Template:PSW647NewsLee Neely

From Security Weekly Wiki
Jump to navigationJump to search

News

  1. CISA AA20-106A: Guidance on the North Korean Cyber Threat DPRK's malicious acctivites targeting financial sector, attributions, mitigations, international cooperation and resources.
  2. VMware plugs critical flaw in vCenter Server VMware has fixed flaws in version 6.7 - read their bulletin for specific fix information.
  3. Zoom bugs fetch $5-30K on Dark Web That said, Zoom flaws sell for less than other exploits.
  4. Google removes 49 Chrome extension caught stealing crypto-wallet keys Based on real extensions, target funds from high-value accounts.
  5. CISA AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching Lots of good information on exploiting the vulnerability. CVE-2019-11510 is a pre-authentication arbitrary file read vulnerability affecting Pulse Secure VPN appliances. Directory traversal is allowed if the directory path contains dana/html/acc ...