Published 6 days ago Previous

Cyberthreats for the week of 2020-06-29 to 2020-07-06

Use ThreatView to manage your Cybersecurity threats.

© RiskView Inc. 2020

Phishing AttacksEQ Bank0.01162790698Laurentian Bank0.03488372093Vancity0.05813953488Servus Credit Union0.08139534884Manulife Financial0.1046511628Sun Life Financial0.1279069767TMX0.1511627907iA Financial0.1744186047IFDS0.1976744186Rogers0.2209302326Fido0.2441860465Loblaws0.2674418605Sobeys0.2906976744Whole Foods0.3139534884Shoppers Drug Mart0.3372093023Jean Coutu0.3604651163Rexall0.3837209302Uniprix0.4069767442Pharmasave0.4302325581Via Rail0.4534883721Air Canada0.476744186Westjet0.5Airtransat0.523255814Tangerine Bank0.5465116279Telus0.5697674419Shaw Communications0.5930232558National Bank of Canada0.6162790698Bell0.6395348837ATB Financial0.6627906977Costco0.6860465116TD Bank0.7093023256HSBC Bank0.7325581395Metro0.7558139535RBC Royal Bank0.7790697674American Express0.8023255814Walmart0.8255813953Covid-19 / Healthcare0.8488372093CIBC0.8720930233Desjardins Financial0.8953488372Scotiabank0.9186046512Covid-19 / Transport0.9418604651Bank of Montreal0.9651162791Covid-19 / Financial0.988372093010203040010.973076923076924543.9391771019679EQ Bank010.973076923076924531.3944543828266Laurentian Bank010.973076923076924518.8497316636852Vancity010.973076923076924506.3050089445439Servus Credit Union010.973076923076924493.7602862254025Manulife Financial010.973076923076924481.21556350626116Sun Life Financial010.973076923076924468.67084078711986TMX010.973076923076924456.12611806797855iA Financial010.973076923076924443.58139534883725IFDS010.973076923076924431.03667262969594Rogers010.973076923076924418.49194991055464Fido010.973076923076924405.9472271914132Loblaws010.973076923076924393.4025044722719Sobeys010.973076923076924380.8577817531306Whole Foods010.973076923076924368.31305903398925Shoppers Drug Mart010.973076923076924355.76833631484794Jean Coutu010.973076923076924343.22361359570664Rexall010.973076923076924330.67889087656533Uniprix010.973076923076924318.13416815742397Pharmasave010.973076923076924305.58944543828267Via Rail010.973076923076924293.04472271914136Air Canada010.973076923076924280.50000000000006Westjet010.973076923076924267.9552772808587Airtransat116.51437646241591255.4105545617174Tangerine Bank116.51437646241591242.865831842576Telus116.51437646241591230.32110912343464Shaw Communications222.0556760017549217.7763864042934National Bank of Canada222.0556760017549205.23166368515203Bell749.76217369844984192.68694096601072ATB Financial855.30347323778882180.14221824686942Costco1066.38607231646681167.5974955277281TD Bank1171.92737185580579155.05277280858675HSBC Bank1171.92737185580579142.5080500894454Metro1277.46867139514478129.96332737030409RBC Royal Bank1383.00997093448376117.4186046511628American Express1383.00997093448376104.87388193202149Walmart1488.5512704738227592.32915921288013Covid-19 / Healthcare1594.0925700131617579.78443649373888CIBC1594.0925700131617567.23971377459746Desjardins Financial1699.6338695525007454.69499105545622Scotiabank1699.6338695525007442.1502683363148Covid-19 / Transport20121.7990677098566929.605545617173497Bank of Montreal48276.955454811348417.060822898032193Covid-19 / FinancialPhishing Attacks00000000000000000000000111227810111112131314151516162048

Threat TypesData Breaches0.0625Vulnerabilities0.1875Scanner0.3125Botnet0.4375Spam0.5625Malware0.6875Dark Web0.8125Phishing0.93750100020003000400050006000700080009000012.173076923076922194.26201923076923Data Breaches28620.80119958779968168.90144230769232Vulnerabilities162561.19650115445622143.5408653846154Scanner7010223.65258699198085118.18028846153847Botnet10915.4614173792125292.81971153846153Spam26720.2280026275558667.45913461538463Malware3713.28930258249909742.0985576923077Dark Web9311293.0697557036139616.737980769230766PhishingThreat Types028616257010109267379311

Vulnerabilities by Buzz level (286 total)Low0.1666666667Med0.5High0.8333333333020406080100120140160180200220240260278303.394900127496874.66666666666666Low114.86470218640217345.5Med417.98957797637792716.33333333333334HighVulnerabilities by Buzz level (286 total)27814

High Risk Vulnerabilities

Published Summary CVE Number
2020-06-29 11:15

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability. This issue affects PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0 (EOL). This issue does not affect PAN-OS 7.1. This issue cannot be exploited if SAML is not used for authentication. This issue cannot be exploited if the 'Validate Identity Provider Certificate' option is enabled (checked) in the SAML Identity Provider Server Profile. Resources that can be protected by SAML-based single sign-on (SSO) authentication are: GlobalProtect Gateway, GlobalProtect Portal, GlobalProtect Clientless VPN, Authentication and Captive Portal, PAN-OS next-generation firewalls (PA-Series, VM-Series) …

CVE-2020-2021
2020-06-30 17:15

OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.

CVE-2020-14947
2020-07-01 11:15

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.

CVE-2020-5902
2020-07-02 09:15

Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed with the privileges of therunning guacd process.

CVE-2020-9498
2020-07-02 09:15

Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the connection.

CVE-2020-9497