] The Mad Hacker [

online
mad hacker

Collecting all the news about Cybersecurity, computer security, cracking, hacking, infosec, netsec, & security vunerabilities in one convenient place

Whitehat, greyhat, blackhat, tinker, tailor, solider, spy
We trawl the web so you don't have to
Since 2000

the mad hacker overlay

Zoom End-to-End Encryption Whitepaper

(Monday May 25, 2020)
End-to-End Encryption for Zoom Meetings. Contribute to zoom/zoom-e2e-whitepaper development by creating an account on GitHub.

Disrupted

(Monday May 25, 2020)
We’ve heard a lot about “disruption” over the last few years - companies upending, institutions and entrepreneurs revolutionising some of the things that we thought always were and always should be. Technology has been the poster child of these rapid social and economic changes. But disruption existed before Silicon Valley co-opted the word - it was change, that accelerated something, unexpected. It was something that exposed the cracks in our expectations and changed things, sometimes forever. Two big thinkers, James Burke and Pico Iyer join Aleks to explore whether the...

seL4 Whitepaper released

(Monday May 25, 2020)

The new OpenSSL cheat sheet

(Monday May 25, 2020)
CYBERSECURITY, PAYMENT SECURITY & CRYPTOGRAPHY The new OpenSSL Cheat Sheet May 25, 2020 Leave a comment (1) Go to comments Let me share with you the OpenSSL Cheat Sheet I have just written. Feel free to post any comments or recommendations for a future version. You can download the PDF version from the website or by clicking here ← Encrypt cardholder data in transit. PCI-DSS Requirement 4 Leave a comment ? 1 COMMENTS. The new OpenSSL cheat sheet | OSINT pingback on May 25, 2020...

Abusing PackageKit on Fedora/CentOS for fun & profit (from wheel to root)

(Monday May 25, 2020)
Sysdream, audits et formations en sécurité informatique Ethical Hacking PCI DSS Test d'intrusion

New COVID-19-themed Malware Campaign Spreading through Emails

(Monday May 25, 2020)
Microsoft warns of a new COVID 19-related malware campaign spreading by email and using Excel 4.0 macros and NetSupport Manager to compromise systems. The email is a favorite method for attackers to disseminate malware because it can be targeted or sent to many people at once. The main reason is that the intrusion uses the […]

BrandPost: The Benefits of Cybersecurity Awareness Training

(Monday May 25, 2020)
The road to a cybersecurity career is not always a straight line. Sometimes, people stumble across it on the way to a different destination and find that cybersecurity is a good fit or an interesting career. Professionals discovering that cybersecurity sparks their interest is good for the industry as the cyber skills gap continues to be a significant problem around the world. At Fortinet, we provide training for IT professionals, students, veterans, veteran spouses and more through our programs to help more people enter the field or upskill for career growth in an effort to close the...

Why should you teach cybersecurity to your kids?

(Monday May 25, 2020)
Now more than ever, we understand the importance of safety, both online and in the real world. The coronavirus epidemic has forced millions of families from across the globe to adopt social distancing and rely on their Internet-enabled devices to communicate with the outside world, friends and family. As schools locked down for the remainder […]

Attacking CloudGoat 2 - A step-by-step walkthrough of CloudGoat 2.0 scenarios.

(Monday May 25, 2020)
A step-by-step walkthrough of CloudGoat 2.0 scenarios. - appsecco/attacking-cloudgoat2

VulnFanatic - Binary Ninja plugin for vulnerability research got updated to version 2.0 with decompiler support!

(Monday May 25, 2020)
Contribute to Martyx00/VulnFanatic development by creating an account on GitHub.

ThreatList: People Know Reusing Passwords Is Dumb, But Still Do It

(Monday May 25, 2020)
Even seeing data breaches in the news, more than half of consumers are still reusing passwords.

