It’s long been speculated that it would be possible to take over a smartphone via a so-called simjacker exploit, which gains remote control of the SIM card. Security researchers have now discovered that governments have been actively using a simjacker …Continue Reading
Security Advisory. This security advisory describes one high risk vulnerability.
1) Permissions, Privileges, and Access Controls. Severity: High. CVSSv3: [PCI] CVE-ID: CVE-2019-14379. CWE-ID: Description. CWE-264 – Permissions, Privileges, and Access …Continue Reading
Below is a lightly-edited transcript of this week’s news wrap podcast. Lindsey O’Donnell : Hi, welcome to the Threatpost news wrap podcast. You’ve got Lindsey O’Donnell here with Threatpost and I’m here today with Tara Seals, editor at Threatpost. Tara…Continue Reading
The business of cybercrime is not unlike a typical start-up business model. There’s a product with a clear value proposition, integrated marketing campaigns, customer support services, risk and rewards analysis, research and development and more. There…Continue Reading
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172, CVE-2019-16173 impact: medium homepage: https://www.Continue Reading
OpenGov Tech Day 2019- Trying to be a Resilient Organisation- Ongoing Journey towards Cyber Protection was held on 12 September 2019 at the Amara Singapore. The event saw delegates from both enterprises and financial institutions at attendance. It has …Continue Reading
Today’s organisations are generating and hoarding massive amounts of data. Making the most of its immense value is a challenge that spans technology, leadership, cultural, and ethical considerations. Date: 18 Sep 2019; Your Computer.
Cloud computing h…Continue Reading
The attack traffic recorded by F-Secure’s global network of honeypots tripled from the last six months of 2018 to the first six months of 2019. In H2 2018, the network recorded 813 million attacks. In H1 2019, that figure leapt to 2.98 billion attacks.Continue Reading
1) Code Injection. Severity: High. CVSSv3: [PCI] CVE-ID: CVE-2019-8069. CWE-ID: Description. CWE-94 – Improper Control of Generation of Code (‘Code Injection’) The vulnerability allows a remote attacker to execute arbitrary code on the target system. T…Continue Reading
Two days ago, Intel disclosed a vulnerability in their 2011 released line of micro processors with Data Direct I/O Technology (DDIO) and Remote Direct Memory Access (RDMA) technologies. The vulnerability was found by a group of researchers from the Vri…Continue Reading