Apple Pays Bug Bounty to Enterprise Network Researchers

Subscribe to Newsletters

Webinar Archives

White Papers

Software Exploits, a Technical Deep Dive into Vulnerabilities

2020 SANS Cyber Threat Intelligence Survey

Automate Digital Certificate Lifecycle Management

Key Steps in Satisfying Your CCPA and Other Privacy Obligations

More White Papers

Video

All Videos

Cartoon

Latest Comment: Sorry, I cannot brush my teeth tonight. The toothbrush locked me out after three tries.

Cartoon Archive

Current Issue

Special Report: Computing’s New NormalThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Back Issues | Must Reads

Flash Poll

All Polls

How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world — and enterprise computing — on end. Here’s a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-13955
PUBLISHED: 2020-10-09

HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respective Calcite adapters….

CVE-2020-9105
PUBLISHED: 2020-10-09

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploit…

CVE-2020-26924
PUBLISHED: 2020-10-09

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC720 before 3.9.1.13 and WAC730 before 3.9.1.13.

CVE-2020-26925
PUBLISHED: 2020-10-09

NETGEAR GS808E devices before 1.7.1.0 are affected by denial of service.

CVE-2020-26926
PUBLISHED: 2020-10-09

Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.

The post Apple Pays Bug Bounty to Enterprise Network Researchers appeared first on Malware Devil.

https://malwaredevil.com/2020/10/09/apple-pays-bug-bounty-to-enterprise-network-researchers/?utm_source=rss&utm_medium=rss&utm_campaign=apple-pays-bug-bounty-to-enterprise-network-researchers