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs

(Monday May 25, 2020)
A lack of awareness about where and how open-source libraries are being used is problematic, researchers say.

eBay is port scanning your system when you load the webpage

(Monday May 25, 2020)
The auction site and marketplace eBay is running port scans on user systems when the eBay website is opened in a web browser.

CVE-2018-8611 Exploiting Windows KTM Part 5/5 – Vulnerability detection and a better read/write primitive

(Monday May 25, 2020)
The fifth and final blog posts exploring the detailed exploitation of CVE-2018-8611.

Reverse engineering and exploiting HEVD's buffer overflow.

(Monday May 25, 2020)
Endpoint Detection and Response (EDR) is starting to rear its head in more and more environments, constraining and making post exploitation activities more difficult for operators. Sure there are…

What is the dark web? Your questions answered, in plain English

(Monday May 25, 2020)
Watch this new video from our YouTube channel - the dark web explained without jargon or judgment.

6 hard truths security pros must learn to live with

(Monday May 25, 2020)
The life of a security practitioner isn’t easy. You’re on the front lines, fighting the good fight against a patient, smart, determined enemy that always seems to be one step ahead. But there are great rewards as well. The security community has tremendous camaraderie, security pros can feel good knowing they are doing something important for their company. And security salaries are among the highest in the IT industry.(Insider Story)

4 ways edge computing changes your threat model

(Monday May 25, 2020)
Many organizations have begun moving processing capabilities to edge locations or closer to where data is generated. This trend could open them up to new cyber risks that their threat models will need to take into account.(Insider Story)

Monday review – the hot 16 stories of the week

(Monday May 25, 2020)
From virtual machine ransomware to changes in Signal secure messaging - and everything in between. It's your weekly roundup time.

New Tool Can Jailbreak Any iPhone and iPad Using An Unpatched 0-Day Bug

(Monday May 25, 2020)
The hacking team behind the "unc0ver" jailbreaking tool has released a new version of the software that can unlock every single iPhone, including those running the latest iOS 13.5 version. Calling it the first zero-day jailbreak to be released since iOS 8, unc0ver's lead developer Pwn20wnd said "every other jailbreak released since iOS 9 used 1day exploits that were either patched in the next

The Civil Service’s rogue tweet about “Truth Twisters”

(Monday May 25, 2020)
You can have a strong, unique password, you can have multi-factor authentication in place, but good luck preventing a member of your social media team ‘going rogue’.

Attacking MSI RGB Lighting From The Browser

(Monday May 25, 2020)
If you have the MSI Dragon Center software installed (or just the Mystic Light app), random websites can control the RGB lighting on your motherboard and graphics card! Some examples: The latest version of Mystic Light as of this writing (3.0.0.70) is affected. DETAILS The LEDKeeper.exe component of Mystic Light runs as Administrator. At startup, it spawns an HTTP server on 0.0.0.0:26820 that requires no authentication and allows itself through Windows Firewall. The server accepts the...

SQL Injection - MySQL comment: the double dash mystery

(Sunday May 24, 2020)
Intro# When doing penetration testing using a black box approach, you may find a SQL injection (SLQi) by fuzzing with common payloads. Except if there is a verbose error disclosing the original SQL qu

Announcing OWASP Summer of Security!

(Sunday May 24, 2020)
Virtual AppSec Days Summer of Security 2020 on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.

Security incident at networking app covve. "This could be another one you never heard of, but you are in it "

(Sunday May 24, 2020)
15 May 2020 I was reticent to write this blog post because it leaves a lot of questions unanswered, questions that we _should _be able to answer. It's about a data breach with almost 90GB of personal information in it across tens of millions of records - including mine. Here's what I know: with a massive trove of data that had been left exposed on a major cloud provider via a publicly accessible Elasticsearch instance. It contained 103,150,616 rows in total, the first 30 of which look...

