π Open Cybersecurity Alliance looks for new members and new projects at RSA 2020 π
π Read
via "Security on TechRepublic".
New standards project aims to make it easy to integrate multiple security tools.π Read
via "Security on TechRepublic".
TechRepublic
Open Cybersecurity Alliance looks for new members and new projects at RSA 2020
New standards project aims to make it easy to integrate multiple security tools.
π΄ Tense Talk About Supply Chain Risk Yields Few Answers π΄
π Read
via "Dark Reading: ".
RSA panelists locked horns over whether the ban preventing US government agencies from doing business with Huawei is unfairly singling out the Chinese telecom giant.π Read
via "Dark Reading: ".
Dark Reading
Tense Talk About Supply Chain Risk Yields Few Answers
RSA panelists locked horns over whether the ban preventing US government agencies from doing business with Huawei is unfairly singling out the Chinese telecom giant.
β RSAC 2020: GMβs Transportation Future Hinges on Cybersecurity β
π Read
via "Threatpost".
CEO Mary T. Barra addressed the high stakes in rolling out self-driving cars and biometric-enhanced vehicles, where one cyber-event could derail plans for emerging automotive technologies.π Read
via "Threatpost".
Threat Post
RSAC 2020: GMβs Transportation Future Hinges on Cybersecurity
CEO Mary T. Barra addressed the high stakes in rolling out self-driving cars and biometric-enhanced vehicles, where one cyber-event could derail plans for emerging automotive technologies.
π΄ Government Employees Unprepared for Ransomware π΄
π Read
via "Dark Reading: ".
Data shows 73% are concerned about municipal ransomware threats but only 38% are trained on preventing these attacks.π Read
via "Dark Reading: ".
Darkreading
Government Employees Unprepared for Ransomware
Data shows 73% are concerned about municipal ransomware threats but only 38% are trained on preventing these attacks.
ATENTIONβΌ New - CVE-2018-8878
π Read
via "National Vulnerability Database".
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the custom_id variable on the blocking.asp page.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-8877
π Read
via "National Vulnerability Database".
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network IP address ranges by reading the new_lan_ip variable on the error_page.htm page.π Read
via "National Vulnerability Database".
β Googleβs War on Android App Permissions, 60 Percent Successful β
π Read
via "Threatpost".
An automated Google warning to Android app developers regarding mobile app permissions has cut the number of requests in half.π Read
via "Threatpost".
Threat Post
Googleβs War on Android App Permissions, 60 Percent Successful
An automated Google warning to Android app developers regarding mobile app permissions has cut the number of requests in half.
π΄ Clearview AI Customers Exposed in Data Breach π΄
π Read
via "Dark Reading: ".
Customers for the controversial facial recognition company were detailed in a log file leaked to news organizations.π Read
via "Dark Reading: ".
Darkreading
Clearview AI Customers Exposed in Data Breach
Customers for the controversial facial recognition company were detailed in a log file leaked to news organizations.
π I2P 0.9.45 π
π Go!
via "Security Tool Files β Packet Storm".
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
I2P 0.9.45 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Samhain File Integrity Checker 4.4.1 π
π Go!
via "Security Tool Files β Packet Storm".
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Samhain File Integrity Checker 4.4.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Zeek 3.1.0 π
π Go!
via "Security Tool Files β Packet Storm".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Zeek 3.1.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Wireshark Analyzer 3.2.2 π
π Go!
via "Security Tool Files β Packet Storm".
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Wireshark Analyzer 3.2.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Google has right to censor conservative nonprofit on YouTube β
π Read
via "Naked Security".
It's not a "state actor", so isn't subject to 1st Amendment scrutiny and can censor PragerU's videos on abortion, gun rights and terrorism.π Read
via "Naked Security".
Naked Security
Google has right to censor conservative nonprofit on YouTube
Itβs not a βstate actorβ, so isnβt subject to 1st Amendment scrutiny and can censor PragerUβs videos on abortion, gun rights and terrorism.
β Firefox rolling out DNS-over-HTTPS privacy by default in the US β
π Read
via "Naked Security".
Mozilla has said it plans to make a privacy technology called DNS-over-HTTPS (DoH) the default setting for US users of Firefox within weeks.π Read
via "Naked Security".
Naked Security
Firefox rolling out DNS-over-HTTPS privacy by default in the US
Mozilla has said it plans to make a privacy technology called DNS-over-HTTPS (DoH) the default setting for US users of Firefox within weeks.
β Ransomware wipes evidence, lets suspected drug dealers walk free β
π Read
via "Naked Security".
Six alleged drug criminals will go free thanks to a ransomware attack on a small Florida city, it was revealed this month.π Read
via "Naked Security".
Naked Security
Ransomware wipes evidence, lets suspected drug dealers walk free
Six alleged drug criminals will go free thanks to a ransomware attack on a small Florida city, it was revealed this month.
β Clearview AI loses entire database of faceprint-buying clients to hackers β
π Read
via "Naked Security".
Time to worry about how well the facial recognition startup protects its 3b+ database of faceprints scraped from our social media accounts?π Read
via "Naked Security".
Naked Security
Clearview AI loses entire database of faceprint-buying clients to hackers
Time to worry about how well the facial recognition startup protects its 3b+ database of faceprints scraped from our social media accounts?
π΄ Educating Educators: Microsoft's Tips for Security Awareness Training π΄
π Read
via "Dark Reading: ".
Microsoft's director of security education and awareness shares his approach to helping train employees in defensive practices.π Read
via "Dark Reading: ".
Dark Reading
Cyber Risk recent news | Dark Reading
Explore the latest news and expert commentary on Cyber Risk, brought to you by the editors of Dark Reading
β Patrick Wardle: Apple Devices Hit With Recycled macOS Malware β
π Read
via "Threatpost".
Patrick Wardle talks about the biggest threats he's seeing impacting Apple devices.π Read
via "Threatpost".
Threat Post
Patrick Wardle: Apple Devices Hit With Recycled macOS Malware
Patrick Wardle talks about the biggest threats he's seeing impacting Apple devices.
β RSAC 2020: Ransomware a βNational Crisis,β CISA Says, Ramps ICS Focus β
π Read
via "Threatpost".
The federal agency plans a slew of initiatives to address industrial control security this year.π Read
via "Threatpost".
Threat Post
RSAC 2020: Ransomware a βNational Crisis,β CISA Says, Ramps ICS Focus
The federal agency plans a slew of initiatives to address industrial control security this year.
π΄ Reducing Risk with Data Minimization π΄
π Read
via "Dark Reading: ".
Putting your company on a data diet that reduces the amount of the sensitive data you store or use is a smart way to achieve compliance with GDPR and CCPA.π Read
via "Dark Reading: ".
Dark Reading
Reducing Risk with Data Minimization - Dark Reading
Putting your company on a data diet that reduces the amount of the sensitive data you store or use is a smart way to achieve compliance with GDPR and CCPA.