Difference between revisions of "Template:HNNPaul245"

From Security Weekly Wiki
Jump to navigationJump to search
(Added With Paul's Craptastic Python Script)
 
Line 1: Line 1:
#[https://www.zdnet.com/article/how-panasonic-is-using-internet-honeypots-to-improve-iot-device-security/ How Panasonic is using internet honeypots to improve IoT device security | ZDNet]
+
#[https://www.zdnet.com/article/how-panasonic-is-using-internet-honeypots-to-improve-iot-device-security/ How Panasonic is using internet honeypots to improve IoT device security]
 
#[https://www.geekwire.com/2019/new-windows-10-ransomware-threat-examining-claims-potentially-unstoppable-vulnerability/ A new Windows 10 ransomware threat? Examining claims of a potentially unstoppable vulnerability]
 
#[https://www.geekwire.com/2019/new-windows-10-ransomware-threat-examining-claims-potentially-unstoppable-vulnerability/ A new Windows 10 ransomware threat? Examining claims of a potentially unstoppable vulnerability]
 
#[https://threatpost.com/birth-certificate-data-multiple-states/150948/ Birth Certificate Data Laid Bare on the Web in Multiple States]
 
#[https://threatpost.com/birth-certificate-data-multiple-states/150948/ Birth Certificate Data Laid Bare on the Web in Multiple States]
 
#[https://www.bbc.com/news/technology-50686543 'Hackable' karaoke and walkie talkie toys found by Which?]
 
#[https://www.bbc.com/news/technology-50686543 'Hackable' karaoke and walkie talkie toys found by Which?]
#[https://www.zdnet.com/article/new-vulnerability-lets-attackers-sniff-or-hijack-vpn-connections/ New vulnerability lets attackers sniff or hijack VPN connections | ZDNet]
+
#[https://threatpost.com/linux-bug-vpns-hijacking/150891/ Linux Bug Opens Most VPNs to Hijacking] - ''According to researchers at University of New Mexico and Breakpointing Bad, the bug (CVE-2019-14899), “allows…an attacker to determine if…a user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and whether or not there is an active connection to a given website.” In an advisory released this week, they noted that once a proof-of-concept exploit allowed them to determine a VPN client’s virtual IP address and make inferences about active connections, they were then able to use encrypted replies to unsolicited packets to determine the sequence and acknowledgment numbers of connections. These allowed them to hijack TCP sessions and inject data into the TCP stream.''
#[https://threatpost.com/linux-bug-vpns-hijacking/150891/ Linux Bug Opens Most VPNs to Hijacking]
+
#[https://www.securityweek.com/hardware-based-password-managers-store-credentials-plaintext Hardware-based Password Managers Store Credentials in Plaintext]
#[https://www.securityweek.com/hardware-based-password-managers-store-credentials-plaintext Hardware-based Password Managers Store Credentials in Plaintext | SecurityWeek.Com]
 
 
#[https://www.computerworld.com/article/3489036/microsoft-to-end-updates-to-windows-7s-free-av-software-security-essentials.html Microsoft to end updates to Windows 7's free AV software, Security Essentials]
 
#[https://www.computerworld.com/article/3489036/microsoft-to-end-updates-to-windows-7s-free-av-software-security-essentials.html Microsoft to end updates to Windows 7's free AV software, Security Essentials]
#[https://www.securityweek.com/new-office-365-feature-provides-detailed-information-email-attack-campaigns New Office 365 Feature Provides Detailed Information on Email Attack Campaigns | SecurityWeek.Com]
+
#[https://www.securityweek.com/new-office-365-feature-provides-detailed-information-email-attack-campaigns New Office 365 Feature Provides Detailed Information on Email Attack Campaigns]
 
#[https://nakedsecurity.sophos.com/2019/12/10/snatch-ransomware-pwns-security-using-sneaky-safe-mode-reboot/ Snatch ransomware pwns security using sneaky safe mode reboot]
 
#[https://nakedsecurity.sophos.com/2019/12/10/snatch-ransomware-pwns-security-using-sneaky-safe-mode-reboot/ Snatch ransomware pwns security using sneaky safe mode reboot]
 
#[https://www.forbes.com/sites/daveywinder/2019/12/07/google-confirms-critical-android-8-9-and-10-permanent-denial-of-service-threat/ Google Confirms Critical Android 8, 9 And 10 Permanent Denial Of Service Threat]
 
#[https://www.forbes.com/sites/daveywinder/2019/12/07/google-confirms-critical-android-8-9-and-10-permanent-denial-of-service-threat/ Google Confirms Critical Android 8, 9 And 10 Permanent Denial Of Service Threat]

Revision as of 17:16, 10 December 2019

  1. How Panasonic is using internet honeypots to improve IoT device security
  2. A new Windows 10 ransomware threat? Examining claims of a potentially unstoppable vulnerability
  3. Birth Certificate Data Laid Bare on the Web in Multiple States
  4. 'Hackable' karaoke and walkie talkie toys found by Which?
  5. Linux Bug Opens Most VPNs to Hijacking - According to researchers at University of New Mexico and Breakpointing Bad, the bug (CVE-2019-14899), “allows…an attacker to determine if…a user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and whether or not there is an active connection to a given website.” In an advisory released this week, they noted that once a proof-of-concept exploit allowed them to determine a VPN client’s virtual IP address and make inferences about active connections, they were then able to use encrypted replies to unsolicited packets to determine the sequence and acknowledgment numbers of connections. These allowed them to hijack TCP sessions and inject data into the TCP stream.
  6. Hardware-based Password Managers Store Credentials in Plaintext
  7. Microsoft to end updates to Windows 7's free AV software, Security Essentials
  8. New Office 365 Feature Provides Detailed Information on Email Attack Campaigns
  9. Snatch ransomware pwns security using sneaky safe mode reboot
  10. Google Confirms Critical Android 8, 9 And 10 Permanent Denial Of Service Threat