Spear phishing 101: what you need to know

Phishing, a cyberattack method as old as viruses and Nigerian Princes, continues to be one of the most popular means of initiating a breach against individuals and organizations, even in 2020. The tactic is so effective, it has spawned a multitude of sub-methods, including smishing phishing via...

Security update for GraphicsMagick (moderate)

openSUSE Security Update: Security update for GraphicsMagick Announcement ID: openSUSE-SU-2020:0145-1 Rating: moderate References: 1159852 1160321 1160364 Cross-References: CVE-2019-19950 CVE-2019-19951 CVE-2019-19953 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes three...

Security update for apt-cacher-ng (important)

openSUSE Security Update: Security update for apt-cacher-ng Announcement ID: openSUSE-SU-2020:0124-1 Rating: important References: 1157703 1157706 Cross-References: CVE-2019-18899 CVE-2020-5202 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available...

thc-tips-tricks-hacks-cheat-sheet

THC's favourite Tips, Tricks & Hacks Cheat Sheet https://th...

Security update for libredwg (moderate)

openSUSE Security Update: Security update for libredwg Announcement ID: openSUSE-SU-2020:0096-1 Rating: moderate References: 1160520 1160522 1160523 1160524 1160525 1160526 1160527 Cross-References: CVE-2020-6609 CVE-2020-6610 CVE-2020-6611 CVE-2020-6612 CVE-2020-6613 CVE-2020-6614 CVE-2020-6615...

Security update for tigervnc (important)

openSUSE Security Update: Security update for tigervnc Announcement ID: openSUSE-SU-2020:0087-1 Rating: important References: 1159856 1159858 1159860 1160250 1160251 Cross-References: CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 Affected Products: openSUSE Leap 15.1 ...

Maintain Your Streaming Posture During Failures With Origin Failover

Maintaining a high-quality playback experience for users is extremely critical whether it is for on-demand content or for large-scale live events. Origin failures occur when a server is overwhelmed with requests, due to congested networks or other unexpected events. These failures can keep origin...

DRIVE.NET, Inc.: Testing for arbitrary HTTP methods

Test for allowed HTTP methods on the server. Below are the steps to reproduce it. Step 1. Navigate the url Step 2. Intercept the GET http request using burp suite Step 3. change GET to ABCD as shown in screenshot and forward this request to server Step 4. Observe the http response from the server...

UBUNTU-CVE-2020-7058

DISPUTED datainput.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection - Data Input Methods - Unix - Ping Host. NOTE: the vendor has stated "This is a false alarm."...

CVE-2020-7058

datainput.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection - Data Input Methods - Unix - Ping Host. NOTE: the vendor has stated "This is a false alarm...

openSUSE: Security Advisory for samba (openSUSE-SU-2019:2142-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for shadowsocks-libev (openSUSE-SU-2019:2667-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for libqb (openSUSE-SU-2019:1752-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for Recommended (openSUSE-SU-2019:2607-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-11762

If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...

DEBIAN-CVE-2019-11762

If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...

Cross site scripting

If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...

CVE-2019-11762

If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...

CVE-2019-11762

The CVE-2019-11762 issue is a cross-origin origin isolation bug where two same-origin documents setting document.domain differently could allow calling arbitrary DOM methods/getters/setters on the now-cross-origin window. Affected products include Firefox (<70) and Firefox ESR (<68.2), and ...

CVE-2019-11762

If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...