Finding and Fixing TLS Misconfigurations with TLS Profiler

(Sunday May 24, 2020)
To secure data in transport for web services and web sites, TLS is indispensable. But just enabling TLS is not enough: Several different TLS versions and many dozens of options exist for their usage, and it is very hard to tell which combinations are secure and which are not, and which are compatible with certain browsers and devices. In this howto, I introduce TLS Profiler, a new open source tool to scan for TLS misconfigurations. THE PROBLEM To ensure the security of web servers, the...

How Imperva Advanced Mesh Topology Keeps Canadian Data In-Country

(Sunday May 24, 2020)
The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that sets out how organizations can collect, use and disclose personal information in the course of commercial activity. While PIPEDA does not prohibit the transfer of personal information outside of Canada, it requires organizations to provide adequate levels of protection and […] The post How Imperva Advanced Mesh Topology Keeps Canadian Data In-Country [https://www.imperva.com/blog/how-imperva-advanced-mesh-topology-keeps-canadian-data-in-country/] appeared first on Blog...

Bypassing CAPTCHA with Visually-Impaired Robots

(Saturday May 23, 2020)
Search SEARCH THIS BLOG More… BYPASSING CAPTCHA WITH VISUALLY-IMPAIRED ROBOTS many of you have probably noticed, we rely heavily on bot automation for a lot of the testing that we do at Sociosploit.  And occasionally, we run into sites that leverage CAPTCHA ("Completely Automated Public Turing Test To Tell Computers and Humans Apart") controls to prevent bot automation.   Even if you aren't familiar with the name, you've likely encountered these before. While there are...

Ragnar Locker ransomware deploys virtual machine to dodge security

(Saturday May 23, 2020)
Start a Sophos demo in less than a minute. See exactly how our solutions work in a full environment without a commitment. Learn More STAY CONNECTED © 1997 - 2020 Sophos Ltd. All rights reserved Powered by WordPress.com VIP

Zero Knowledge Proofs : A Primer

(Saturday May 23, 2020)
The introduction of Bitcoin in 2009 turned more research attention towards generalized blockchains, and privacy issues lead in turn to se...

Burp Extender Part-2: Handling Multi Step Login and Multi Token replacement

(Saturday May 23, 2020)
We picked a website listed on bugcrowd because this website had both multi-step login and multiple tokens to be replaced. This was a perfect example to demonstrate the ability of the plugin…

Riding the State Unemployment Fraud ‘Wave’

(Saturday May 23, 2020)
When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that's exactly what appears to be going on right now as multiple U.S. states struggle to combat a tsunami of phony Pandemic Unemployment Assistance (PUA) claims. Meanwhile, a number of U.S. states are possibly making it easier for crooks by leaking their citizens' personal data from the very websites the unemployment scammers are using to file bogus claims.

Apple is tracking hashes of all executables (uploading to a controlled server) in OS X Catalina

(Saturday May 23, 2020)
MAY 22 2020 BY JEFF JOHNSON SUPPORT THIS BLOG: LINK UNSHORTENER This is a follow-up to Allan Odgaard's excellent article macOS 10.15: Slow by Design I want to talk specifically about the first section "Spawning a new Process", because there has been widespread misunderstanding of this. Odgaard provides a simple test to show that the first run of an executable is delayed while Catalina checks the executable's notarization status online. This occurs even for shell scripts, which cannot be code...

API Management, Security and DevOps

(Saturday May 23, 2020)
It is a fairly common application architecture these days to have several APIs running on a platform somewhere helping create flawless integrations between multiple systems. For businesses with a…

Pentesting 101: Working With Exploits

(Friday May 22, 2020)
How to work with exploits? Where to find realiable and safe exploits? How to know which exploit to use? This article explains all that and related topics in detail.

Plesk / myLittleAdmin ViewState .NET Deserialization

(Friday May 22, 2020)
This Metasploit module exploits a ViewState .NET deserialization vulnerability in web-based MS SQL Server management tool myLittleAdmin, for version 3.8 and likely older versions, due to hardcoded machineKey parameters in the web.config file for ASP.NET. Popular web hosting control panel Plesk offers myLittleAdmin as an optional component that is selected automatically during "full" installation. This exploit caters to the Plesk target, though it should work fine against a standalone myLittleAdmin setup. Successful exploitation results in code execution as the user running myLittleAdmin,...

