature will not be offered to free users, Zoom's CEO said, in case Zoom needed to comply with federal and local law enforcement.Apparently, some people consider their passwords "invincible", even after a data breach. Don't be those people.Business email compromise (BEC) attacks represent a small percentage of email attacks, but disproportionately represent the greatest financial risk.How data sharing, innovation, and regulatory standardization can make it easier for organizations to both contribute and consume critical threat intelligence.An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used.An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action.An issue was discovered in Foxit PhantomPDF before 8.3.6. It has an untrusted search path that allows a DLL to execute remote code.An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action.An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.An issue was discovered in Foxit Reader before 2.4.4. It has a NULL pointer dereference.An issue was discovered in Foxit E-mail advertising system before September 2018. It allows authentication bypass and information disclosure, related to Interspire Email Marketer.The campaigns have been part of the overall increase in coronavirus-related malware activity.In a new lawsuit, a candy bar company is alleging a former employee downloaded more than 6,000 files involving its trade secrets, strategies, and market insights, before leaving to join a competitor.Google TAG researchers warn that APTs are targeting campaign staffers for both Donald Trump and Joe Biden with phishing emails.To fly under the radar, the newly discovered ransomware is compiled into a Java image file format that's rarely used by developers.Researchers say Tycoon ransomware, which has targeted software and educational institutions, has a few traits they haven't seen before.Long-term business needs -- and the ethical implications that result -- don't simply go away just because we're navigating a global health crisis.A million sites attacked by 20,000 different computers.The latest Naked Security podcast is out now!A researcher found that phone numbers tied to WhatsApp accounts are indexed publicly on Google Search creating what he claims is a βprivacy issueβ for users.Ransomware hit small government organizations hard in 2019. Now they have to deal with budget cuts, pandemic precautions, social unrest, and the coming election cycle.Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.Threatpost editors discuss debunked reports of a Minneapolis police department breach and Zoom announcing only paying users would get end-to-end encryption.Kenenty Hwan Kim has pleaded guilty to swindling the appliance giant and other companies in a set of elaborate schemes.The city of Minneapolis hit with a DDoS attack, Zoom's new security policy causes social media uproar, and a wave of cyber-attacks target anti-racism sites - catch up on the week's news with the Friday Five.Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.Children's app developer HyperBeard must pay $150,000 after the FTC claimed it violated privacy laws.Users of Zeplin, a popular developer and designer collaboration system, have been hit with new waves of spear-phishing attacks in the last month.Allowing people to cast their ballots online to circumvent coronavirus-related health concerns introduces problems that we simply don't know how to manage, says the Purdue University professor and security leader.Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.The one cyber risk that governments are much better at controlling than we are is insider threats. Governments have been dealing with people threats for centuries and have powerful tools at their disposal for such investigations.Some people believe the CEO of a company hit by ransomware should pay a fine, resign, or even be sent to prison, says Veritas.DDoS attacks on VPN servers can not only bring remote work to a standstill but also cut off admins from accessing their systems. Here are three ways to stay safer.Security flaws in open source software have increased and can take a long time to be added to the National Vulnerability Database, says RiskSense.This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.OpenStego is a tool implemented in Java for generic steganography, with support for password-based encryption of the data. It supports plugins for various steganographic algorithms (currently, only Least Significant Bit algorithm is supported for images).The CFO of a small company that was the victim of a ransomware attack and reveals why they paid the ransom (in Bitcoin) to gain back control of their systems.More than 100 executives at a multinational company that's part of a German task force for creating coronavirus protective gear, were targeted in an ongoing phishing attack.The release of a PoC for the Windows flaw known as "SMBGhost" could set off cyberattack waves, CISA warned.The CFO of a small company that was the victim of a ransomware attack and reveals why they paid the ransom (in Bitcoin) to gain back control of their systems.Just when you thought a bad thing could get no worse...A study of major open source projects finds that 3.3% of vulnerabilities are exploited, but the rate of exploitation varies significantly.With CCPA enforcement on track for less than four weeks from now, Californiaβs AG sent his final proposed regulations for the law to be reviewed.While the agency experienced 1,468 incidents, its budget was decreased last year, according to a report by Atlas VPN.The retailer reports cybercriminals infected its online store and used a fraudulent form to steal shoppers' information.Some Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. The affected products and versions are: ALP-AL00B Versions earlier than 9.0.0.181(C00E87R2P20T8) ALP-L09 Versions earlier than 9.0.0.201(C432E4R1P9) ALP-L29 Versions earlier than 9.0.0.177(C185E2R1P12T8), Versions earlier than 9.0.0.195(C636E2R1P12) Anne-AL00 Versions earlier than 8.0.0.168(C00) BLA-AL00B Versions earlier than 9.0.0.181(C00E88R2P15T8) BLA-L09C Versions earlier than 9.0.0.177(C185E2R1P13T8), Versions earlier than 9.0.0.206(C432E4R1P11) BLA-L29C Versions earlier than 9.0.0.179(C576E2R1P7T8), Versions earlier than 9.0.0.194(C185E2R1P13), Versions earlier than 9.0.0.206(C432E4R1P11), Versions earlier than 9.0.0.210(C635E4R1P13) Berkeley-AL20 Versions earlier than 9.0.0.156(C00E156R2P14T8) Berkeley-L09 Versions earlier than 8.0.0.172(C432), Versions earlier than 8.0.0.173(C636) Emily-L29C Versions earlier than 9.0.0.159(C185E2R1P12T8), Versions earlier than 9.0.0.159(C461E2R1P11T8), Versions earlier than 9.0.0.160(C432E7R1P11T8), Versions earlier than 9.0.0.165(C605E2R1P12), Versions earlier than 9.0.0.168(C636E7R1P13T8), Versions earlier than 9.0.0.168(C782E3R1P11T8), Versions earlier than 9.0.0.196(C635E2R1P11T8) Figo-L03 Versions earlier than 9.1.0.130(C605E6R1P5T8) Figo-L21 Versions earlier than 9.1.0.130(C185E6R1P5T8), Versions earlier than 9.1.0.130(C635E6R1P5T8) Figo-L23 Versions earlier than 9.1.0.130(C605E6R1P5T8) Figo-L31 Versions earlier than 9.1.0.130(C432E8R1P5T8) Florida-L03 Versions earlier than 9.1.0.121(C605E5R1P1T8) Florida-L21 Versions earlier than 8.0.0.129(C605), Versions earlier than 8.0.0.131(C432), Versions earlier than 8.0.0.132(C185) Florida-L22 Versions earlier than 8.0.0.132(C636) Florida-L23 Versions earlier than 8.0.0.144(C605) HUAWEI P smart Versions earlier than 9.1.0.130(C185E6R1P5T8), Versions earlier than 9.1.0.130(C605E6R1P5T8) HUAWEI P smart, HUAWEI Y7s Versions earlier than 9.1.0.124(C636E6R1P5T8) HUAWEI P20 lite Versions earlier than 8.0.0.148(C635), Versions earlier than 8.0.0.155(C185), Versions earlier than 8.0.0.155(C605), Versions earlier than 8.0.0.156(C605), Versions earlier than 8.0.0.157(C432) HUAWEI nova 3e, HUAWEI P20 lite Versions earlier than 8.0.0.147(C461), Versions earlier than 8.0.0.148(ZAFC185), Versions earlier than 8.0.0.160(C185), Versions earlier than 8.0.0.160(C605), Versions earlier than 8.0.0.168(C432), Versions earlier than 8.0.0.172(C636) Honor View 10 Versions earlier than 9.0.0.202(C567E6R1P12T8) Leland-AL00A Versions earlier than 8.0.0.182(C00) Leland-L21A Versions earlier than 8.0.0.135(C185), Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L22A Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L22C Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L31A Versions earlier than 8.0.0.139(C432)Thousands have signed a petition that underscores data privacy issues with Singapore's newly announced contact-tracing wearable, in development.Google analysts report advanced persistent threat groups linked to China and Iran launched phishing attacks against the Biden and Trump campaigns.Unlike most crowdsourced vulnerability-hunting projects, this one is targeted at hardware defenses.Phishing is on the rise, ransomware continues to be a threat, and email exploits are more popular