Barnes & Noble Warns Customers About Data Breach

Subscribe to Newsletters

Webinar Archives

White Papers

InformationWeek & Network Computing Report Round Up

Osterman Research: Cyber Crisis Response – Fit For Today’s Threat Landscape?

[Dark Reading Report] Building an Effective Cybersecurity Incident Response Team

Vulnerability Management for Financial Companies

How to Choose the Right TLS/SSL Certificate

More White Papers

Video

All Videos

Cartoon

Latest Comment: I’m done with Technology tonight. The bed won’t go up so I’m using pillows, the Kindle is locked up so I’m reading an actual book and …

Cartoon Archive

Current Issue

Special Report: Computing’s New NormalThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Back Issues | Must Reads

Flash Poll

All Polls

How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world — and enterprise computing — on end. Here’s a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-25858
PUBLISHED: 2020-10-15

The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior to versions released in October 2020 does not validate the return value of a strstr() or strchr() call in the Tokenizer() function. An attacker who invokes the web interface with a crafted URL can crash the process, causing denia…

CVE-2020-25859
PUBLISHED: 2020-10-15

The QCMAP_CLI utility in the Qualcomm QCMAP software suite prior to versions released in October 2020 uses a system() call without validating the input, while handling a SetGatewayUrl() request. A local attacker with shell access can pass shell metacharacters and run arbitrary commands. If QCMAP_CLI…

CVE-2019-12411
PUBLISHED: 2020-10-15

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2020-11637
PUBLISHED: 2020-10-15

A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53, <D4.63, <A4.73 and prior could allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition.

CVE-2020-13939
PUBLISHED: 2020-10-15

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

The post Barnes & Noble Warns Customers About Data Breach appeared first on Malware Devil.

https://malwaredevil.com/2020/10/15/barnes-noble-warns-customers-about-data-breach/?utm_source=rss&utm_medium=rss&utm_campaign=barnes-noble-warns-customers-about-data-breach