Saturday, December 5, 2020
CERT

VU#724367: VMware Workspace ONE Access and related components are vulnerable to command injection

Overview VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector are vulnerable to...
CERT

VU#231329: Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks

Overview The Replay Protected Memory Block (RPMB) protocol found in several storage specifications does not securely...
CERT

VU#760767: Macrium Reflect is vulnerable to privilege escalation due to OPENSSLDIR location

Overview Macrium Reflect contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable...
CERT

VU#208577: Chocolatey Boxstarter vulnerable to privilege escalation due to weak ACLs

Overview Chocolatey Boxstarter fails to properly set ACLs, which can allow an unprivileged Windows user to...
CERT

VU#114757: Acronis backup software contains multiple privilege escalation vulnerabilities

Overview Acronis True Image, Cyber Backup, and Cyber Protection all contain privilege escalation vulnerabilities, which can...
CERT

VU#490028: Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector

Overview The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV)...
CERT

VU#896979: IPTV encoder devices contain multiple vulnerabilities

Overview Multiple vulnerabilities exist in various Video Over IP (Internet Protocol) encoder devices, also known as...
CERT

VU#589825: Devices supporting Bluetooth BR/EDR and LE using CTKD are vulnerable to key overwrite

Overview Devices supporting both Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD) for pairing are...
CERT

VU#221785: Diebold Nixdorf ProCash 2100xe USB ATM does not adequately secure communications between CCDM and host

Overview Diebold Nixdorf 2100xe USB automated teller machines (ATMs) are vulnerable to physical attacks on the...
CERT

VU#815655: NCR SelfServ ATM BNA contains multiple vulnerabilities

Overview NCR SelfServ automated teller machines (ATMs) running APTRA XFS 04.02.01 and 05.01.00 are vulnerable to...
CERT

VU#116713: NCR SelfServ ATM dispenser software contains multiple vulnerabilities

Overview NCR SelfServ automated teller machines (ATMs) running APTRA XFS 05.01.00 or older are vulnerable to...
CERT

VU#174059: GRUB2 bootloader is vulnerable to buffer overflow

Overview The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution...
CERT

VU#290915: F5 BIG-IP contains multiple vulnerabilities including unauthenticated remote command execution

Overview F5 BIG-IP provides a Traffic Management User Interface (TMUI), also referred to as the Configuration...
CERT

VU#576779: Netgear httpd upgrade_check.cgi stack buffer overflow

Overview Multiple Netgear devices contain a stack buffer overflow in the httpd web server's handling of...
CERT

VU#257161: Treck IP stacks contain multiple vulnerabilities

Overview Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF who calls them Ripple20. Description Treck IP network stack software is designed for and used in a variety of...

Top 20 Predictions Of How AI Is Going To Improve Cybersecurity In 2021

What 20 Leading Cybersecurity Experts Are Predicting For 2021
SecurityWeek

Italy Says Two Arrested for Defense Data Theft

Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday. The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare...

The US Used the Patriot Act to Justify Logging Website Users

Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news.
ZDNet

Ransomware hits helicopter maker Kopter

Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
ZDNet

Ransomware gangs are now cold-calling victims if they restore from backups without paying

Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.