than ever. Here are the email security risks, and what you can do about them, in 2020.The Brave browser has provoked unhappiness among some of its users after being caught redirecting searches to affiliate links that earned it commission.Using nonwork authorized tech at home places company data at risk, especially since 23% of employees are unsure what security protocols exist on their devices, Morphisec found.A dramatic uptick in scams, counterfeiting, and hacking plague retail and e-commerce industries during the coronavirus crisis, as businesses try to define their new normal.A new SophosLabs report takes you inside a cryptomining gang.As the work-at-home environment continues to inform new ways of doing business, it's important that security teams remain flexible and ready for change.Embracing an "everyone is part of the security team" approach shifts DevOps to DevSecOps, according to a report from Cobalt.io.Thousands of journalists, advocacy groups and politicians worldwide were targeted by Dark Basin.The attack reportedly infected internal servers and forced Honda to halt production at plants around the world on Monday.Critical Adobe Flash Player and Framemaker flaws could enable arbitrary code execution.Facebook users will see notices labeling "state-controlled media", based on criteria such as funding, editorial independence, ownership structure and more.haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.The Dark Basin group behind thousands of phishing and malware attacks is likely an India-based "ethical hacking" firm that works on behalf of commercial clients.The FlowCloud modular remote-access trojan (RAT) has overlaps with the LookBack malware.Even with strong security measures, Internet voting is still vulnerable to abuse from state-sponsored actors and malicious insiders.The June Patch Tuesday update included CVEs for 11 critical remote code-execution vulnerabilities and concerning SMB bugs.Two years after it happened, the popular department store is electing to settle a class action data breach lawsuit that alleged the company failed to properly secure customer data online.The vulnerability was patched in March, but a new proof of concept raises the stakes for organizations that haven't yet updated their software."CallStranger" flaw in UPnP allows attackers to launch DDoS attacks and scan internal ports, security researcher says.The sudo system is about to undergo some radical changes. Find out how to begin working with the new policy system, to make sudo even more powerful.The June release of security updates addresses several remote code execution vulnerabilities in SharePoint, Excel, Windows OLE, and other services.Privilege escalation vulnerability in McAfee Total Protection (ToPS) for Mac OS prior to 4.6 allows local users to gain root privileges via incorrect protection of temporary files.DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder.Stop us if youβve heard this before but a researcher has uncovered a new security vulnerability affecting many devices running the Universal Plug and Play (UPnP) protocol.A heatlh care app user found 50 "consultation replay" videos in his personal profile - but they weren't his.Can you tell whether you're talking to a human or AI?The automaker's customer service and financial services are unavailable as it deals with an attack that experts believe is ransomware.New research shows that the vast majority of small and midsize leaders believe they expect, and can handle, the unexpectedβbut 16% don't even know their recovery time objective.Application downtime was the most significant side effect of a DNS attack, according to EfficientIP.Thanos is the first ransomware family to feature the weaponized RIPlace tactic, enabling it to bypass ransomware protections.The increasingly prevalent GuLoader malware has been traced back to a far-reaching encryption service that attempts to pass as above-board.While CISOs have been focused on immediate threats, it's time to look ahead to what a post-COVID-19 future will look like.Learn about cyber security, why it's important, and how to get started building a cyber security program in this installment of our Data Protection 101 series.IBM QRadar Network Packet Capture 7.3.0 - 7.3.3 Patch 1 and 7.4.0 GA does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 166803.Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.An annual survey of penetration testers finds that although machines can quickly find many classes of vulnerabilities, human analysts are still necessary to gauge the severity of discovered issues.WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need -- and secure it.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.Researchers find 12 Android applications disguised as official COVID-19 contact tracing apps installing malware onto devices.Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleIO or VxFlex OS backend storage driver, credentials for the entire backend are exposed in the ``connection_info`` element in all Block Storage v3 Attachments API calls containing that element. This flaw enables an end-user to create a volume, make an API call to show the attachment detail information, and retrieve a username and password that may be used to connect to another user's volume. Additionally, these credentials are valid for the ScaleIO or VxFlex OS Management API, should an attacker discover the Management API endpoint. Source: OpenStack projectTwo critical flaws in Intel AMT, which could enable privilege escalation, were patched along with 20 other bugs in its June security update.A rapid, disorganized shift to the cloud can open the door to data theft, ransomware, malware, and other cyberattacks, says IBM X-Force.The ICS/SCADA-focused malware is likely behind a duo of attacks this week, on Honda and a South American energy company, researchers said.Because remote workers' devices are all connected to a home network, they donβt even need to be attacked directly. Instead, attackers have multiple avenues of attack that can be exploited.In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic error. This could lead to local information disclosure of location data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-148180766In addOrUpdateNetworkInternal and related functions of WifiConfigManager.java, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150500247In addListener of RegionSamplingThread.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150904694In aes_cmac of aes_cmac.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-151155194In checkSystemLocationAccess of LocationAccessPolicy.java, there is a possible bypass of user profile isolation due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-151330809In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-150038428In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347In sendCaptureResult of Camera3OutputUtils.cpp, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-150944913** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.Employees aren't limiting use of their work computers to business purposes while working from home.But lull is unlikely to continue for long, some security experts say.Researchers left a poorly configured database open on the Internet to learn who would connect to it and what they would steal.Research examines the risks and design challenges of accounting for privacy threats in intimate relationships.Patch Tuesday was this week and software giant Microsoft released patches to fix 129 CVEs, 11 of which are rated critical.Multiple hijacked YouTube accounts impersonated Elon Musk's Space X channel in a Bitcoin scheme that ripped off a total of more than $163,000.COVID-19 has completely changed the work world, but many organizations have seemingly failed to realize that security risks are changing as well, a new report finds.The search giant is relying on artificial intelligence as threats that exploit COVID-19 increase in the UK, India, and Brazil.Unless we do something proactively, social engineering's impact is expected to keep getting worse as people's reliance on technology increases and as more of us are forced to work from home.Workers are not the only outside-the-perimeter security risk. Companies have a variety of vulnerable Internet-facing resources exposing their business to risk, study finds.If you're using an Apple mobile device manufactured since 2017, it has likely ditched Touch ID in favor of Face ID. Here's what you need to know about the latest Apple biometric security product.The Gamaredon group has ramped up activity in recent months and makes no effort to stay under the radar, researchers report.The apps have to balance the goal of greater accuracy vs. respecting the privacy of their users, according to Check Point Research.In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-120078455In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150949837In BnDrm::onTransact of IDrm.