Synology DiskStation Manager smart.cgi Remote Command Execution

(Friday May 22, 2020)
This Metasploit module exploits a vulnerability found in Synology DiskStation Manager (DSM) versions prior to 5.2-5967-5, which allows the execution of arbitrary commands under root privileges after website authentication. The vulnerability is located in webman/modules/StorageManager/smart.cgi, which allows appending of a command to the device to be scanned. However, the command with drive is limited to 30 characters. A somewhat valid drive name is required, thus /dev/sd is used, even though it does not exist. To circumvent the character restriction, a wget input file is staged in /a, and...

IAIK JCE Side Channel Attack

(Friday May 22, 2020)
IAIK JCE is a provider for the Java Cryptography Extension and has an issue where the way that some of the computations involved in the signature generation are carried out introduce a side channel that leaks timing information about the ephemeral number k.

5 Tips for Fighting Credential Stuffing Attacks

(Friday May 22, 2020)
With stolen credentials an easy find online, what are some measures to put in place to keep hackers from breaking into secure accounts?

Shining a light on “Silent Night” Zloader/Zbot - Malwarebytes Labs

(Friday May 22, 2020)
In our new paper with HYAS, we dive deep into “Silent Night," a new banking Trojan recently tracked as Zloader/Zbot, and reminiscent of ZeuS.

As hackers sell 8 million user records, Home Chef confirms data breach

(Friday May 22, 2020)
Meal kit and food delivery company Home Chef has confirmed that hackers breached its systems, making off with the personal information of customers. But only after a hacking group put the stolen data up for sale… Read more in my article on the Hot for Security blog.

Signal Introduces PINs, Slowly Moves to End Reliance on Phone Numbers as Security Measure

(Friday May 22, 2020)
The Signal messaging app is getting a new security feature called Signal PINs, allowing users to secure their cloud-stored information in a way not available to anyone else, and that includes the company making the app. More and more messaging apps are using true encrypted communications, so it’s no longer an exotic feature. But what […]

Former Salesforce Execs Launch Data Protection Startup

(Friday May 22, 2020)
Cloud-based API service stores and manages sensitive consumer data with a zero-trust, database-as-a service approach.

The ransomware that attacks you from inside a virtual machine

(Friday May 22, 2020)
In a recent attack, Ragnar Locker ransomware was seen encrypting victim's files while shielded from security software inside a virtual machine.

Signal secure messaging can now identify you without a phone number

(Friday May 22, 2020)
Signal decouples its secure messaging service from your phone number - a bit.

Dark Reading Edge Cybersecurity Crossword Puzzle, May 22th

(Friday May 22, 2020)
Have a hard time coming up with the answers to these puzzle questions? We know a great place to look for more clues...

‘Coronavirus Report’ Emails Spread NetSupport RAT, Microsoft Warns

(Friday May 22, 2020)
Attackers used malicious Excel 4.0 documents to spread the weaponized NetSupport RAT in a spear-phishing campaign.

Home Chef Serves Up Data Breach for 8 Million Records

(Friday May 22, 2020)
The meal-kit company's customer records were leaked as part of the Shiny Hunters breach.

Security & Trust Ratings Proliferate: Is That a Good Thing?

(Friday May 22, 2020)
Phishing ratings, security ratings, human-ness ratings -- we are looking at a future filled with grades of security and trustworthiness. But there is a downside.

