White Papers
Video
Current Issue
Special Report: Computing’s New NormalThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world — and enterprise computing — on end. Here’s a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Bug Report
From DHS/US-CERT’s National Vulnerability Database
CVE-2018-20243
PUBLISHED: 2020-10-13
The implementation of POST with the username and password in the URL parameters exposed the credentials. More infomration is available in fineract jira issues 726 and 629.
CVE-2020-13957
PUBLISHED: 2020-10-13
Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that’s uploaded via API without authentication/authorization. The checks in place to prevent such feature…
CVE-2020-15251
PUBLISHED: 2020-10-13
In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability.
CVE-2020-17411
PUBLISHED: 2020-10-13
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within…
CVE-2020-17412
PUBLISHED: 2020-10-13
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han…
The post Coalition Pokes Five Eyes on Call for Backdoors appeared first on Malware Devil.
https://malwaredevil.com/2020/10/13/coalition-pokes-five-eyes-on-call-for-backdoors/?utm_source=rss&utm_medium=rss&utm_campaign=coalition-pokes-five-eyes-on-call-for-backdoors
No comments:
Post a Comment