Curated News Feeds
via theguardian.com Kyle Lawler had a ‘bad feeling’ about Salman Abedi but ‘did not have anything to justify that’A security guard had a “bad feeling” when he saw Manchester Arena suicide bomber Salman Abedi but did not approach him for fear of being b…
Continue ReadingThe 25 vulnerabilities most commonly scanned for and targeted by Chinese nation-state attackers were exploited seven times more often than other flaws in the past six months, researchers report in their analysis of a list published by the US National S…
Continue Readingvia infosecurity-magazine.com Ping Identity Appoints Emma Maslen to Lead EMEA and APAC GrowthIdentity security firm Ping Identity has announced the appointment of Emma Maslen as its vice-president and general manager for EMEA and APAC. In this role, sh…
Continue ReadingOn October 20, 2020, the European Union Agency for Cybersecurity (ENISA) issued its annual Threat Landscape 2020 publication summarizing the main cyber threats and providing insights on the evolution of threats encountered between January 2019-April 2020.
Continue ReadingExecutive Summary. IoT The COVID-19 pandemic has accelerated the adoption of IoT devices. As businesses slowly reopen during the pandemic, contactless IoT devices such as point of sale (POS) terminals and body temperature cameras have been widely adopt…
Continue ReadingSYDNEY Oct. 27, 2020 /PRNewswire/ — A survey by ESET Australia has found that while Australian households are generally well aware of the nature of cybersecurity threats, they are less well prepared to protect themselves from evolving threats targetin…
Continue ReadingExploit availability: No Description. CWE-284 – Improper Access Control The vulnerability allows a remote attacker to gain unauthorized access to sensitive information. The vulnerability exists due to improper access restrictions when “getACL()” comman…
Continue Reading.
1) Risk: Low. CVSSv3: CVE-ID: CVE-2020-9488. CWE-ID: Exploit availability: No Description. CWE-295 – Improper Certificate Validation The vulnerability allows a remote attacker to perform man-in-the-middle attack. The vulnerability exists due to the …
Continue Reading.
Security Advisory. This security advisory describes one low risk vulnerability.
1) Risk: Low. CVSSv3: CVE-ID: CVE-2020-9488. CWE-ID: Exploit availability: No Description. CWE-295 – Improper Certificate Validation The vulnerability allows a remote a…
Continue ReadingExploit availability: No Description. CWE-300 – Channel Accessible by Non-Endpoint (‘Man-in-the-Middle’) The vulnerability allows a remote attacker to perform a man-in-the-middle (MitM) attack. The vulnerability exists in the JMX Integration when the “…
Continue Reading