Saturday, January 19, 2019
Splunk

Splunk-Python-SDK address one vulnerability

Description Splunk-Python-SDK address one vulnerability Untrusted TLS server certs verification is not present (CVE-2019-5729) At the time of this announcement, Splunk is not aware of any cases where these vulnerabilities...
Splunk

Splunk Enterprise and Splunk Light address multiple vulnerabilities

Description Splunk Enterprise and Splunk Light address multiple vulnerabilities Cross Site Scripting in Splunk Web (CVE-2018-7427) Denial of Service (CVE-2018-7432) Path Traversal Vulnerability...
Splunk

Splunk response to CVE-2018-11409: Information Exposure

Description Splunk has completed a review of CVE-2018-11409: Information Exposure. Splunk Enterprise exposes system information through a REST endpoint as described by the vulnerability descriptions. Information Exposure in Splunk Enterprise ...
ZDNet

Websites can steal browser data via extensions APIs

Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
Security Affairs

6 Reasons We Need to Boost Cybersecurity Focus in 2019

Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...
isBuzz

Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency

Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information  as well...

DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week

Trump dominated security headlines this week, but there's plenty of other news to catch up on.
SecurityWeek

Bulgaria Extradites Russian Hacker to US: Embassy

Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday. read more