Cybersecurity Experts Comment on Phishing Campaign That Can Bypass MFA

(Friday May 22, 2020)
Cofence Phishing Defence Center have discovered yet the latest of cybercriminals’ tricks: a phishing campaign that bypasses MFA. Different from other credential harvesting attacks, the scam attempts to trick users into granting permissions to an application that then proceeds to bypass multifactor authentication. Leveraging the OAuth2 framework and OpenID Connect protocol, this campaign’s main goal […] The post Cybersecurity Experts Comment on Phishing Campaign That Can Bypass MFA [https://www.itsecurityguru.org/2020/05/22/cybersecurity-experts-comment-on-phishing-campaign-that-can-bypa

EasyJet’s breach notification email to customers – a closer look

(Friday May 22, 2020)
Let’s take a closer look at the email EasyJet is sending to customers affected by its recent security breach. Including a brief exploration of how EasyJet’s definition of “recent” might differ from yours or mine…

Securing Docker with CIS Controls

(Friday May 22, 2020)
Containers, along with orchestrators such as Kubernetes, have ushered in a new era of application development methodology, enabling microservices architectures as well as continuous development and delivery. Docker is by far the most dominant container runtime engine, with a 91% penetration according to the State of the Container and Kubernetes Security Report. Containerization has many […] The post Securing Docker with CIS Controls [https://www.itsecurityguru.org/2020/05/22/securing-docker-with-cis-controls/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

nfstream 5.1.3

(Friday May 22, 2020)
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Druva inSync Windows Client 6.6.3 Local Privilege Escalation

(Friday May 22, 2020)
Druva inSync Windows Client version 6.6.3 suffers from a local privilege escalation vulnerability.

VUPlayer 2.49 .m3u Local Buffer Overflow

(Friday May 22, 2020)
VUPlayer version 2.49 .m3u local buffer overflow exploit with DEP and ASLR.

Home Security Vendor Sued After Technician Spied on Customers in ‘Intimate Moments’

(Friday May 22, 2020)
Users of ADT home security systems have filed a class action against the vendor after discovering that a technician used his own credentials to set up the hardware and then spied on them. ADT Pulse is a complete home security package including smart locks, an alarm system and surveillance cams, all controllable from a handy […]

NSO Group Impersonates Facebook Security Team to Spread Spyware — Report

(Friday May 22, 2020)
An investigation traces an NSO Group-controlled IP address to a fake Facebook security portal.

Documenting the impossible: unexploitable XSS labs

(Friday May 22, 2020)
Have you ever found some risky behavior, but couldn't quite prove it was exploitable? Our XSS cheat sheet contains virtually every exploit technique we know of, but what should you do if you can't fin

Military Active-Duty Personnel Are 76% More Likely to Report Identify Theft, FTC Reports

(Friday May 22, 2020)
A five-year analysis of data gathered by IdentityTheft.gov reveals that “active duty service members are 76% more likely than other adults to report that an identity thief misused an existing account,” and “nearly three times as likely” to report the fraudulent use of a debit card to steal funds from their bank account. The findings, […]

Chafer APT Hits Middle East Govs With Latest Cyber-Espionage Attacks

(Friday May 22, 2020)
Government and air transportation companies in Kuwait and Saudi Arabia were targeted in a recent attack tracked back to the Chafer APT.

Apple and Google launch COVID-19 contact tracing API

(Friday May 22, 2020)
The first phase of Apple and Google's contact tracing framework to help identify people at risk from coronavirus.

COVID-19: Latest Security News & Commentary

(Friday May 22, 2020)
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.

Shotlooter - a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc

(Friday May 22, 2020)
a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc - utkusen/shotlooter

Ligolo : Reverse Tunneling made easy for pentesters, by pentesters

(Friday May 22, 2020)
Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/ - sysdream/ligolo

10 iOS Security Tips to Lock Down Your iPhone

(Friday May 22, 2020)
Mobile security experts share their go-to advice for protecting iPhones from hackers, thieves, and fraudsters.

