Changes

From Security Weekly Wiki
Jump to navigationJump to search
#[https://www.theregister.com/2020/07/01/evilquest_ransomware/ Things that happen every four years: Olympic Games, Presidential elections, and now new Mac ransomware]
#[https://nakedsecurity.sophos.com/2020/07/01/firefox-78-is-out-with-a-mysteriously-empty-list-of-security-fixes/ Firefox 78 is out with a mysteriously empty list of security fixes]
#[https://www.schneier.com/blog/archives/2020/07/securing_the_in_1.html Securing the International IoT Supply Chain - Schneier on Security]- ''The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries? And our solution is: enforce the regulations on the domestic company that's selling the stuff to consumers.''#[https://securityaffairs.co/wordpress/105439/hacking/netgear-security-flaws.html Netgear is releasing fixes for ten issues affecting 79 products]- All around the world its the same song, er vulnerability: ''Multiple Netgear devices contain a stack buffer overflow in the httpd web server’s handling of upgrade_check.cgi, which may allow for unauthenticated remote code execution with root privileges.''#[https://www.helpnetsecurity.com/2020/07/02/rce-windows-10/ Microsoft fixes two RCE flaws affecting Windows 10 machines - Help Net Security]- ''What initially seemed like critical out-of-band patches for Windows 10 and Windows Server 2019 systems turned out to be slightly less urgent patches since the flaws affect only Windows 10 systems and only those users who have installed the optional HEVC or “HEVC from Device Manufacturer” media codecs from Microsoft Store, limiting thusly the pool of machines open to attack.''#[https://thehackernews.com/2020/07/apache-guacamole-hacking.html Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking]- ''The attacks stem one of the two possible ways the gateway can be taken over: either by a compromised machine inside the corporate network that leverages an incoming benign connection to attack the Apache gateway or a rogue employee who uses a computer inside the network to hijack the gateway.''
#[https://www.securityweek.com/goldenspy-malware-targets-businesses-operating-china 'GoldenSpy' Malware Targets Businesses Operating in China | SecurityWeek.Com]
#[https://secwiki.org/w/Running_nmap_as_an_unprivileged_user Running nmap as an unprivileged user - SecWiki]
7,608

edits

Navigation menu