From Security Weekly WikiJump to navigationJump to search
- CISA AA20-106A: Guidance on the North Korean Cyber Threat DPRK's malicious acctivites targeting financial sector, attributions, mitigations, international cooperation and resources.
- VMware plugs critical flaw in vCenter Server VMware has fixed flaws in version 6.7 - read their bulletin for specific fix information.
- Zoom bugs fetch $5-30K on Dark Web That said, Zoom flaws sell for less than other exploits.
- Google removes 49 Chrome extension caught stealing crypto-wallet keys Based on real extensions, target funds from high-value accounts.
- CISA AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching Lots of good information on exploiting the vulnerability. CVE-2019-11510 is a pre-authentication arbitrary file read vulnerability affecting Pulse Secure VPN appliances. Directory traversal is allowed if the directory path contains dana/html/acc ...