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146052771In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145136060In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139473816In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-151159638In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123292010In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123940919In AudioStream::decode of AudioGroup.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the phone process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140054506In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local code execution with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137878930In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140237592Contact tracing apps for the coronavirus are being developed and tested globally as the world starts to re-open. Are the apps worth using to flatten the curve? Or do data privacy worries trump public health?The email says it will let you have your say anonymously about Black Lives Matter.haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.Machine language-based endpoint security collaboration with SparkCognition is the latest move by Siemens in security.Time on your hands and looking to learn about web apps? Here's a list to get you started.With increased use, phony apps and banking trojans will try to steal account credentials, according to the FBI.DeepArmor Industrial, fortified by Siemens, increases operational visibility, improves malware detection, and provides protection across a company's fleet of industrial control systems and end points.Misconfigured dashboards are at the heart of a widespread XMRIG Monero-mining campaign.A handful of advertising trade groups are voicing their dissatisfaction with the CCPA's final proposed regulations, which were sent for review last week.A password alone will not protect sensitive information from hackers--two-factor authentication is also necessary. Here's what security pros and users need to know about two-factor authentication.A vuln in the GTP protocol could allow DoS, fraud, and data theft attacks against cellular networks from virtually anywhere.The COVID-19 pandemic has affected many tech career fields. Learn how it has impacted cybersecurity professionals, and how to help.The Gamaredon APT has started using a new VBA macro to target Microsoft Outlook victims' contact lists.Malspam emails are claiming to deliver a survey on BLM -- but in reality they deliver the infamous banking trojan.Mobile malware and fake apps purporting to be legitimate banking software are big risks, law enforcement agency says.An attack targeting the automaker reportedly infected internal servers and led to the suspension of production at plants around the world.In a bid to stop the spread of fake news Twitter has launched a test feature to remind users to read articles before retweeting them.A third-party cybersecurity firm were paid to drill a hole in a Tor-reliant operating system to uncover a man who spent years sextorting young girls.What COVID-19 has taught us about the digital revolution.Ethereum co-founder Charles Hoskinson anticipates a future version of the internet that relies on new methods of authentication.With a few quick clicks, you can detect network abuse with Wireshark. Jack Wallen shows you how.haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.Part 1 of a two-part series about securing machine learning.A new wave of attacks using old malware is threatening WordPress sites that don't have strong password policies.Intel chip features that were intended to help you do cryptography better could have leaked your inner secrets.Researchers warn that the Earth Empusa threat group is distributing the spyware by injecting code into fake and watering-hole pages.Microsoft has joined Amazon and IBM in banning the sale of facial recognition technology to police departments and pushing for federal laws to regulate the technology.Follow these tips for running red-team exercises that will deliver added insight into your operations.A new malware strain is targeting Linux and Windows systems, mobile banking apps potentially targeted by hackers, and the city of Knoxville suffers a ransomware attack - catch up on the week's news with the Friday Five.Knoxville's government took its network offline and turned off infected servers and workstations after a ransomware attack this week.A new report focuses on a surge in cyberattacks and other disruptions during the coronavirus pandemic and the costs of these events.A honeypot created by Cybereason to lure cybercriminals and analyze their methods showed that ransomware attacks infiltrate their victims in multiple stages.Only 37% of "high performer" organizations monitor the risk of IoT devices used by third parties, and current IoT risk-management programs can't keep pace, study said.The ransomware attack hit the Tennessee city of Knoxville this week, causing disruptions in various services.Members of Romanian gang used fraudulent ads for nonexistent products to extract money from US Internet users, DoJ says.Images from a public repository contained cryptominers that Microsoft researchers found in Kubeflow instances running on Azure.The Branding Module in Viki Vera 4.9.1.26180 allows an authenticated user to change the logo on the website. An attacker could use this to upload a malicious .aspx file and gain Remote Code Execution on the site.Missing SSL Certificate Validation in the Nutfind.com application through 3.9.12 for Android allows a man-in-the-middle attacker to sniff and manipulate all API requests, including login credentials and location data.Creating a culture of supporting and advancing women is no small feat, but it's worth the challenge. Start with yourself. Here's how.Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.The need to make rapid business decisions and to deliver solutions that meet the needs of customers, deliver continuous uninterrupted service, and rapidly evolve to their highest priorities has resulted in the need to integrate IT and OT through IoT.Microsoft has discovered a campaign that exploits Kubernetes to install cryptomining software in its Azure cloud.As the hitmen and fraudsters retreat, the Dark Web could become freedom's most important ally.Kurtis Minder, co-founder and CEO of GroupSense, explains why the coronavirus has been big business for bad actors.Kurtis Minder, co-founder and CEO of GroupSense, explains why the coronavirus has been big business for bad actors.A new hack allowed researchers to discern sound -- including "Let it Be" by the Beatles, and audio from a Donald Trump speech -- from lightbulb vibrations.The Magecart group targeted the tween accessories specialist starting the day after it shuttered its retail locations due to coronavirus.A 2021 intelligence funding draft bill mandates a report on surveillance vendors and which countries or other actors are using spyware.The wpForo plugin 1.6.5 for WordPress allows XSS involving the wpf-dw-td-value class of dashboard.php.The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases langid parameter.The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter.The wpForo plugin 1.6.5 for WordPress allows wp-admin/admin.php?page=wpforo-usergroups CSRF.A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service.A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks.Sextortion again - but with "we hacked your website and stole all your data" instead of "we hacked your webcam and made a video".Customers are advised to install the latest version of PowerShell to fully address CVE-2020-1108.Verizon's annual Data Breach Investigations Report confirmed 3,950 data breaches across 16 industries. Tom Merritt explains five things to know about these breaches.Verizon's annual Data Breach Investigations Report confirmed 3,950 data breaches across 16 industries. Tom Merritt explains five things to know about these breaches.libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.Caddy before 0.10.13 mishandles TLS client authentication, as demonstrated by an authentication bypass caused by the lack of the StrictHostMatching mode.Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711.Researchers find six bugs in consumer D-Link DIR-865L Wireless AC 1750 Dual Band Cloud Router.Intel's Tiger Lake CPUs will come with Control-flow Enforcement Technology (CET), aimed at battling common control-flow hijacking attacks.New control-flow enforcement technology will become available with upcoming Tiger Lake mobile processor, chipmaker says.The online marketplace, which specializes in greeting cards and wedding invites, was hit with a class action lawsuit under the California Consumer Privacy Act last week, alleging it failed to protect its customers PII.This removal, of 32K accounts, is not the first time Twitter has taken action to protect its users from influence operations. Researchers weighed in on the practice with Threatpost.A bloody pig mask, doxing threats, and a foiled surveillance attempt were among the actions six ex-eBay employees took against an editor and publisher of a newsletter.Analysis reveals how Ryuk's operators are changing their techniques and using new means to break in.According to industry analyst firm Gartner, as many asΒ one-third of successful attacksΒ on enterprises target data that are housed in unsanctioned IT resources.Researchers have developed an ingenious way to eavesdrop from a distance without relying on planted bugs: they just stare at a light bulb.Hackers affiliating themselves with the hacktivist label have joined the Black Lives Matter backlash after a fatal police shooting on Friday.The demand for Internet of Things security practices that protect sensitive medical equipment and data will double within the next five years. Here's why.Unlocked domains are susceptible to malicious tactics that can lead to unauthorized DNS changes and domain name hijacking, says CSC.Two security vulnerabilities could open up companies to financial attacks and compliance violations if the software is not updated, Onapsis says.Some 71% of people polled cited privacy concerns as the main reason for not wanting to use a COVID-19 tracing app, says Avira.On the Cypress CYW20735 evaluation board, any data that exceeds 384 bytes is copied and causes an overflow. This is because the maximum BLOC buffer size for sending and receiving data is set to 384 bytes, but everything else is still configured to the usual size of 1092 (which was used for everything in the previous CYW20719 and later CYW20819 evaluation board). To trigger the overflow, an attacker can either send packets over the air or as unprivileged local user. Over the air, the minimal PoC is sending "l2ping -s 600" to the target address prior to any pairing. Locally, the buffer overflow is immediately triggered by opening an ACL or SCO connection to a headset. This occurs because, in WICED Studio 6.2 and 6.4, BT_ACL_HOST_TO_DEVICE_DEFAULT_SIZE and BT_ACL_DEVICE_TO_HOST_DEFAULT_SIZE are set to 384.The vulnerabilities affect everything from printers to insulin pumps to ICS gear.An internal investigation into the 2016 CIA breach condemned the agency's security measures, saying it βfocused more on building up cyber tools than keeping them secure."More bad news for cybercrooks... we hope.This step is intended to address growing enterprise concerns around security and complexity, both top of mind among CISOs and CIOs.Three good reasons why your incident response team's first call after a data breach should be to outside counsel.Malicious emails, risky employee behavior, and a rise in software vulnerabilities are the top threats seen by IT professionals, says Ivanti.One company is alleging a rival shop lured two of its most senior employees away - along with trade secrets, confidential information, and a list of its customers.Critical vulnerabilities were patched in Adobe After Effects, Illustrator, Premiere Pro, Premiere Rush and Audition.Only a handful have controls against domain-name hijacking, DNS modifications, and other threats, a new CSC study finds.The 12-year-old malware is still dangerous, sporting advanced evasion techniques.The preview, open to Windows users, opens PDF files in a sandbox to protect users who open malicious Acrobat documents.Internal CIA report released today shows poor security controls surrounding the intelligence agency's hacking tools.Researchers discover 19 vulnerabilities in a TCP/IP software library manufacturers have used in connected devices for 20 years.Likely looking to make a statement, attackers targeted specific websites hosted by a single provider with a 1.44 terabit-per-second distributed denial-of-service attack, according to Akamai.A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.2 and below may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on the targeted device's system.Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service via network access.Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow a privileged user to potentially enable denial of service via network access.Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.Improper input validation in Intel(R) AMT versions before 11.8.76, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.Improper input validation in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an authenticated user to potentially enable information disclosure via network access.Improper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an unauthenticated user to potentially enable escalation of privilege via local access.Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.Insufficient control flow management in firmware for some Intel(R) Data Center SSDs may allow a privileged user to potentially enable information disclosure via local access.In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size" variable, and then use that variable as the size parameter for "copy_from_user", ending up overwriting memory following "crus_sp_hdr". "crus_sp_hdr" is a static variable, of type "struct crus_sp_ioctl_header".Product: AndroidVersions: Android kernelAndroid ID: A-135129430In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-148189280Function abc_pcie_issue_dma_xfer_sync creates a transfer object, adds it to the session object then continues to work with it. A concurrent thread could retrieve created transfer object from the session object and delete it using abc_pcie_dma_user_xfer_clean. If this happens, abc_pcie_start_dma_xfer and abc_pcie_wait_dma_xfer in the original thread will trigger UAF when working with the transfer object.Product: AndroidVersions: Android kernelAndroid ID: A-151453714This is an unbounded write into kernel global memory, via a user-controlled buffer size.Product: AndroidVersions: Android kernelAndroid ID: A-135130450A recent malware campaign targeted victims at European and Middle East aerospace and military companies - via LinkedIn spear-phishing messages.6 execs and employees have been charged with cyberharassing a couple who published an e-commerce newsletter sometimes critical of the company.Fraudulent Android app developers have been discovered trying to manipulate Googleβs Play Store security by removing suspicious code before adding it back in to see what trips detection systems.The partnership leverages Intel's CPU telemetry data to more easily detect abnormal system behavior that indicates illicit cryptocurrency mining.New research shows attackers are targeting and establishing relationships with accounts payable departments.The cloud storage site has also unveiled an app center and improved its integration with HelloSign eSignature technology.Microsoft report offers insight on how threat actors exploited COVID-19 across the globe.How systemic cyber-risk threatens US banks and financial services companiesBEC campaigns represent a relatively small percentage of all email attacks yet pose the greatest financial risk, says Abnormal Security.As multiple companies inch closer to a potentially life-saving vaccine for the coronavirus, cybercriminals with varying motives have increased attacks.If the 2016 election is any indication, images included in state-sponsored social media posts are effective at disseminating propaganda, new analysis shows.Knowledge workers are perfectly suited for remote work, but the benefits of collaboration - and the requirements of proving identity - make fully remote security teams problematic.The pandemic is causing security spending in 2020 to shrink dramatically in most, but not all, segments, according to a revised estimate.Ah for the bad old days when a ransomware attack was simply that: a ransomware attack, beginning, middle and end.Spreading via poisoned Google search results, this new version of Mac's No. 1 threat comes with added stealth.It's a short hop from shows like 'Naked and Afraid' and 'Alone' to your email server and how you secure itIn Open Microscopy Environment OMERO.server 5.0.0 through 5.6.0, the reading of files from imported image filesets may circumvent OMERO permissions restrictions. This occurs because the Bio-Formats feature allows an image file to have embedded pathnames.In ome.services.graphs.GraphTraversal.findObjectDetails in Open Microscopy Environment OMERO.server 5.1.0 through 5.6.0, permissions on OMERO model objects may be circumvented during certain operations such as move and delete, because group permissions are mishandled.An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.OMERO before 5.6.1 makes the details of each user available to all users.An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient/rfbproto.c ConnectToRFBRepeater function.The hacker group recently took credit for two high-profile incidents -- but its actions aren't quite the same as they once were, some say.The CIA