DHS Warns Of Increasing Emotet Risk

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2020-7220
PUBLISHED: 2020-01-23

HashiCorp Vault Enterprise 0.11.0 through 1.3.1 fails, in certain circumstances, to revoke dynamic secrets for a mount in a deleted namespace. Fixed in 1.3.2.

CVE-2019-15707
PUBLISHED: 2020-01-23

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for.

CVE-2019-15712
PUBLISHED: 2020-01-23

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to access web console they should not be authorized for.

CVE-2019-16512
PUBLISHED: 2020-01-23

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance modifier.

CVE-2019-16513
PUBLISHED: 2020-01-23

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. CSRF can be used to send API requests.

Source: https://www.darkreading.com/attacks-breaches/dhs-warns-of-increasing-emotet-risk/d/d-id/1336873?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Generative Data Intelligence

Bitcoin Bloodbath: Crypto Analyst Spots ‘Death Cross’ After 8% Price Drop

AIEMP Announces Launch of Innovative AI Security Project

Latest Intelligence

Pantera Capital’s Fund V Targets $1 Billion for Diverse Blockchain Investments

The National Virtual Climate Laboratory is Your Guide to Climate Science – CleanTechnica

This Semi-Enclosed Electric Trike Could Make Commuting A Lot More Fun – CleanTechnica

Methane Offsets Provider Zefiro Methane Goes Public on Cboe Canada

Rare ‘Epic Sat’ from Bitcoin’s Fourth Halving Block Sold for Over $2 Million

Will Marijuana Help You Look Good In a Swimsuit