47% of online MongoDB databases hacked demanding ransom

By Sudais Asif The hackers also threatened to inform GDPR officials if the ransom is not paid. This is a post from HackRead.com Read the original post: 47% of online MongoDB databases hacked demanding ransom...

Fedora: Security Advisory for galera (FEDORA-2020-35f52d9370)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 31 Update: moby-engine-19.03.11-1.ce.git42e35e6.fc31

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This me ans they can run anywhere, from your laptop to the largest EC2 compute instance and everything in between - and they don'...

[SECURITY] Fedora 32 Update: galera-26.4.4-2.fc32

Galera is a fast synchronous multi-master wsrep provider replication engin e for transactional databases and similar applications. For more information about wsrep API see http://launchpad.net/wsrep. For a description of Galera replication engine see http://www.codership.com...

Imperva Takes on its Largest Recorded Account Takeover Attack on a Single Company

Imperva recently detected and mitigated the largest - and most concentrated - series of brute force ATO account takeover attacks in its history. Over the course of 60 hours from midnight on October 28, our ATO team’s monitoring systems detected more than 44 million ATO attempts on the login page ...

Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records

The Ukrainian police have arrested a hacker who made headlines in January last year by posting a massive database containing some 773 million stolen email addresses and 21 million unique plaintext passwords for sale on various underground hacking forums. In an official statement released on...

Over 4000 Android Apps Expose Users' Data via Misconfigured Firebase Databases

More than 4,000 Android apps that use Google's cloud-hosted Firebase databases are 'unknowingly' leaking sensitive information on their users, including their email addresses, usernames, passwords, phone numbers, full names, chat messages and location data. The investigation, led by Bob Diachenko...

[SECURITY] Fedora 31 Update: libldb-2.0.10-1.fc31

An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases...

[SECURITY] Fedora 30 Update: libldb-1.5.7-1.fc30

An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases...

[SECURITY] Fedora 32 Update: libldb-2.1.2-1.fc32

An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases...

Oracle MySQL Server 5.7 <= 5.7.28 Security Update (cpuapr2020) - Linux

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

CVE-2020-7114

A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. As a result of this attack, a possible complete cluster compromise might occur. Resolution: Fixed in...

Design/Logic Flaw

A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. As a result of this attack, a possible complete cluster compromise might occur. Resolution: Fixed in...

Sql injection

The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password...

MS16-014: Description of the security update for Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2: February 9, 2016

MS16-014: Description of the security update for Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2: February 9, 2016 Summary This security update resolves vulnerabilities in Windows. The most severe of the...

Fedora: Security Advisory for coturn (FEDORA-2020-6efa0fc869)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for coturn (FEDORA-2020-f3fcb1608a)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Hackers mining Monero on Microsoft SQL databases for last 2 years

By Sudais Asif Microsoft has been doing a tremendous job in tackling cybercrime but lately... This is a post from HackRead.com Read the original post: Hackers mining Monero on Microsoft SQL databases for last 2 years...

CVE-2018-1115

It was found that pgcatalog.pglogfilerotate, from the adminpack extension, did not follow the same ACLs than pgroratelogfile. If the adminpack is added to a database, an attacker able to connect to it could use this flaw to force log rotation...

Incorrect Default Permissions in keyring

Python keyring has insecure permissions on new databases, allowing world-readable files to be created...