vulnerability – Page 40 – PossibleThreat Articles

Patch released for Windows-pwning VPN bug

September 25, 2019 0 Comments cve-2019-6145, vpn, vulnerability, Windows

Credit to Author: Danny Bradbury| Date: Wed, 25 Sep 2019 10:34:17 +0000

VPN vendor Forcepoint has patched a security flaw that could have given attackers unfettered access to its users’ Windows computers.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/urFdXrwNd_M” height=”1″ width=”1″ alt=””/>

Security Sophos

Jira development and ticketing software hit by critical flaws

September 24, 2019 0 Comments altassian, CVEs, jira data center, jira service desk data center, jira service desk server, security threats, vulnerability

Credit to Author: John E Dunn| Date: Tue, 24 Sep 2019 10:10:40 +0000

Admins have a spot of patching work on their hands after the company released updates addressing two critical flaws.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/VgbcYoVOVyk” height=”1″ width=”1″ alt=””/>

Security Sophos

Server-squashing zero-day published for phpMyAdmin tool

September 23, 2019 0 Comments cross site request forgery, csrf, mariadb, mysql, owasp, phpmyadmin, security threats, vulnerability, zero day

Credit to Author: Danny Bradbury| Date: Fri, 20 Sep 2019 12:22:50 +0000

A researcher has just published a zero-day security bug in one of the web’s most popular database administration software packages.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/XxpMh0dUMaQ” height=”1″ width=”1″ alt=””/>

Security Sophos

Air Force to offer up a satellite to hackers at Defcon 2020

September 19, 2019 0 Comments air force, aviation, Defcon, Government security, hack the air force, Hacking, military, military security, satellite, security events, security threats, vulnerability, will roper

Credit to Author: Lisa Vaas| Date: Thu, 19 Sep 2019 14:42:48 +0000

This year, the Air Force presented vetted hackers with a plane’s subsystem, which they duly tore up. Next year, it will be a satellite.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/wh-pZprliQk” height=”1″ width=”1″ alt=””/>

Security Sophos

No surprises in the top 25 most dangerous software errors

September 19, 2019 0 Comments buffer flaws, common vulnerabilities and exposures, common weakness enumeration, cross-site scripting, CVEs, cwe, mitre, security bugs, security threats, vulnerability, XSS

Credit to Author: Danny Bradbury| Date: Thu, 19 Sep 2019 08:58:17 +0000

An in-depth study of reported bugs has produced a list of the top 25 bug categories in software today – with some old familiar names topping the list.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/rJcjSJP7NLU” height=”1″ width=”1″ alt=””/>

Security Sophos

iPhone lockscreen bypass: iOS 13 tricked into showing your contacts

September 16, 2019 0 Comments Apple, bypass, iOS, iOS 13, iPhone, josé rodríguez, lock screen, lockscreen, Mobile, Privacy, security threats, vulnerability

Credit to Author: Lisa Vaas| Date: Mon, 16 Sep 2019 11:43:04 +0000

This time, José Rodríguez came up with a way to trick the iOS 13 beta into showing its address book without the need to unlock the screen.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ItkiemPxojs” height=”1″ width=”1″ alt=””/>

Security Sophos

Google fixes Chromebook 2FA flaw in ‘built-in security key’

September 16, 2019 0 Comments 2-factor Authentication, 2fa, chrome os, chromebook, fido u2f, Google, security threats, Technologies, two-factor authentication, u2f, vulnerability

Credit to Author: John E Dunn| Date: Mon, 16 Sep 2019 11:35:33 +0000

Google has discovered a flaw in a Chromebook security feature which allows owners to press their device’s power button to initiate U2F 2FA.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/wxhr_hHEAl8″ height=”1″ width=”1″ alt=””/>

Security Sophos

Intel: SSH-stealing NetCAT bug not really a problem

September 13, 2019 0 Comments Data Direct I/O, Intel, Intel chips, keystroke timing attack, NetCAT, security threats, vulnerability

Credit to Author: Danny Bradbury| Date: Fri, 13 Sep 2019 13:17:33 +0000

There’s another vulnerability in Intel chips, with another catchy name: NetCAT.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/REq_6yIOVLY” height=”1″ width=”1″ alt=””/>

Security Sophos

Leaky database full of fake Groupon emails turns out to belong to crooks

September 13, 2019 0 Comments data loss, Elasticsearch, fraud, groupon, NeuroTicket, Noam Rotem, Ran Locar, ransom, security threats, Ticketmaster, tickets, TickPick, vpnMentor, vulnerability

Credit to Author: Lisa Vaas| Date: Fri, 13 Sep 2019 12:43:47 +0000

Crooks made bogus accounts to buy tickets with fake credit cards, resold them to unsuspecting buyers, and left the database-o-fraud wide open.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/GRSpDu39Kqg” height=”1″ width=”1″ alt=””/>

Security Sophos

Critical TLS flaw opens Exim servers to remote compromise

September 10, 2019 0 Comments buffer overflow, CVE-2018-6789, CVE-2019-10149, CVE-2019-15846, email security, Exim, https, mail servers, rce, security threats, Server Name Indication, TLS, vulnerability

Credit to Author: John E Dunn| Date: Tue, 10 Sep 2019 10:06:43 +0000

A ‘critical’ security vulnerability has been discovered in the Exim mail server that requires admins’ urgent attention.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/2NLa6N1e3Bk” height=”1″ width=”1″ alt=””/>