failed to install safeguards to prevent the theft of its most valuable cyber weapons in 2016.With blockchain, gamers can save their in-game purchases and retain their value to resell them to other players or move them into other games for the first time.Hackers who use brute force attacks can easily compromise accounts with weak passwords, according to Nordpass.Telemetry hints that the North Korean actor was behind major cyber-espionage campaign focused on military and aerospace companies, ESET says.The beautiful game is back on the pitch in the U.K. -- and cyberattackers will be looking to take advantage of fans streaming the games.The hacker group recently took credit for two high-profile incidents -- but its actions aren't quite the same as they once were, some say.PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.The videoconferencing company now says it will offer end-to-end encryption to all users beginning in July.A βvery rareβ malware has been used by an unknown threat actor in cyberattacks against two different Russian organizations in 2017.Hiring experts explain how companies should approach recruitment when employers and candidates are working remotely.Adobe released another set of patches for its products on Tuesday, a week after dropping its first set of fixes for the month.InvisiMole is back, targeting Eastern Europe organizations in the military sector and diplomatic missions with an updated toolset and new APT partnership.Endorsed by boxer Floyd Mayweather and DJ Khaled, the Centra Tech ICO debacle has led to the guilty plea of co-founder Robert Farkas.Attackers use trusted entities to trick victims into giving up their corporate log-in details as well as to bypass security protections.Darren James, product specialist with Specops Software, warned that password resets, for example, are a particularly vexing issue for sysadmins, as they can often lockout end-users from their accounts.The June campaign was targeted and aimed at stealing online banking credentials.Survey finds that IT leaders plan to increase security measures when offices reopen.CISOs are never going to have all the finances they want. Hard choices must be made. The CISO of Amazon Prime Video discusses his approaches to a slimmed-down budget.IT leaders remain under pressure to balance security and authentication methods, yet this remains a challenge for most organizations, according to a new report by Thales.A new SophosLabs report digs into the latest browser-hijacking "bundleware" targeting Mac usersA survey of 17 Android applications for informing citizens if they had potential contact with a COVD-19-infected individual finds few have adopted code-hardening techniques.A remote USB function in a software provider's code has been found to contain a significant vulnerability. Learn more about what it entails and how you should protect your systems.Windows 10 updates released as part of last weekβs Patch Tuesday appear to be making life hard for some printer users.Originally planned for premium accounts only, Zoom will now offer optional E2EE to all account holders.An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at the first. Otherwise, adns can be confused by interleaving answers for the CNAME target, with the CNAME itself. In that case the answer data structure (on the heap) can be overrun. With this fixed, it prefers to look only at the answer RRs which come after the CNAME, which is at least arguably correct.An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read() would have done. Without this fix, adnshost may read and process one byte beyond the buffer, perhaps crashing or perhaps somehow leaking the value of that byte.An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with \, and adns_qf_quoteok_query was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart the input buffer and start processing many bytes of arbitrary heap data as if it were the query domain. Eventually it would run out of input or find some other kind of error, and declare the query domain invalid. But before then it might outrun available memory and crash. In principle this could be a denial of service attack.An issue was discovered in adns before 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun (depending on the sizes of the types on the current platform). Of course the inputs ought to be right. And there are pointers in there too, so perhaps one could say that the caller ought to check these things. It may be better to require the caller to make the pointer structure right, but to have the code here be defensive about (and tolerate with an error but without crashing) out-of-range integer values. So: it should defend each of these integer conversion sites with a check for the actual permitted range, and return adns_s_invaliddata if not. The lack of this check causes the SOA sign extension bug to be a serious security problem: the sign extended SOA value is out of range, and overruns the buffer when reconverted. This is related to sign extending SOA 32-bit integer fields, and use of a signed data type.An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution.An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered.An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an uninitialised stack value can be used as the first label length. Depending on the circumstances, an attacker might be able to trick adns into crashing the calling program, leaking aspects of the contents of some of its memory, causing it to allocate lots of memory, or perhaps overrunning a buffer. This is only possible with applications which make non-raw queries for SOA or RP records.High-severity flaws plague Cisco's Webex collaboration platform, as well as its RV routers for small businesses.A sophisticated scheme used legitimate redirection tools to convince victims to give up Office 365 credentials.The phishing email leads recipients to a phony BOA landing page in an attempt to steal their banking credentials, according to Armorblox.New data reveals 65% of SMEs plan to invest more in cyber insurance, compared with 58% of large enterprises.Criminals use disasters, wars, and now pandemics as air cover to focus collective anxiety and fear into highly targeted, malicious messaging.haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.The malware has boosted its anti-detection capabilities in a new email campaign.When factories, notably in China, shuttered during the COVID-19 pandemic, products the US relied on were impacted. Here's how experts see a return to "Made in America" and the incumbent risks.The attack redirects users through legitimate websites in an attempt to capture their Microsoft credentials, says Check Point Research.A study of banking apps for iOS and Android found poor source code protection, cleartext storage of sensitive data, and other serious flaws that make it easy for attackers to break into accounts.The preview, open to Windows users, opens PDF files in a sandbox to protect users who open malicious Acrobat documents.We've got questions for you on black infosec, burnout, vulnerabilities, COVID-19, and much more. Send us your video responses and we'll play them in our News Desk broadcast during Black Hat Virtual.A new update to PCI requirements is designed to keep pace with the evolving financial threat environment.In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be possible to upload the data of additional scans.Facebook will report its privacy practices to both the committee, the FTC, and to a third-party assessor.Trojan Chrome browser extensions spied on users and maintained a foothold on the networks of financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals and government organizations.Vulnerability would have allowed an attacker to gain access to sensitive information on a system, Trustwave's SpiderLab says.Cybersecurity leaders discussed the threats and challenges that arose during the pandemic, and how they responded, during a virtual roundtable.Security researchers have discovered a handful of game-changing vulnerabilities that spell trouble for dozens of connected device vendors and their customers.Possible beer shortage caused by ransomware, dating apps expose 845 GB of sensitive data, and Zoom reverses controversial security decision - catch up on the week's news with the Friday Five.Amazing what online search, social media profiles, a DMV database and cameras everywhere can turn up about us.An unpatched vulnerability in the web server of device firmware gives attackers root privileges, researchers said.As the name suggests, IBM Maximo is typically used by really big companies to track really huge numbers of assets...Competitors submitted lots of clever virus puns, and the prizes go to ...Part two of a series on avoiding potential security risks with ML.Whonix is a Linux desktop dedicated to absolute security and privacy. Find out how to use this unique take on the desktop operating