CVE-2020-35516
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was...
CVE-2020-35515
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was...
CVE-2020-35511
A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file. Read More
True crime shows might be the biggest educational tool for cybercrime awareness
A survey of U.S. and UK residents conducted by Censuswide and commissioned by identity verification vendor Onfido released today said that popular culture – specifically,...
Ex-Security Chief Accuses Twitter of Cybersecurity Negligence
Peiter Zatko admitted that he “reasonably feared Twitter could suffer an Equifax-level hack” Read More
Hackers demand $10 million from Paris hospital after ransomware attack
Malicious hackers are demanding $10 million from a French hospital they hit with ransomware last weekend. The Hospital Center Sud Francilien (CHSF) in Corbeil-Essonnes, south-east...
CISA Adds Palo Alto Networks’ PAN-OS Vulnerability to Catalog
The flaw would allow a network-based unauthenticated threat actor to perform DoS attacks Read More
CVE-2020-35509
A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time...
Air-Gap Attack Exploits Gyroscope Ultrasonic Covert Channel to Leak Data
Gairoscope is a covert ultrasonic channel that does not require a microphone on the receiving side Read More
Software Assurance: Approaching Allowlisting for Code
While there has been significant work done on supply chain security, efforts surrounding automated software assurance continue to evolve. Read More