CVE-2020-35515
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was...
CVE-2020-35511
A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file. Read More
True crime shows might be the biggest educational tool for cybercrime awareness
A survey of U.S. and UK residents conducted by Censuswide and commissioned by identity verification vendor Onfido released today said that popular culture – specifically,...
Ex-Security Chief Accuses Twitter of Cybersecurity Negligence
Peiter Zatko admitted that he “reasonably feared Twitter could suffer an Equifax-level hack” Read More
Hackers demand $10 million from Paris hospital after ransomware attack
Malicious hackers are demanding $10 million from a French hospital they hit with ransomware last weekend. The Hospital Center Sud Francilien (CHSF) in Corbeil-Essonnes, south-east...
CISA Adds Palo Alto Networks’ PAN-OS Vulnerability to Catalog
The flaw would allow a network-based unauthenticated threat actor to perform DoS attacks Read More
CVE-2020-35509
A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time...
Air-Gap Attack Exploits Gyroscope Ultrasonic Covert Channel to Leak Data
Gairoscope is a covert ultrasonic channel that does not require a microphone on the receiving side Read More
Software Assurance: Approaching Allowlisting for Code
While there has been significant work done on supply chain security, efforts surrounding automated software assurance continue to evolve. Read More
Counterfeit Android Devices Revealed to Contain Backdoor Designed to Hack WhatsApp
At least four different smartphones affected: ‘P48pro’, ‘radmi note 8’, ‘Note30u’ and ‘Mate40’ Read More