system.The coronavirus pandemic has forced changes for much of the business world, cybersecurity included. What can we expect going forward?An issue was discovered in Mattermost Server before 5.18.0. An attacker can send a user_typing WebSocket event to any channel.An issue was discovered in Mattermost Server before 5.18.0. It has weak permissions for server-local file storage.An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of service (memory consumption) via a large Slack import.An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-message channel by changing the type of a channel.An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. CSRF can sometimes occur via a crafted web site for account takeover attacks.Insider threats, the CIA's bad security policies, and malicious Chrome extensions were the topics of discussion during this week's news wrap podcast.Those polled by Nordlocker also use cloud services, messaging apps, and external drives to share files.Companies need to look for PII across all corporate data silos and consider building an automated system to respond to requests from consumers, experts say.An issue was discovered in Mattermost Server before 4.7.3. It allows attackers to cause a denial of service (application crash) via invalid LaTeX text.An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. An e-mail invite accidentally included the team invite_id, which leads to unintended excessive invitation privileges.An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. WebSocket events were accidentally sent during certain user-management operations, violating user privacy.An issue was discovered in Mattermost Server before 4.10.1, 4.9.4, and 4.8.2. It allows attackers to cause a denial of service (application hang) via a malformed link in a channel.An issue was discovered in Mattermost Server before 5.1. It allows attackers to cause a denial of service via the invite_people slash command.An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for setting a channel header) via the Channel header slash command API.An issue was discovered in Mattermost Server before 5.1. Non-members of a channel could use the Channel PATCH API to modify that channel.An issue was discovered in Mattermost Server before 5.1. An attacker can bypass intended access control (for direct-message channel creation) via the Message slash command.An issue was discovered in Mattermost Server before 5.1, 5.0.2, and 4.10.2. An attacker could use the invite_people slash command to invite a non-permitted user.An issue was discovered in Mattermost Server before 5.2 and 5.1.1. Authorization could be bypassed if the channel name were not the same in the params and the body.An issue was discovered in Mattermost Server before 5.2.2, 5.1.2, and 4.10.4. It allows remote attackers to cause a denial of service (memory consumption) via crafted image dimensions.An issue was discovered in Mattermost Server before 5.3.0. It mishandles timing.An issue was discovered in Mattermost Server before 5.4.0. It mishandles possession of superfluous authentication credentials.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS attacks could occur against an OAuth 2.0 allow/deny page.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can test for the existence of an arbitrary file.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can create arbitrary files.An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service (application crash) via an @ character before a JavaScript field name.An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, and 4.3.4. It mishandled webhook access control in the EnableOnlyAdminIntegrations case.As telehealth grows more common, security experts address the privacy and security concerns of storing health data in the cloud.An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows crafted posts that potentially cause a web browser to hang.An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. It mishandles a deny action for a redirection.An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to add DEBUG lines to the logs via a REST API version 3 logging endpoint.An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to obtain sensitive information (user statuses) via a REST API version 4 endpoint.An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. Sometimes. resource-owner authorization is bypassed, allowing account takeover.An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. Display names allow XSS.An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. E-mail templates can have a field in which HTML content is not neutralized.An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows Phishing because an error page can have a link.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows an attacker to create a button that, when pressed by a user, launches an API request.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. An attacker could create fictive system-message posts via webhooks and slash commands, in the v3 or v4 REST API.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It discloses the team creator's e-mail address to members.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of restrictions on use of slash commands.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by accessing unintended API endpoints on a user's behalf.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by using a registered OAuth application with personal access tokens.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAuth 2.0 Service Provider. There is low entropy for authorization data.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS can occur via OpenGraph data.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via a goto_location response to a slash command.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the title_link field of a Slack attachment.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the author_link field of a Slack attachment.A former Defense Intelligence Agency analyst leaked classified information to two journalists - one of whom he was dating - shedding light on insider threats.Experts believe China is behind the attack campaign, but China denies responsibility.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. Knowledge of a session ID allows revoking another user's session.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can achieve directory traversal.An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to cause a denial of service (channel invisibility) via a misformatted post.An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where Mattermost is an OAuth 2.0 service provider.An issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF.An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window.An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link.An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser.An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details.An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL.An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL.An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API.An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting.An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled.An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place.An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values.An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change.An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang.An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information.An issue was discovered in Mattermost Server before 3.3.0. An attacker could use the WebSocket feature to send pop-up messages to users or change a post's appearance.An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection.An issue was discovered in Mattermost Server before 3.5.1. XSS can occur via file preview.An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed.An issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of service (memory consumption) via a small compressed file that has a large size when uncompressed.Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.With millions working from home and relying on the cloud, security leaders are under increasing pressure to keep their enterprises breach-free.The Detroit man allegedly bragged about wanting to "play with Peoplesoft" - the HR management software he called "basically HR in a box."The maelstrom of change we're going through presents a unique opportunity to become enablers. And to do that requires flexibility.A workforce that was rushed out of the office due to COVID-19 equates to opportunities for cybercriminals, an IBM report finds.AMD has fixed one high-severity vulnerability affecting its client and embedded processors; fixes for the other two will come out later in June.We take part in a fraudulent survey so you don't have to. Show your friends and family how these scams unfold.Billions of people have had their information stolen online, and Visa is hoping its new AI solution will help banks handle fraudulent accounts.Targeting the CEO and others in an organization, the attacks spotted by cybersecurity firm Darktrace were detected due to artificial intelligence.Working from home is new for many enterprise employees, yet many say they've received little in the way of new training or technology to keep them safe.An activist group posted nearly 300 gigabytes of data from police departments, including scanned documents, videos, emails, audio files, and more, online Friday.Adobe will prompt Flash Player users to uninstall the application before the Dec. 31, 2020 end of life date hits.Networking devices sold under at least one major brand have a firmware vulnerability that allows hackers to take control of the device, a cybersecurity firm claims.In the face of tighter budgets and lowered spending forecasts due to the pandemic, optimizing and improving the efficiency of security programs -- without sacrificing integrity -- has never been more important.Deal extends Microsoft Azure for legacy industrial devices.DDoSecrets has published data from over 200 police departments, law enforcement training and support resources and fusion centers.The travel-booking giant had been slowly starting to transition away from VPN dependence. Then COVID-19 happened, and suddenly 700 third-party call-center workers were working from home.The journalist collective DDoSecrets published nearly 270GB of data on Juneteenth: the date commemorating the end of US enslavement.Organizations sent workers home during COVID-19 lockdown without adequate security preparation.A recent DivvyCloud survey found that in 2019, a majority of respondents reported being in the final optimization stages of their cloud journey, with 59% indicating they are in the DevOps Optimization stage (an 11% increase from 2018).Why embracing, not fighting, decentralization will pave the way to smoother cloud migrations.Recent spearphishing emails spread the Hackbit ransomware using malicious Microsoft Excel attachments and the GuLoader dropper.Making .GOV domains secure - it'll take "a few years" yetSifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.File sharing, remote work, and vulnerable employees are leaving company networks open to potential cyberattackFile sharing, remote work, and vulnerable employees are leaving company networks open to potential cyberattackDespite the takedown of the "CyberBunker" threat operators in 2019, command-and-control traffic continues to report back to the defunct network address space.On International Women in Engineering Day, our CTO Debra Danielson gives examples of female engineers who have made a profound impact and why diversity in engineering matters.Bad actors have flooded the enterprise with coronavirus-related attacks, but professionals working from home have other worries, Unisys Security found.By using the AAA permissions management framework for cloud operations, organizations can address authentication, authorization, and auditing.Remote work is opening up new insider threats - whether it's negligence or malicious employees - and companies are scrambling to stay on top of these unprecedented risks.Making extra money from victims appears to be the goal, Symantec says.The now-patched vulnerability left business users' personal information in web browser caches for anyone to find.Attackers are compromising large companies with the Cobalt Strike malware, and then deploying the Sodinokibi ransomware.The now-patched vulnerability left business users' personal information in web browser caches for anyone to find.In addition, the first release of Defender ATP for Linux is now generally available.Keystone is a lightweight multi-platform, multi-architecture assembler framework. Highlight features include multi-architecture, with support for Arm, Arm64 (AArch64/Armv8), Hexagon, Mips, PowerPC, Sparc, SystemZ, and X86 (include 16/32/64bit). It has a clean and lightweight architecture-neutral API. It's implemented in C/C++ languages, with bindings for Python, NodeJS, Ruby, Go and Rust available and also has native support for Windows and various Unix flavors.At WWDC, Apple promised to double down on data protection in its upcoming iOS 14, macOS Big Sur, and Safari releases.Spending on cybersecurity technology rose last quarter but will dip this year due to budgetary constraints, says Canalys.New approaches will allow businesses to reduce risk while meeting the needs of users, employees, and third parties. Here are three issues to consider when reimagining enterprise application access.An open letter signed by experts in the field from MIT, Microsoft and Google aim to stop the βtech to prisonβ pipeline.IT staffers have grappled with such user issues as password lockouts and an inability to access internal apps, says Hitachi ID.The Lawful Access to Encrypted Data Act is being decried as "an awful idea" by security experts.Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.And you thought the Bitcoin blockchain was all about cryptocurrency!Annual "Black Hat USA Attendee Survey" indicates unprecedented concern over possible compromises of enterprise networks and US critical infrastructure.Sensitivity of customer information and time-to-detection determine financial blowback of cybersecurity breaches.IT pros revealed widespread remote work garnered challenges and security concerns, according to a recent Sectigo survey.Tech career platform Dice highlighted how data engineers and cybersecurity experts are in high demand.A report via the European Commission highlights the importance of protecting and enforcing intellectual property in the European Union.Government-mandated Internet shutdowns occur far more regularly than you might expect.The fleet management company becomes part of Apple in a deal announced today.A new devilish malware is targeting Windows systems with cryptojacking and DDoS capabilities.The CryCryptor malware strain is a brand-new family of threats, leveraging COVID-19 to spread.In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed in 4.4.4.A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise Application Beans(EJB) due to lack of validation/filtering capabilities in wildfly.An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. This flaw allows an authenticated client to modify the configuration and possibly conduct further attacks.An issue was discovered on Xiaomi Mi Jia ink-jet printer < 3.4.6_0138. Injecting parameters to ippserver through the web management background, resulting in command execution vulnerabilities.The Apache server on port 80 that host the web interface is vulnerable to a DoS by spamming incomplete HTTP headers, effectively blocking the access to the dashboard.MiR robot controllers (central computation unit) makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots. These insecurities include a way for users to escalate their access beyond what they were granted via file creation, access race conditions, insecure home directory configurations and defaults that facilitate Denial of Service (DoS) attacks.The BIOS onboard MiR's Computer is not protected by password, therefore, it allows a Bad Operator to modify settings such as boot order. This can be leveraged by a Malicious operator to boot from a Live Image.There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually adding a new user with sudo privileges on the machine.The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the laser scanner are not affected (thus it is hard to detect before something happens) though the laser scanner configuration can also be affected altering further the safety of the device.The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface. Given a USERNAME and a PASSWORD, the token string is generated directly with base64(USERNAME:sha256(PASSWORD)). An unauthorized attacker inside the network can use the default credentials to compute the token and interact with the REST API to exfiltrate, infiltrate or delete data.The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly available default credentials from the Control Dashboard (refer to CVE-2020-10270 for related flaws). This flaw in combination with CVE-2020-10273 allows any attacker connected to the robot networks (wired or wireless) to exfiltrate all stored data (e.g. indoor mapping images) and associated metadata from the robot's database.MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way the intellectual property artifacts installed in the robots. This flaw allows attackers with access to the robot or the robot network (while in combination with other flaws) to retrieve and easily exfiltrate all installed intellectual property and data.MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication. This allows attackers with access to the internal wireless and wired networks to take control of