What is the TLS padlock saying?

Security What is the TLS padlock saying? Share November 20th, 2020 Alice and Bob use TLS to keep their long distance relationship hot and private. TL;DR: skip to the conclusions to see what Alice learned. The Privacy Problem Alice and Bob had to turn their relationship into a long distance one...

Michael Ellis as NSA General Counsel

Over at Lawfare, Susan Hennessey has an excellent primer on how Trump loyalist Michael Ellis got to be the NSA General Counsel, over the objections of NSA Director Paul Nakasone, and what Biden can and should do about it. While important details remain unclear, media accounts include numerous...

mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete

A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user's connection and insert unauthorized SQL commands...

QBot Trojan delivered via malspam campaign exploiting US election uncertainties

This blog post was authored by Jérôme Segura and Hossein Jazi. The 2020 US elections have been the subject of intense scrutiny and emotions, while happening in the middle of a global pandemic. As election night ended and uncertainty regarding the results began to creep in, threat actors decided t...

Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure...

Cyber Insecurity: Securing the Vote in the 2020 Election

Ahead of the 2020 U.S. presidential election, there are a number of cybersecurity threats looming. In an unprecedented year, we have already begun to see foreign interference,1 government agencies hit with ransomware attacks2, the National Guard deployed by state and local governments to assist...

Feds: Iran Behind 'Proud Boys' Email Attacks on Democratic Voters

Federal officials claim that Iranian threat actors are behind two separate email campaigns that assailed Democratic voters this week with threats to “vote for Trump or else.” The campaigns claimed to be from violent extremist group Proud Boys. Two specific email campaigns — one on Tuesday Oct. 20...

CISA and FBI Release Joint Advisories Regarding Russian and Iranian APT Actors

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released two joint cybersecurity advisories on widespread advanced persistent threat APT activity. Joint Cybersecurity Advisory: AA20-296A Russian State-Sponsored Advanced Persistent Threat...

The Election Threats That Keep US Intelligence Up at Night

Government officials have increasingly sounded alarms on the risks of foreign interference and disinformation campaigns leading up to—and after—November 3...

The International Playbook for Foiling Russian Interference

The Kremlin has meddled in so many elections that democracy’s immune system has gotten wise to its threats. Here are lessons other countries can teach us...

CVE-2018-19946

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this improper certificate validation vulnerability could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. QNAP has already fixed the issue in...

Friday Squid Blogging: New SQUID

There's a new SQUID: A new device that relies on flowing clouds of ultracold atoms promises potential tests of the intersection between the weirdness of the quantum world and the familiarity of the macroscopic world we experience every day. The atomtronic Superconducting QUantum Interference Devi...

U.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddling

The U.S. government is concerned about foreign interference in the 2020 election, so much so that it will offer a reward of up to $10 million for anyone providing information that could lead to tracking down potential cybercriminals aiming to sabotage the November vote. The U.S. Department of...

CVE-2019-20867

An issue was discovered in Mattermost Server before 5.11.0. An attacker can interfere with a channel's post loading via one crafted post...

CVE-2019-20867

An issue was discovered in Mattermost Server before 5.11.0. An attacker can interfere with a channel's post loading via one crafted post...

SWARCO CPU LS4000 G4 Access Control Error Vulnerability

SWARCO CPU LS4000 G4 is a set of software used in SWARCO chips from SWARCO Austria. An access control error vulnerability exists in SWARCOs CPU LS4000 G4, which arises from an open port used for debugging that fails network access control and has root access to the device. An attacker could use...

Code injection

The COVIDSafe Australia app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. T...

CVE-2020-12826

A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because execid in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a donotifyparent protection mechanism. A child process can send an arbitrary signal to a parent...

Integer overflow

A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because execid in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a donotifyparent protection mechanism. A child process can send an arbitrary signal to a parent...

CVE-2020-12270

React Native Bluetooth Scan in Bluezone 1.0.0 uses six-character alphanumeric IDs, which might make it easier for remote attackers to interfere with COVID-19 contact tracing by using many IDs. NOTE: the vendor disputes the relevance of this report because the recipient of an F1 alert will know it...