Friday, June 5, 2020

SYMSA1485-Symantec Endpoint Encryption Privilege Escalation

Symantec has released an update to address issues that were discovered in the Symantec Endpoint Encryption and Symantec Encryption Desktop products.

SYMSA1462-OpenSSL Vulnerabilities 16-Apr-2018 and 12-Jun-2018

Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A malicious SSL/TLS server can send large DH parameters during connections using DH/DHE cipher suites and cause denial-of-service in the SSL/TLS client. A local attacker can...

SYMSA1484-DLP Cross Site Scripting

Symantec has released updates to address an issue that was discovered in the DLP product.
SC Magazine

Cisco security advisories address 47 flaws, three critical

Cisco Systems on Wednesday, June 3 released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software. Among the most series flaws is a...

Electrolux, Others Conned Out of Big Money by BEC Scammer

Kenenty Hwan Kim has pleaded guilty to swindling the appliance giant and other companies in a set of elaborate schemes.
The Register

Kind of goes without saying, but fix your admin passwords or risk getting borged by this brute-forcing botnet

Publishing platforms, hosts being targeted by Stealthworker malware Servers are being targeted with a malware attack that uses its infected hosts to brute-force other machines.…

News Wrap: Fake Minneapolis Police Breach, Zoom End-To-End Encryption Debate

Threatpost editors discuss debunked reports of a Minneapolis police department breach and Zoom announcing only paying users would get end-to-end encryption.

QNAP NAS devices targeted in another wave of ransomware attacks

eCh0raix ransomware gang returns with a new wave of attacks against QNAP NAS devices.