the robot seamlessly. In combination with CVE-2020-10269 and CVE-2020-10271, this flaw allows malicious actors to command the robot at desire.MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph to all network interfaces, wireless and wired. This is the result of a bad set up and can be mitigated by appropriately configuring ROS and/or applying custom patches as appropriate. Currently, the ROS computational graph can be accessed fully from the wired exposed ports. In combination with other flaws such as CVE-2020-10269, the computation graph can also be fetched and interacted from wireless networks. This allows a malicious operator to take control of the ROS logic and correspondingly, the complete robot given that MiR's operations are centered around the framework (ROS).Out of the wired and wireless interfaces within MiR100, MiR200 and other vehicles from the MiR fleet, it's possible to access the Control Dashboard on a hardcoded IP address. Credentials to such wireless interface default to well known and widely spread users (omitted) and passwords (omitted). This information is also available in past User Guides and manuals which the vendor distributed. This flaw allows cyber attackers to take control of the robot remotely and make use of the default user interfaces MiR has created, lowering the complexity of attacks and making them available to entry-level attackers. More elaborated attacks can also be established by clearing authentication and sending network requests directly. We have confirmed this flaw in MiR100 and MiR200 but according to the vendor, it might also apply to MiR250, MiR500 and MiR1000.One of the wireless interfaces within MiR100, MiR200 and possibly (according to the vendor) other MiR fleet vehicles comes pre-configured in WiFi Master (Access Point) mode. Credentials to such wireless Access Point default to well known and widely spread SSID (MiR_RXXXX) and passwords (omitted). This information is also available in past User Guides and manuals which the vendor distributed. We have confirmed this flaw in MiR100 and MiR200 but it might also apply to MiR250, MiR500 and MiR1000.A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. Attackers are able to use the name field of service key to inject scripts and make it run when admin users try to change the name.The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gain remote code execution if they were able to exploit a server side template injection vulnerability.A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this flaw to execute arbitrary shell commands on the CloudForms server as root.Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130System Services exports services without permission protect and can lead to information exposure in Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, Kamorta, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SA415M, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when processing large data or non-standard feedback messages in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SA415M, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SA415M, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8096AU, MDM9607, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCS605, SC8180X, SDA845, SDX20, SDX24, SDX55, SM8150, SXR1130Payload size is not validated before reading memory that may cause issue of accessing invalid pointer or some garbage data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Rennell, Saipan, SC8180X, SDA660, SDA845, SDM429W, SDM439, SDM670, SDM710, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR2130kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996, MSM8996AU, Nicobar, QCS605, Rennell, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130Twitter emailed business clients to tell them that their financial data may have been seen by the uninvited.net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.Kernel driver bugs often let crooks take over your entire system from even the weediest foothold.Advanced persistent threat (APT) campaign aims to steal intelligence secrets from foreign companies operating in China.Some 67% of all malware seen in the first quarter was delivered via HTTPS, according to security firm WatchGuard Technologies.Threat actors shift focus from COVID-19 to employee coronavirus training and current events like Black Lives Matter as cyber-attacks continue to rise.The recent spread of the distributed denial-of-service tool attempts to exploit a dozen web-framework flaws, uses credential stuffing, and is intended to work against a variety of operating systems.Security and development teams must make it clear why their segment of the development life cycle is relevant to the other teams in the pipeline.Several high-severity flaws in Nvidia's GPU display drivers for Windows users could lead to code-execution, DoS and more.Malicious botnet sources explode in new attacks that push boundaries in terms of volume and duration.Analysis of FBI data found that nearly $2 billion was stolen from US victims in 2019 just from business email compromise.Your credit card is worth around $33, your driver's license around $27, and your PayPal account around $42, according to Reviews.org.Emails with fake COVID-19 training materials are trying to trick employees into sharing their Microsoft credentials, says Check Point Research.Even as more code is produced, indirect dependencies continue to undermine security.How epidemiology can solve the people problem in security.The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character.A first-stage malware loader spotted in active campaigns has added additional exploits and a new backdoor capability.Privacy advocates are up in arms about a sweeping new bill introduced this week that would allow "lawful access" of encrypted devices and services with a warrant.Updating CA root SSL certificates requires updating the firmware on streaming devices, smart devices, routers, cameras, and more.Lawmakers proposed a new bill that would ban the use of facial recognition by law enforcement nationwide.The right decoys can frustrate attackers and help detect threats more quickly.Researchers from IntSights observed a sharp increase in the use of popular instant messaging apps over the past year among threat groups.In Pillow before 6.2.3 and 7.x before 7.0.1, there are two Buffer Overflows in libImaging/TiffDecode.c.In libImaging/PcxDecode.c in Pillow before 6.2.3 and 7.x before 7.0.1, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.Pillow before 6.2.3 and 7.x before 7.0.1 has multiple out-of-bounds reads in libImaging/FliDecode.c.A reverse proxy can do wonders for your network and its security. Learn how to configure NGINX to serve this very purpose.Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot.Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges.The ransomware gang is threatening to auction celebrities' legal documents stolen from the law firm it paralyzed in May.Got a PS4? Like to hack?App will stop reading usersβ device cut-and-paste data after a new banner alert in an Apple update uncovered the activity.Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them.While the security operations center is enjoying a higher profile these days, just one-fourth of security operations centers actually resolve incidents quickly enough.The creator of the Satori/Okiru, Masuta and Tsunami/Fbot botnets has been sentenced to prison for compromising hundreds of thousands of devices.With the pandemic uprooting networks and upending careers, which security skills are hot -- and which are not?Files from hundreds of police departments are leaked, FBI issues a security warning to K12 schools, and more - catch up on all the week's news with the Friday Five.IBM Maximo Asset Management 7.6.1.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 170961.Evil Corp. group hit at least 31 customers in campaign to deploy WastedLocker malware, according to Symantec.The Facial Recognition and Biometric Technology Moratorium Act would explicitly ban police from using the technology.The carding store victimized mainly U.S. citizens and is responsible for $20 million in fraudulent purchases.If Safari isn't your default Mac web browser, it should be when Apple releases macOS Big Sur. Here's how Apple developers have readied the browser for adulthood and the demands of the workplace.Researchers believe that Click2Gov, municipal payment software, may be at the heart of this most recent government security incident.The botnet can be used to mount different kinds of attacks, including code-execution and DDoS.The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.Kenneth Schuchman, the creator of the massive Satori botnet of enslaved devices, will be spending 13 months behind bars.Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in Issue Navigator Basic Search. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2.