ATENTIONβΌ New - CVE-2019-17028
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-17027
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.π Read
via "National Vulnerability Database".
π΄ Elastic Security Makes Case For Blending 'Human Element,' Election Security π΄
π Read
via "Dark Reading: ".
Nate Fick, general manager of Elastic and former CEO of Endgame, talks about the impact of AI and machine learning on security professionals, and how what technologies can be tapped to improve security in the runup to November's election.π Read
via "Dark Reading: ".
Dark Reading
Elastic Security Makes Case For Blending 'Human Element,' Election Security - Dark Reading
Nate Fick, general manager of Elastic and former CEO of Endgame, talks about the impact of AI and machine learning on security professionals, and how what technologies can be tapped to improve security in the runup to November's election.
π RSA: What it's like to attend the first tech conference after the coronavirus epidemic π
π Read
via "Security on TechRepublic".
San Francisco is the site of the RSA 2020 conference, which took place despite cancellations from IBM, Verizon and AT&T.π Read
via "Security on TechRepublic".
TechRepublic
RSA: What it's like to attend a tech conference during the coronavirus epidemic
San Francisco is the site of the RSA 2020 conference, which took place despite cancellations from IBM, Verizon and AT&T.
π΄ Sophos Boosts Threat Hunting, Managed Detection and Response Capabilities π΄
π Read
via "Dark Reading: ".
JJ Thompson, senior director of managed threat response for Sophos digs deep into how organizations can start to make sense of the seemingly unlimited data that's available from endpoints, cloud, and on-premises networks. And that's a critical capability as attacker behaviors start to change.π Read
via "Dark Reading: ".
Dark Reading
Sophos Boosts Threat Hunting, Managed Detection and Response Capabilities - Dark Reading
JJ Thompson, senior director of managed threat response for Sophos digs deep into how organizations can start to make sense of the seemingly unlimited data that's available from endpoints, cloud, and on-premises networks. And that's a critical capabilityβ¦
π΄ US State Dept. Shares Insider Tips to Fight Insider Threats π΄
π Read
via "Dark Reading: ".
The insider threat is a technology, security, and personnel issue, officials said in explaining an approach that addresses all three factors.π Read
via "Dark Reading: ".
Dark Reading
US State Dept. Shares Insider Tips to Fight Insider Threats
The insider threat is a technology, security, and personnel issue, officials said in explaining an approach that addresses all three factors.
π΄ How Should I Answer a Nontech Exec Who Asks, 'How Secure Are We?' π΄
π Read
via "Dark Reading: ".
Consider this your opportunity to educate.π Read
via "Dark Reading: ".
Dark Reading
How Should I Answer a Nontech Exec Who Asks, 'How Secure Are We?'
Consider this your opportunity to educate.
β RSAC 2020: Lack of Machine Learning Laws Open Doors To Attacks β
π Read
via "Threatpost".
When it comes to machine learning, research and cybercriminal activity is full speed ahead - but legal policy has not yet caught up.π Read
via "Threatpost".
Threat Post
RSAC 2020: Lack of Machine Learning Laws Open Doors To Attacks
When it comes to machine learning, research and cybercriminal activity is full speed ahead - but legal policy has not yet caught up.
π΄ Tufin: How to Make Better Sense of the Cloud Security Equation π΄
π Read
via "Dark Reading: ".
CEO Reuven Harrison examines how cloud services have changed how enterprises manage their apps and data, and also offers some tips for security pros tasked with managing either hybrid- or multi-cloud implementations. Harrison also takes on Kubernetes and container security in this News Desk interview.π Read
via "Dark Reading: ".
Dark Reading
Tufin: How to Make Better Sense of the Cloud Security Equation - Dark Reading
CEO Reuven Harrison examines how cloud services have changed how enterprises manage their apps and data, and also offers some tips for security pros tasked with managing either hybrid- or multi-cloud implementations. Harrison also takes on Kubernetes andβ¦
π Digital Guardian Wins Best Data Loss Prevention (DLP) Solution at SC Awards 2020! π
π Read
via "Subscriber Blog RSS Feed ".
We're thrilled to share that Digital Guardian won the Best Data Loss Prevention (DLP) Solution at the 2020 SC Trust Awards at RSA Conference!π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Digital Guardian Wins Best Data Loss Prevention (DLP) Solution at SC Awards 2020!
We're thrilled to share that Digital Guardian won the Best Data Loss Prevention (DLP) Solution at the 2020 SC Trust Awards at RSA Conference!
β RSAC 2020: Smart Baby Monitor Vulnerable to Remote Hackers β
π Read
via "Threatpost".
A popular baby monitor has been found riddled with vulnerabilities that give attackers full access to personal information and sensitive video footage.π Read
via "Threatpost".
Threat Post
RSAC 2020: Smart Baby Monitor Vulnerable to Remote Hackers
A popular baby monitor has been found riddled with vulnerabilities that give attackers full access to personal information and sensitive video footage.
β Billions of Devices Open to Wi-Fi Eavesdropping Attacks β
π Read
via "Threatpost".
The Kr00k bug arises from an all-zero encryption key in Wi-Fi chips that reveals communications from devices from Amazon, Apple, Google, Samsung and others.π Read
via "Threatpost".
Threat Post
Billions of Devices Open to Wi-Fi Eavesdropping Attacks
The Kr00k bug arises from an all-zero encryption key in Wi-Fi chips that reveals communications from devices from Amazon, Apple, Google, Samsung and others.
π΄ 'Cloud Snooper' Attack Circumvents AWS Firewall Controls π΄
π Read
via "Dark Reading: ".
Possible nation-state supply chain attack acts like a "wolf in sheep's clothing," Sophos says.π Read
via "Dark Reading: ".
Dark Reading
'Cloud Snooper' Attack Circumvents AWS Firewall Controls
Possible nation-state supply chain attack acts like a wolf in sheep's clothing, Sophos says.
ATENTIONβΌ New - CVE-2019-12882
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-19668
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-17963. Reason: This candidate is a reservation duplicate of CVE-2018-17963. Notes: All CVE users should reference CVE-2018-17963 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-6371
π Read
via "National Vulnerability Database".
Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-6363
π Read
via "National Vulnerability Database".
** DISPUTED ** In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'"π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-5861
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-1000020. Reason: This candidate is a reservation duplicate of CVE-2017-1000020. Notes: All CVE users should reference CVE-2017-1000020 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-5686
π Read
via "National Vulnerability Database".
Parts of the Puppet Enterprise Console 3.x were found to be susceptible to clickjacking and CSRF (Cross-Site Request Forgery) attacks. This would allow an attacker to redirect user input to an untrusted site or hijack a user session.π Read
via "National Vulnerability Database".
β Facebook bans coronavirus βmiracle cureβ ads β
π Read
via "Naked Security".
Facebook, like other platforms, has seen fake news, mass-buying of face masks, and misinformation about bleach being a cure for COVID-19.π Read
via "Naked Security".
Naked Security
Facebook bans coronavirus βmiracle cureβ ads
Facebook, like other platforms, has seen fake news, mass-buying of face masks, and misinformation about bleach being a cure for COVID-19.
π Why city and state governments may be unprepared for ransomware attacks π
π Read
via "Security on TechRepublic".
Despite the rise in ransomware, a lack of prevention training and stagnant security budgets are putting local governments at risk, according to IBM Security.π Read
via "Security on TechRepublic".
TechRepublic
Why city and state governments may be unprepared for ransomware attacks
Despite the rise in ransomware, a lack of prevention training and stagnant security budgets are putting local governments at risk, according to IBM Security.