Weekly Update 192

(Friday May 22, 2020)
Hey, check out that haircut! And shirt! It's almost like I'm a professional again 😊 Come Monday, schools here return as usual so I figured it was time for both my son and I to head to the barber. Other events of the day had me sprucing up to a level

Bank of America Notifies SBA Loan Applicants of Potential Data Leak

(Friday May 22, 2020)
This week, the Bank of America revealed that personal data of some of its customers may have been exposed when they uploaded their Paycheck Protection Program (PPP) loan application to the bank’s testing platform. According to a notification letter filed with the California Attorney General’s Office, “on April 22, the Bank uploaded some clients’ loan […]

New Phishing tactic using Google Firebase

(Friday May 22, 2020)
Cybercriminals are taking advantage of the Google name and the cloud to convince victims into handing over their login details. A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google’s cloud infrastructure to dupe victims and skate by secure email gateways. Google Firebase […] The post New Phishing tactic using Google Firebase [https://www.itsecurityguru.org/2020/05/22/new-phishing-tactic-using-google-firebase/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Unemployment claimants suffer data breach

(Friday May 22, 2020)
The social security numbers and home addresses of thousands of unemployment applicants inadvertently were exposed this week in three states that had contracted with Deloitte to build unemployment portals. In Ohio, Illinois and Colorado, thousands who applied for Pandemic Unemployment Assistance, or PUA, a type of unemployment newly available to the self-employed and gig workers, […] The post Unemployment claimants suffer data breach [https://www.itsecurityguru.org/2020/05/22/unemployment-claimants-suffer-data-breach/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Critical flaw in Cisco’s Unified CCX

(Friday May 22, 2020)
Cisco has fixed a critical remote code-execution flaw in its popular customer interaction management solution. Cisco has hurried out a fix out for a critical remote code-execution flaw in its customer interaction management solution, Cisco Unified Contact Center Express (CCX). Cisco’s Unified CCX software is touted as a “contact center in a box” that allows […] The post Critical flaw in Cisco’s Unified CCX [https://www.itsecurityguru.org/2020/05/22/critical-flaw-in-ciscos-unified-ccx/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Hackers try to exploit vulnerability in Sophos firewalls

(Friday May 22, 2020)
UK cyber-security vendor Sophos published today an update on its investigation into a recent series of attacks that tried to exploit a zero-day vulnerability in its XG firewall product. Sophos said that after they learned of the incident and issued a hotfix, the attackers panicked and modified their attack routine to replace their original data-stealing […] The post Hackers try to exploit vulnerability in Sophos firewalls [https://www.itsecurityguru.org/2020/05/22/hackers-try-to-exploit-vulnerability-in-sophos-firewalls/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Banking Malware ZLoader spotted in over 100 email campaigns

(Friday May 22, 2020)
A banking malware called ZLoader, last seen in early 2018, has been spotted in more than 100 email campaigns since the beginning of the year. The trojan is under active development with 25 versions seen in the wild since its comeback in December 2019, the latest one observed this month. The malicious email campaigns target […] The post Banking Malware ZLoader spotted in over 100 email campaigns [https://www.itsecurityguru.org/2020/05/22/banking-malware-zloader-spotted-in-over-100-email-campaigns/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

How Abnormal Security combats business email compromise

(Friday May 22, 2020)
When looking at all the different ways that hackers can threaten networks and enterprises, flashy incidents like scams often come to mind. But a relatively new kind of attack called business email compromise (BEC) has taken the lead in both frequency and overall damage, quickly becoming public enemy number one.(Insider Story)

Gym Management System 1.0 Remote Code Execution

(Thursday May 21, 2020)
Gym Management System version 1.0 suffers from an unauthenticated remote code execution vulnerability.

Qualys Security Advisory - Qmail Remote Code Execution

(Thursday May 21, 2020)
In 2005, three vulnerabilities were discovered in qmail but were never fixed because they were believed to be unexploitable in a default installation. Qualys recently re-discovered these vulnerabilities and were able to exploit one of them remotely in a default installation.

