Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers - The bugs rate 10 out of 10 on the vulnerability-severity scale, thanks to the ease of exploitation... https://threatpost.com/critical-bugs-dell-wyse-thin-clients/162452/ #criticalsecurityvulnerabilities #informationdisclosure #configurationfiles #noauthentication #vulnerabilities #readwriteaccess #cloudsecurity #thinclients #version9.x #ftpserver #dellwyse #patch #bugs
#bugs #patch #dellwyse #ftpserver #version9 #thinclients #cloudsecurity #readwriteaccess #vulnerabilities #noauthentication #configurationfiles #informationdisclosure #criticalsecurityvulnerabilities
Electronic Medical Records Cracked Open by OpenClinic Bugs - Four security vulnerabilities in an open-source medical records management platform allow remote c... https://threatpost.com/electronic-medical-records-openclinic-bugs/161722/ #personalhealthinformation #electronicmedicalrecords #medicalrecordsmanagement #securityvulnerabilities #informationdisclosure #patientdatatheft #vulnerabilities #cve-2020-28937 #cve-2020-28938 #cve-2020-28939 #opensource #openclinic #bishopfox #unpatched
#unpatched #bishopfox #openclinic #opensource #cve #vulnerabilities #patientdatatheft #informationdisclosure #securityvulnerabilities #medicalrecordsmanagement #electronicmedicalrecords #personalhealthinformation
GO SMS Pro Android App Exposes Private Photos, Videos and Messages - The vulnerable version of the app, which has 100 million users, uses easily predictable URLs to li... https://threatpost.com/go-sms-pro-android-app-exposes-private-photos/161407/ #informationdisclosure #securityvulnerability #mediacontentexposure #trustwavespiderlabs #mobilemessagingapp #vulnerabilities #predictableurls #mobilesecurity #privatephotos #websecurity #googleplay #gosmspro #privacy #android #patch
#patch #android #privacy #gosmspro #googleplay #websecurity #privatephotos #mobilesecurity #predictableurls #vulnerabilities #mobilemessagingapp #trustwavespiderlabs #mediacontentexposure #securityvulnerability #informationdisclosure
WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug - The shopping cart application contains a PHP object-injection bug. https://threatpost.com/wordpress_open_to_attacks_welcart_bug/161037/ #informationdisclosure #securityvulnerability #phpobjectinjection #vulnerabilities #denialofservice #codeinjection #websecurity #e-commerce #wordfence #wordpress #welcart #plugin #patch #bug
#bug #patch #plugin #welcart #wordpress #wordfence #e #websecurity #codeinjection #denialofservice #vulnerabilities #phpobjectinjection #securityvulnerability #informationdisclosure
Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws - The critical-severity Adobe Acrobat and Reader vulnerabilities could enable arbitrary code executi... https://threatpost.com/adobe-windows-macos-critical-acrobat-reader-flaws/160903/ #november2020patchupdate #securityvulnerabilities #arbitrarycodeexecution #adobeacrobatandreader #informationdisclosure #acrobatandreader #vulnerabilities #cve-2020-24430 #cve-2020-24435 #cve-2020-24436 #cve-2020-24437 #criticalbugs
#criticalbugs #cve #vulnerabilities #acrobatandreader #informationdisclosure #adobeacrobatandreader #arbitrarycodeexecution #securityvulnerabilities #november2020patchupdate
Bug-Bounty Awards Spike 26% in 2020 - The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to... https://threatpost.com/bug-bounty-awards-spike-2020/160719/ #mostrecentthreatlists #informationdisclosure #cross-sitescripting #stayathomeorders #vulnerabilities #ethicalhackers #bountypayouts #most-rewarded #mostvaluable #bugbounty #hackerone #covid-19 #security #tiktok #apple #flaws #top10 #xss
#xss #top10 #flaws #apple #tiktok #security #covid #hackerone #bugbounty #mostvaluable #most #bountypayouts #ethicalhackers #vulnerabilities #stayathomeorders #cross #informationdisclosure #mostrecentthreatlists
Google Rolls Out Fixes for High-Severity Android System Flaws - The most serious bugs are elevation-of-privilege issues in the Android System component (CVE-2020-... https://threatpost.com/google-android-system-flaws/159948/ #androidsecurityupdate #informationdisclosure #elevationofprivilege #vulnerabilities #(cve-2020-0215 #mediaframework #cve-2020-0416 #websecurity #october2020 #framework #qualcomm #android #samsung #google #kernel #pixel
#pixel #kernel #google #samsung #android #qualcomm #framework #october2020 #websecurity #cve #mediaframework #vulnerabilities #elevationofprivilege #informationdisclosure #androidsecurityupdate
90 days, 16 bugs, and an Azure Sphere Challenge - Cisco Talos reports 16 vulnerabilities in Microsoft Azure Sphere's sponsored research challenge.
