UltraRank hackers compromised 100s of websites via JS-Sniffer attacks

By Zara Khan The cybercriminal group dubbed as “UltraRank’ previous shenanigans were linked to Magecart Groups 2, 5, and 12. This is a post from HackRead.com Read the original post: UltraRank hackers compromised 100s of websites via JS-Sniffer attacks...

Insecure Direct Object Reference vulnerability in the mysonicwall.com add-user API

An insecure direct object reference vulnerability has been identified in the users/add-user API endpoint of mysonicwall.com. This could allow a normal authenticated mysonicwall user to manipulate API parameter and gain access to user group of tenant of any other mysonicwall user account. CVE: N/A...

CVE-2020-3975

VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior to 2006 contain a Stored Cross-Site Scripting XSS vulnerability. A malicious actor with access to create and edit applications or create storage groups, may be able to inject malicious script which will be executed by a victim'...

VMware App Volumes patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3975)

3a. Advisory Details VMware App Volumes does not correctly validate user input when creating and editing applications or creating storage groups. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.5...

US claims disrupting 3 cryptocurrency campaigns run by terror groups

By Sudais Asif A total of 300 cryptocurrency accounts, 4 websites, and 4 Facebook pages with... This is a post from HackRead.com Read the original post: US claims disrupting 3 cryptocurrency campaigns run by terror groups...

DAGOBAH - Open Source Tool To Generate Internal Threat Intelligence, Inventory & Compliance Data From AWS Resources

Dagobah is an open source tool written in python to automate the internal threat intelligence generation, inventory collection and compliance check from different AWS resources. Dagobah collects information and save the state into an elasticsearch index. Dagobah runs into the a LAMBDA and looks a...

AWS Report - A Tool For Analyzing Amazon Resources

AWS Report is a tool for analyzing amazon resources. Install using PIP pip install awsreport Features Search IAM users based on creation date Search buckets public Search security based in rules, default is 0.0.0.0/0 Search elastic ip dissociated Search volumes available Search AMIs with permissi...

The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, relates to authentication errors. This vulnerability allows an attacker to create existing or new users for access control based on roles and groups.

The vulnerability of the CloudForms Management Engine software platform for managing virtual environments is related to authentication errors. Exploiting this vulnerability allows a malicious actor to create existing or new users for access control based on roles and groups...

Lazarus on the hunt for big game

We may only be six months in, but theres little doubt that 2020 will go down in history as a rather unpleasant year. In the field of cybersecurity, the collective hurt mostly crystallized around the increasing prevalence of targeted ransomware attacks. By investigating a number of these incidents...

A week in security (July 20 – 26)

Last week on Malwarebytes Labs, our Lock and Code podcast delved into Bluetooth and beacon technology. We also dug into APT groups targeting India and Hong Kong, covered a law enforcement bust, and tried to figure out when, exactly, a Deepfake is a Deepfake. Other cybersecurity news Insecure emai...

OPENSUSE-SU-2020:1014-1 Security update for google-compute-engine

This update for google-compute-engine fixes the following issues: - Don't enable and start google-network-daemon.service when it's already installed bsc1169978 + Do not add the created user to the adm CVE-2020-8903, docker CVE-2020-8907, or lxd CVE-2020-8933 groups if they exist bsc1173258...

Security update for google-compute-engine (important)

openSUSE Security Update: Security update for google-compute-engine Announcement ID: openSUSE-SU-2020:0996-1 Rating: important References: 1169978 1173258 Cross-References: CVE-2020-8903 CVE-2020-8907 CVE-2020-8933 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities i...

CISO Stressbusters Post #3: 3 ways to share accountability for security risk management

Jim Eckart, former Chief Information Security Officer CISO of The Coca-Cola Company and current Chief Security Advisor at Microsoft shares his advice for relieving stress in today’s CISO Stressbuster post. If you are a CISO, it can feel like the responsibility for keeping the company secure rests...

Ask the Howlers: Latest Threats and Security Challenges Part 1

This is part of our ongoing bi-weekly webinar series called Ask the Howlers, where cybersecurity experts discuss the latest news, security challenges, and answer your questions. There is no doubt that remote work has become the new norm. Many organizations around the world are adapting to this ne...

How bad bots are targeting the healthcare sector

Credential cracking, or password spraying, is one of the most effective ways for cybercriminals to get access to user accounts. It refers to the brute-force automated cracking, or pairing of usernames and passwords by using sophisticated high-speed bots. According to a National Cyber Awareness...

Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards

Researchers reported on Monday that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites. According to several independent reports from PerimeterX, Kaspersky, and Sansec, threat actors are now injecting data-stealing cod...

CVE-2020-8907

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...

CVE-2020-13275

A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1...

CVE-2020-13275

CVE-2020-13275 affects GitLab EE versions 12.2–13.0.1. The vulnerability is an authorization issue where a user with an unverified email address could request access to domain‑restricted groups. The connected documents corroborate the affected versions and the access impact; no remediation detail...

CVE-2020-13275

A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1...