Ubuntu Security Notice USN-4370-2

(Thursday May 21, 2020)
Ubuntu Security Notice 4370-2 - USN-4370-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

Ubuntu Security Notice USN-4371-1

(Thursday May 21, 2020)
Ubuntu Security Notice 4371-1 - It was discovered that libvirt incorrectly handled an active pool without a target path. A remote attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. It was discovered that libvirt incorrectly handled memory when retrieving certain domain statistics. A remote attacker could possibly use this issue to cause libvirt to consume resources, resulting in a denial of service. This issue only affected Ubuntu 19.10. Various other issues were also addressed.

Ubuntu Security Notice USN-4372-1

(Thursday May 21, 2020)
Ubuntu Security Notice 4372-1 - It was discovered that QEMU incorrectly handled bochs-display devices. A local attacker in a guest could use this to cause a denial of service or possibly execute arbitrary code in the host. This issue only affected Ubuntu 19.10. It was discovered that QEMU incorrectly handled memory during certain VNC operations. A remote attacker could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. Various other issues were also addressed.

Apple Security Advisory 2020-05-20-1

(Thursday May 21, 2020)
Apple Security Advisory 2020-05-20-1 - Xcode 11.5 is now available and addresses an issue where a crafted git URL that contains a newline in it may cause credential information to be provided for the wrong host.

Security 101: Cross-Site Scripting

(Thursday May 21, 2020)
Cross-site scripting has been around longer than most security professionals have been on the job. Why is it still such an issue when we've known about it for so long?

Web Scrapers Have Bigger-Than-Perceived Impact on Digital Businesses

(Thursday May 21, 2020)
The economic impact of bot traffic can be unexpectedly substantial, a PerimeterX-commissioned study finds.

Hackers Serve Up Stolen Credentials from Home Chef

(Thursday May 21, 2020)
Some 8 million of the meal delivery company's customer records have been offered for sale on the Dark Web.

Telcos Become Richer Hacking Targets

(Thursday May 21, 2020)
The shift of moving telecommunications networks toward more commercial networking equipment and systems also expanded their attack surface.

Ubuntu Security Notice USN-4370-1

(Thursday May 21, 2020)
Ubuntu Security Notice 4370-1 - It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.

Long Tail Analysis: A New Hope in the Cybercrime Battle

(Thursday May 21, 2020)
Looking for niche anomalies in an automated way with AI and machine learning is the future.

Adobe “out of band” critical patch – get your update now!

(Thursday May 21, 2020)
Looks as though at least one of these patches was supposed to come out a week ago but ended up delayed until now...

The Joy of Deal-Making: From Sports Cards to Investments and Acquisitions

(Thursday May 21, 2020)
Derek Idemoto, recently named SVP of Corporate Development and Cisco Investments, shares how he has the best job in the world – managing a team of domain experts, partnering with business unit leaders on strategy, and engaging with venture capitalists, investment banks, entrepreneurs and founders. The post The Joy of Deal-Making: From Sports Cards to Investments and Acquisitions [https://blogs.cisco.com/news/the-joy-of-deal-making-from-sports-cards-to-investments-and-acquisitions] appeared first on Cisco Blogs [https://blogs.cisco.com].

How an Industry Consortium Can Reinvent Security Solution Testing

(Thursday May 21, 2020)
By committing to independent testing to determine value, vendors will ensure that their products do what they say they do.

WebLogic Server Deserialization Remote Code Execution

(Thursday May 21, 2020)
This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable WebLogic servers.

Red Hat Security Advisory 2020-2250-01

(Thursday May 21, 2020)
Red Hat Security Advisory 2020-2250-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.104 and .NET Core Runtime 3.1.4. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-4369-1

(Thursday May 21, 2020)
Ubuntu Security Notice 4369-1 - It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service. Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. Various other issues were also addressed.

OAuth 2.0 Implementation And Security

(Thursday May 21, 2020)
Whitepaper called OAuth 2.0 Implementation and Security.

AbsoluteTelnet 11.21 Denial Of Service

(Thursday May 21, 2020)
AbsoluteTelnet version 11.21 suffers from multiple denial of service vulnerabilities.