- ▶ [1.20 글로벌 이슈투데이] 블록체인, 스타벅스, 온실가스 흡입
- ▶ [기자수첩] 민주주의를 아웃소싱 해도 되나요?
- ▶ 에이텐, 하이브리드 KVMP 스위치 CS1953 출시
- ▶ 다가올 자율주행 레벨4 시대! 국내에선 어떤 준비를 하고 있을까?
- ▶ 슈나이더 일렉트릭 코리아, 경기도 오산에 통합물류센터 오픈
- ▶ 언택트 시대 급성장한 클라우드 환경... SECaaS 보안을 주목하라
- ▶ 제105차 CISO포럼 “비대면 시대의 회복 탄력성, 사이버보안에서 찾아야”
- ▶ 총기·마약 밀반입 등 차단 위해 관세행정 맞춤형 기술개발 사업 추진한다
- ▶ 암호화폐 거래소 라이브코인, 해커에게 도메인 빼앗긴 뒤 폐업
- ▶ 리눅스 컴퓨터를 뚫어낸 아이들, 아버지가 직접 경고하기도
- ▶ ‘교통범칙금 통지 문자’ 잘못 열었다간 악성앱 다운된다
- ▶ ‘바이든 행정부 출범’ 관련한 기획 설문조사? 北 탈륨 해커조직 공격이었다
- ▶ AI 챗봇 ‘이루다’ 서비스 중단됐지만... 개인정보 유출 등 논란은 현재진행형
- ▶ 2021년 1월 첫째 주 가장 많이 발견된 악성코드 TOP 5
- ▶ 지난 연말 국민들 현혹한 4대 스미싱 키워드, 택배·건강검진·대출·재난지원금
- ▶ [긴급] 더존비즈온 ‘위하고(WEHAGO)’, 오후부터 서비스 장애 발생
- ▶ 스캐터랩, 인공지능 챗봇 ‘이루다’ DB 및 딥러닝 대화 모델 폐기한다
- ▶ 中, 2020년 12월 정보보안 취약점 1,200여개로 연중 최저치
- ▶ [단독] 더존비즈온, 실적 눈 멀어 고객과 보안은 뒷전... 플래시 대책 안 세웠다
- ▶ 올해의 첫 정기 패치, 제로데이와 선공개 취약점 포함 총 83개
- ▶ 안랩, 디지털교육 사회공헌 프로그램
- ▶ 산업교육연구소, AI산업 세미나 26~27일
- ▶ [한국정보보호학회 칼럼] 미래 핵심
- ▶ 스마트공장 보안 가이드라인 만들었
- ▶ 2021년 1월 첫째 주 가장 많이 발견된
- ▶ 1.1조원 규모 범부처 자율주행사업 본
- ▶ 과기정통부, 2020년 K-사이버 방역 등
- ▶ 유럽의약청, 사이버공격으로 코로나
- ▶ 안랩 MDS, KOTRA 주관 ‘차세대 세계일류
- ▶ 방산업체 사이버보안 강화 나서...보
- ▶ ISMS 의무화 두달 앞으로! 국내 암호화
- ▶ 정부, 'HTTP' 공공 웹사이트 보안 강화
- ▶ 국내 보안업계, 올해 OT·ICS 보안사업
- ▶ 모바일 신분증, 프라이버시 침해 방지
- ▶ 'PC카톡'으로 위장한 악성파일 주의하
- ▶ "스마트 팩토리 시장 잡아라"…IT서비
- ▶ 떠오르는 해킹 피해 국가 뉴질랜드,
- ▶ 연말정산에 카카오·PASS 등 민간 전자
- ▶ 보안업계, 조직개편 단행…'클라우드
- ▶ 급증하는 해킹메일, 어떤 유형이 있고
- ▶ Malware/Win32.RL_Generic.C4302247
- ▶ Malware/Win32.RL_Generic.C4301233
- ▶ Trojan/Win32.MSIL.C4299253
- ▶ Malware/Win32.Generic.C4298452
- ▶ Malware/Win32.RL_Generic.C4296906
- ▶ Malware/Gen.RL_Reputation.C4201334
- ▶ Trojan/Win32.RL_Generic.C4287504
- ▶ Malware/Win32.RL_Generic.C4289192
- ▶ Malware/Win32.Generic.C4197762
- ▶ Trojan/Win32.Agent.R361177
- ▶ Malware/Win64.RL_Generic.C4289148
- ▶ Trojan/Win32.Emotet.C4269060
- ▶ Malware/Win32.Generic.C4263003
- ▶ Trojan/Win32.Kryptik.C4250478
- ▶ Trojan/Win32.Kryptik.C4249434
- ▶ Trojan/Win32.Agent.C4248550
- ▶ Trojan/win32.Crysis.C4247652
- ▶ Trojan/Win32.RL_Generic.C4246950
- ▶ Trojan/Win32.Agent.C4230337
- ▶ Malware/Win32.Generic.C4229872
-
There is command injection when ddns processes the hostname, which causes the adminis
-
The data collection SDK of the router web management interface caused the leakage of
-
The login verification can be bypassed by using the problem that the time is not
-
Wrong nginx configuration, causing specific paths to be downloaded without authorizati
-
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 specifies permissions for a securi
-
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in
-
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 uses weaker than expected cryptog
-
Combodo iTop is a web based IT Service Management tool. In iTop before versions
-
Combodo iTop is a web based IT Service Management tool. In iTop before versions
-
Combodo iTop is a web based IT Service Management tool. In iTop before versions
-
The "Test Connection" available in v7.x of the Red Hat Single Sign On applicati
-
Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under
-
A deserialization vulnerability existed in dubbo 2.7.5 and its earlier versions, wh
-
A denial-of-service vulnerability exists in the Ethernet/IP server functionality of
-
CVE-2018-18689 (expert_pdf_reader, expert_pdf_ultimate, foxit_reader, nitro_pro, nitro_reader, pdf-xchange_editor, pdf-xchange_viewer, pdf_architect, pdf_editor_6, pdf_experte_ultimate, pdf_studio, pdf_studio_viewer_2018, pdfelement6, perfect_pdf_10, perfect_pdf_reader, soda_pdf, soda_pdf_desktop)
The Portable Document Format (PDF) specification does not provide any information
-
CVE-2018-18688 (foxit_reader, libreoffice, master_pdf_editor, nitro_pro, nitro_reader, pdf_editor_6, pdf_studio, pdf_studio_viewer_2018, pdfelement6, perfect_pdf_10, perfect_pdf_reader, phantompdf, power_pdf_standard)
The Portable Document Format (PDF) specification does not provide any information
-
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when pr
-
An issue was discovered in the sodiumoxide crate before 0.2.5 for Rust. generichash:
-
CVE-2020-10209 (ak45x_firmware, ak5xx_firmware, ak65x_firmware, aria6xx_firmware, aria7xx_firmware, kami7b_firmware)
Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amin
-
CVE-2020-10208 (ak45x_firmware, ak5xx_firmware, ak65x_firmware, aria6xx_firmware, aria7xx_firmware, kami7b_firmware)
Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx
-
CVE-2020-10206 (ak45x_firmware, ak5xx_firmware, ak65x_firmware, aria6xx_firmware, aria7xx_firmware, kami7b_firmware)
Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, A
-
CVE-2020-10210 (ak45x_firmware, ak5xx_firmware, ak65x_firmware, aria6xx_firmware, aria7xx_firmware, kami7b_firmware)
Because of hard-coded SSH keys for the root user in Amino Communications AK45x ser
-
CVE-2020-10207 (ak45x_firmware, ak5xx_firmware, ak65x_firmware, aria6xx_firmware, aria7xx_firmware, kami7b_firmware)
Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x se
-
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earl
-
CVE-2018-1000873 (active_iq_unified_manager, clusterware, database_server, global_lifecycle_management_opatch, jackson-modules-java8, nosql_database)
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation
-
CVE-2017-7525 (banking_platform, communications_billing_and_revenue_management, communications_communications_policy_management, communications_diameter_signaling_route, communications_instant_messaging_server, debian_linux, enterprise_manager_for_virtualization, financial_services_analytical_applications_infrastructure, global_lifecycle_management_opatchauto, jackson-databind, jboss_enterprise_application_platform, oncommand_balance, oncommand_performance_manager, oncommand_shift, openshift_container_platform, primavera_unifier, snapcenter, struts, utilities_advanced_spatial_and_operational_analytics, virtualization, virtualization_host, webcenter_portal)
A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1
-
CVE-2017-17485 (debian_linux, e-series_santricity_os_controller, e-series_santricity_web_services_proxy, jackson-databind, jboss_enterprise_application_platform, oncommand_shift, openshift_container_platform, snapcenter)
FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated
-
CVE-2015-3195 (api_gateway, communications_webrtc_session_controller, debian_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_tus, enterprise_linux_workstation, exalogic_infrastructure, fedora, http_server, integrated_lights_out_manager_firmware, leap, life_sciences_data_hub, linux, linux_enterprise_server, mac_os_x, openssl, opensuse, solaris, sun_ray_software, transportation_management, ubuntu_linux, vm_server, vm_virtualbox)
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec-.c in OpenSSL before
-
CVE-2013-0800 (debian_linux, enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_server, linux_enterprise_software_development_kit, opensuse, pixman, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)
Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman
-
The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the
-
New Charges Derail COVID Release for Hacker Who Aided ISIS
A hacker serving a 20-year sentence for stealing personal data on 1,300 U.S. militar
-
Joker’s Stash Carding Market to Call it Quits
Joker's Stash, by some accounts the largest underground shop for selling stolen credit
-
Microsoft Patch Tuesday, January 2021 Edition
Microsoft today released updates to plug more than 80 security holes in its Windows
-
SolarWinds: What Hit Us Could Hit Others
New research into the malware that set the stage for the megabreach at IT vendor S
-
Ubiquiti: Change Your Password, Enable 2FA
Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as
-
Sealed U.S. Court Records Exposed in SolarWinds Breach
The ongoing breach affecting thousands of organizations that relied on backdoored pr
-
All Aboard the Pequod!
Like countless others, I frittered away the better part of Jan. 6 doomscrolling and
-
Hamas May Be Threat to 8chan, QAnon Online
In October 2020, KrebsOnSecurity looked at how a web of sites connected to consp
-
Happy 11th Birthday, KrebsOnSecurity!
Today marks the 11th anniversary of KrebsOnSecurity! Thank you, Dear Readers, for you
-
VMware Flaw a Vector in SolarWinds Breach?
U.S. government cybersecurity agencies warned this week that the attackers behind the