CVE-2019-14600

Uncontrolled search path element in the installer for Intel(R) SNMP Subagent Stand-Alone for Windows* may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: NIST
CVE-2019-14600

CVE-2019-14596

Improper access control in the installer for Intel(R) Chipset Device Software INF Utility before version 10.1.18 may allow an authenticated user to potentially enable denial of service via local access.
Source: NIST
CVE-2019-14596

CVE-2019-14601

Improper permissions in the installer for Intel(R) RWC 3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: NIST
CVE-2019-14601

CVE-2019-15854

An issue was discovered in Maarch RM before 2.5. A privilege escalation vulnerability allows an authenticated user with lowest privileges to give herself highest administration privileges via a crafted PUT request to an unauthorized resource.
Source: NIST
CVE-2019-15854

CVE-2019-15855

An issue was discovered in Maarch RM before 2.5. A path traversal vulnerability allows an unauthenticated remote attacker to overwrite any files with a crafted POST request if the default installation procedure was followed. This results in a permanent Denial of Service.
Source: NIST
CVE-2019-15855

Mobile Banking Malware Up 50% in First Half of 2019

A new report from Check Point recaps the cybercrime trends, statistics, and vulnerabilities that defined the security landscape in 2019.
Source: DarkReading
Mobile Banking Malware Up 50% in First Half of 2019

Fidelis Cybersecurity Acquired by Skyview Capital

Fidelis Cybersecurity Acquired by Skyview Capital

An American company dedicated to thwarting cyber-attacks has been snapped up by a global private equity firm. 



Skyview Capital, LLC announced its acquisition of Fidelis Cybersecurity, Inc yesterday. Fidelis is located in the Maryland town of Bethesda, which a 2015 NerdWallet survey found to be the most educated place in America. 



Fidelis Cybersecurity is a leading provider of network traffic analysis and of digital forensics and incident response solutions that enable enterprises and government organizations to detect, hunt, and respond to advanced threats that evade traditional security solutions.



The company counts among its 250 employees some of the world’s leading cybersecurity experts, including specialists from the US Department of Defense, the intelligence community, and industry.



Solutions developed by Fidelis are delivered as standalone network, endpoint, and deception products; an integrated platform; or as a constantly operational managed detection and response service that augments existing security operations, threat hunting, and incident response capabilities.



Fidelis was acquired from a consortium of investors in a stock transaction in a deal that serves to increase Skyview’s existing software technology portfolio.



“With the ever-increasing complexity of digital environments and the pace of cyber threats across the world, we see an opportunity to build upon Fidelis’ impressive technology and solidify its position within the IT security industry,” said Alex Soltani, chairman and CEO of Skyview. 



“This transaction aligns well with our investment philosophy of targeting and investing in mission critical technology businesses across a wide spectrum of verticals, from telecommunications to cybersecurity.”



The mission of Fidelis is not set to change as a result of the acquisition. 



Soltani said: “Skyview is committed to realizing the full value of Fidelis as a safeguard against cyber threats, and we are enthusiastic about identifying both organic and inorganic growth opportunities.”



Nick Lantuh, president and chief executive officer of Fidelis Cybersecurity, sees the deal as a golden opportunity for growth. 



He said: “We are excited to partner with Skyview Capital and benefit from their ability to help us take the Fidelis platform, which provides unmatched visibility and empowers security teams to rapidly respond to threats, into other markets.”


Source: Infosecurity
Fidelis Cybersecurity Acquired by Skyview Capital

FBI Seizes Domain That Sold Info Stolen in Data Breaches

The website, WeLeakData.com, claimed to have more than 12 billion records gathered from over 10,000 breaches.
Source: DarkReading
FBI Seizes Domain That Sold Info Stolen in Data Breaches

CVE-2019-20003

Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored XSS via the Debug-Log and Display-Log components. This could be exploited when an attacker sends an crafted string for FTP authentication.
Source: NIST
CVE-2019-20003

NortonLifeLock Puts Silicon Valley Real Estate Up for Sale

NortonLifeLock Puts Silicon Valley Real Estate Up for Sale

NortonLifeLock, formerly known as Symantec, has put ten large commercial buildings in California’s Silicon Valley on the market. 



The cybersecurity company is seeking a buyer for the properties, which are all based in the Mountain View area, close to the Google Quad Campus. The ten buildings on the market are grouped into three separate campuses, not more than a few minutes’ drive from one another. 



Commercial real estate firm Cushman & Wakefield has been hired to help shift the properties, which together total 707,000 square feet. 



According to The Orange County Register, the buildings are featured in a brochure being circulated on behalf of NortonLifeLock. 



“Never before offered to the marketplace, the offering represents a generational opportunity to acquire a portfolio of 10 buildings totaling 706,737 square feet in the heart of Silicon Valley,” states the brochure. 



Mountain View was the site of Symantec’s headquarters for many years, but in November the company, under its new name NortonLifeLock, relocated its operational nerve center to Tempe, Arizona. 



One of the three campuses for sale, described in the brochure as the “headquarters campus,” is located at 350 Ellis Street. On this site are five buildings offering a total 428,000 square feet of office space. 



The second campus, which is made up of research and office buildings totaling 128,000 square feet, is located at 455, 487, and 501 E. Middlefield Road. The final clutch of office and research buildings, which together offer 150,000 square feet of space, is at 515 and 545 N. Whisman Road.



In an effort to keep the ten properties together, NortonLifeLock is ideally seeking a single buyer for all three campuses.



The brochure states that “it is a strong preference of the seller for one buyer to acquire the entire portfolio,” however, “individual offers on the various components may be considered.”



NortonLifeLock’s decision to put the properties on the market comes amid a concerted effort by the company to downsize. Over the course of 2019, the company announced it would be terminating 320 jobs in Mountain View and a further 82 in San Francisco.


Source: Infosecurity
NortonLifeLock Puts Silicon Valley Real Estate Up for Sale