Zerologon vulnerability threatens domain controllers
Credit to Author: Hugh Aver| Date: Tue, 15 Sep 2020 15:55:19 +0000
The CVE-2020-1472 vulnerability in the Netlogon protocol, aka Zerologon, lets attackers hijack domain controllers.
Read morevulnerabilities
Lock and Code S1Ep13: Monitoring the safety of parental monitoring apps with Emory Roane
Credit to Author: Malwarebytes Labs| Date: Mon, 17 Aug 2020 15:30:00 +0000
 | |
| This week on Lock and Code, we talk to Emory Roane, policy counsel at Privacy Rights Clearinghouse, about parental monitoring apps. Categories: Tags: Chrome Extensioncovid-19 scamsdefconHBO phishingHBO scamInstacartInstacart breachIntelIntel leaklock & codelock and codelock and code podcastmalwarebytes labs podcastmalwarebytes podcastNetflix phishingNetflix scamphishingphishing scampodcastSBA scamscamspying appsstalkerwaretiktokTwitch phishingTwitch scamvulnerabilitiesYouTube phishingYouTube scamziggozoomZoom vulnerabilities |
The post Lock and Code S1Ep13: Monitoring the safety of parental monitoring apps with Emory Roane appeared first on Malwarebytes Labs.
Read moreOperation PowerFall: Two zero-day vulnerabilities
Credit to Author: Hugh Aver| Date: Wed, 12 Aug 2020 07:05:01 +0000
Our technologies prevented an attack. Expert analysis revealed the exploitation of two previously unknown vulnerabilities. What you need to know.
Read moreCVE-2020-1350: Vulnerability in Windows DNS servers
Credit to Author: Hugh Aver| Date: Wed, 15 Jul 2020 17:56:44 +0000
Microsoft has released a patch for a critical RCE vulnerability in Windows Server systems.
Read moreRisk Decisions in an Imperfect World
Credit to Author: Mark Nunnikhoven (Vice President, Cloud Research)| Date: Tue, 30 Jun 2020 12:57:58 +0000
Risk decisions are the foundation of information security. Sadly, they are also one of the most often misunderstood parts of information security. This is bad enough on its own but can sink any effort at education as an organization moves towards a DevOps philosophy. To properly evaluate the risk of an event, two components are…
The post Risk Decisions in an Imperfect World appeared first on .
Read moreRipple20: Vulnerabilities in millions of IoT devices
Credit to Author: Hugh Aver| Date: Thu, 18 Jun 2020 16:49:53 +0000
Israeli experts claim that hundreds of millions of IoT devices contain critical vulnerabilities — and that’s the most conservative estimate.
Read moreEthical principles of vulnerability disclosure
Credit to Author: Andrey Efremov| Date: Mon, 18 May 2020 15:05:37 +0000
To ensure that a vulnerability disclosure doesn’t cause more problems than it solves, we recommend a few simple principles.
Read moreHow CVSS works: characterizing and scoring vulnerabilities
Credit to Author: Eddie Segal| Date: Wed, 13 May 2020 15:30:00 +0000
 | |
| CVSS, or Common Vulnerability Scoring System, provides developers, testers, and security professionals with a standardized process to assess vulnerabilities. Categories: Tags: attack complexityattack vectorbug bountycommon vulnerability scoring systemCVSSCVSS 3.1FIRSTForum of Incident Response and Security Teamsprivileges requiredsoftware vulnerabilitystandardizationuser interaction (UI)vulnerabilitiesvulnerability |
The post How CVSS works: characterizing and scoring vulnerabilities appeared first on Malwarebytes Labs.
Read more