By ... http://feedproxy.google.com/~r/feedburner/Talos/~3/n4-X8h4AfAA/Azure-Sphere-Challenge.html #informationdisclosure #unsignedcodeexecution #vulnerabilityanalysis #privilegeescalation #denialofservice #microsoftazure #vulnspotlight #vulnerability #vulndev #talos
#talos #vulndev #vulnerability #vulnspotlight #microsoftazure #denialofservice #privilegeescalation #vulnerabilityanalysis #unsignedcodeexecution #informationdisclosure
Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers - Five critical cross-site scripting flaws were fixed by Adobe in Experience Manager as part of its ... https://threatpost.com/critical-adobe-flaws-attackers-javascript-browsers/159026/ #adobeexperiencemanager #informationdisclosure #crosssitescripting #htmlinjectionflaw #vulnerabilities #adobeframemaker #adobeindesign #browserattack #criticalflaw #patchtuesday #websecurity #adobepatch #javascript #adobebug #adobe #xss
#xss #adobe #adobebug #javascript #adobepatch #websecurity #patchtuesday #criticalflaw #browserattack #adobeindesign #adobeframemaker #vulnerabilities #htmlinjectionflaw #crosssitescripting #informationdisclosure #adobeexperiencemanager
Researchers Warn of Flaw Affecting Millions of IoT Devices - A patch has been issued for the flaw in a widely-used module, and researchers are urging IoT manuf... https://threatpost.com/flaw-affecting-millions-iot-devices/158472/ #informationdisclosure #cinterionehs8module #internetofthings #cve-2020-15858 #remoteexploit #vulnerability #insulinpump #smartcity #thales #hacks #patch #iot #fix
#fix #iot #patch #hacks #thales #smartcity #insulinpump #vulnerability #remoteexploit #cve #internetofthings #cinterionehs8module #informationdisclosure
Citrix Bugs Allow Unauthenticated Code Injection, Data Theft - Admins should patch their Citrix ADC and Gateway installs immediately. more: https://threatpost.com/citrix-bugs-allow-unauthenticated-code-injection-data-theft/157214/ #informationdisclosure #criticaladvisory #securityadvisory #vulnerabilities #denialofservice #codeinjection #cve-2020-8187 #cve-2020-8190 #cve-2020-8191 #cve-2020-8193 #cve-2020-8194 #cve-2020-8195 #cve-2020-8196 #cve-2020-8197 #cve-2020-8198 #cve-2020-8199 #adc
#adc #cve #codeinjection #denialofservice #vulnerabilities #securityadvisory #criticaladvisory #informationdisclosure
Apache Guacamole Opens Door for Total Control of Remote Footprint - Several vulnerabilities can be chained together for a full exploit. more: https://threatpost.com/apache-guacamole-control-remote-footprint/157124/ #securityvulnerabilities #informationdisclosure #vulnerabilities #apacheguacamole #remotefootprint #cloudsecurity #cve-2020-9497 #cve-2020-9498 #workfromhome #remoteusers #checkpoint #covid-19 #takeover #gateway #rce
#rce #gateway #takeover #covid #checkpoint #remoteusers #workfromhome #cve #cloudsecurity #remotefootprint #apacheguacamole #vulnerabilities #informationdisclosure #securityvulnerabilities
Unpatched Bugs in Oracle iPlanet Opens Door to Info-Disclosure, Injection - CVE-2020-9315 and CVE-2020-9314 in iPlanet version 7 will not receive patches. more: https://threatpost.com/unpatched-bugs-oracle-iplanet/155639/ #informationdisclosure #vulnerabilities #imageinjection #cve-2020-9314 #cve-2020-9315 #websecurity #webconsole #iplanet #nopatch #oracle
#oracle #nopatch #iplanet #webconsole #websecurity #cve #imageinjection #vulnerabilities #informationdisclosure
Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA - Cisco has fixed 12 high-severity flaws in its Adaptive Security Appliance software and Firepower T... more: https://threatpost.com/cisco-fixes-high-severity-flaws-in-firepower-security-software-asa/155568/ #ciscofirepowersoftware #informationdisclosure #highseverityflaw #vulnerabilities #denialofservice #security #cisco #dos
#dos #cisco #security #denialofservice #vulnerabilities #highseverityflaw #informationdisclosure #ciscofirepowersoftware
Critical Adobe Illustrator, Bridge and Magento Flaws Patched - Adobe fixed critical flaws in Illustrator, Magento and Bridge in an out-of-band security update. more: https://threatpost.com/critical-adobe-illustrator-bridge-and-magento-flaws-patched/155255/ #arbitrarycodeexecution #informationdisclosure #adobeillustrator #vulnerabilities #outofbandupdate #securityupdate #criticalpatch #criticalflaw #websecurity #adobebridge #adobeupdate #adobe #patch
#patch #adobe #adobeupdate #adobebridge #websecurity #criticalflaw #criticalpatch #securityupdate #outofbandupdate #vulnerabilities #adobeillustrator #informationdisclosure #arbitrarycodeexecution
Critical VMware Bug Opens Up Corporate Treasure to Hackers - The bug -- rated 10 in severity -- potentially affects large numbers of corporate VMs and hosts. more: https://threatpost.com/critical-vmware-bug-corporate-treasure-hackers/154682/ #criticalsecurityvulnerability #informationdisclosure #vulnerabilities #virtualmachines #cloudsecurity #cve-2020-3952 #vcenterserver #advisory #vmware #vmdir #bug
#bug #vmdir #vmware #advisory #vcenterserver #cve #cloudsecurity #virtualmachines #vulnerabilities #informationdisclosure #criticalsecurityvulnerability
Dropbox Passes $1M Milestone for Bug-Bounty Payouts - The file-sharing service also disclosed details of past notable bugs for the first time. more: https://threatpost.com/dropbox-1m-milestone-bug-bounty-payouts/152621/ #informationdisclosure #bugbountyprogram #vulnerabilities #documentsharing #cloudsecurity #sharedlinkbug #vulnerability #cloudservice #cssinjection #totalpayouts #websecurity #filesharing #reportcard #bugbounty #$1million #hackerone #zero-day #dropbox
#dropbox #zero #hackerone #bugbounty #reportcard #filesharing #websecurity #totalpayouts #cssinjection #cloudservice #vulnerability #sharedlinkbug #cloudsecurity #documentsharing #vulnerabilities #bugbountyprogram #informationdisclosure
Microsoft Issues Out-of-Band Update for SharePoint Bug - An attacker could exploit CVE-2019-1491 to obtain sensitive information that could be used to moun... more: https://threatpost.com/microsoft-issues-out-of-band-update-sharepoint-bug/151260/ #informationdisclosure #sharepointserver #vulnerabilities #outofbandpatch #cve-2019-1491 #december2019 #patchtuesday #bugbounty #microsoft #bug
#bug #microsoft #bugbounty #patchtuesday #december2019 #cve #outofbandpatch #vulnerabilities #sharepointserver #informationdisclosure
Modern Intel CPUs Plagued By Plundervolt Attack - The Intel attack uses a similar technique that gamers commonly use to overclock their CPUs. more: https://threatpost.com/intel-cpus-plundervolt-attack/151006/ #informationdisclosure #privilegeescalation #side-channelattack #vulnerabilities #cve-2019-11157 #vulnerability #intelattack #plundervolt #cpuvoltage #intelsgx #meltdown #spectre #intel
#intel #spectre #meltdown #intelsgx #cpuvoltage #plundervolt #intelattack #vulnerability #cve #vulnerabilities #side #privilegeescalation #informationdisclosure
Jemand will alte Locher loswerden…
#OpSec #InformationDisclosure #SocialEngineering
#opsec #informationdisclosure #socialengineering