π Phishing: Leading targets, breaking myths, and educating users π
π Read
via "Security on TechRepublic".
Vade Secure's Adrien Gendre explains why the end user is an important link in the security chain.π Read
via "Security on TechRepublic".
TechRepublic
Phishing: Leading targets, breaking myths, and educating users
Vade Secure's Adrien Gendre explains why the end user is an important link in the security chain.
π΄ How Security Leads at Starbucks and Microsoft Prepare for Breaches π΄
π Read
via "Dark Reading: ".
Executives discuss the security incidents they're most worried about and the steps they take to prepare for them.π Read
via "Dark Reading: ".
Darkreading
How Security Leaders at Starbucks and Microsoft Prepare for Breaches
Executives discuss the security incidents they're most worried about and the steps they take to prepare for them.
π΄ Why Threat Intelligence Gathering Can Be a Legal Minefield π΄
π Read
via "Dark Reading: ".
In new guidance, the Department of Justice says security researchers and organizations run real risks when gathering threat intelligence or dealing with criminals in underground online marketplaces.π Read
via "Dark Reading: ".
Dark Reading
Why Threat Intelligence Gathering Can Be a Legal Minefield
In new guidance, the Department of Justice says security researchers and organizations run real risks when gathering threat intelligence or dealing with criminals in underground online marketplaces.
ATENTIONβΌ New - CVE-2018-5951
π Read
via "National Vulnerability Database".
An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-20347
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-20343
π Read
via "National Vulnerability Database".
Multiple buffer overflow vulnerabilities have been found in Ken Silverman Build Engine 1. An attacker could craft a special map file to execute arbitrary code when the map file is loaded.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-19798
π Read
via "National Vulnerability Database".
Fleetco Fleet Maintenance Management (FMM) 1.2 and earlier allows uploading an arbitrary ".php" file with the application/x-php Content-Type to the accidents_add.php?submit=1 URI, as demonstrated by the value_Images_1 field, which leads to remote command execution on the remote server. Any authenticated user can exploit this.π Read
via "National Vulnerability Database".
π CrowdStrike's 2020 Threat Report: Spammers finetune email thread hijacking π
π Read
via "Security on TechRepublic".
Existing controls are often not configured properly or deployed widely, allowing bad actors to steal data.π Read
via "Security on TechRepublic".
TechRepublic
CrowdStrike's 2020 Threat Report: Spammers fine-tune email thread hijacking
Existing controls are often not configured properly or deployed widely, allowing bad actors to steal data.
β XSS plugin vulnerabilities plague WordPress users β
π Read
via "Naked Security".
Thousands of active WordPress plugins have been hit with a swathe of XSS vulnerabilities that could give attackers complete control of the site.π Read
via "Naked Security".
Naked Security
XSS plugin vulnerabilities plague WordPress users
Thousands of active WordPress plugins have been hit with a swathe of XSS vulnerabilities that could give attackers complete control of the site.
β Nvidia patches severe flaws affecting GeForce, Quadro NVS and Tesla β
π Read
via "Naked Security".
In all, the update covers five Windows and Linux desktop CVE vulnerabilities, including one rated as critical.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β DoppelPaymer Ransomware Used to Steal Data from Supplier to SpaceX, Tesla β
π Read
via "Threatpost".
Cyber attack at Visser Precision, which builds custom parts for the aerospace and automotive industries, reveals sensitive company data.π Read
via "Threatpost".
Threat Post
DoppelPaymer Ransomware Used to Steal Data from Supplier to SpaceX, Tesla
Cyber attack at Visser Precision, which builds custom parts for the aerospace and automotive industries, reveals sensitive company data.
β GoodRx stops sharing personal medical data with Google, Facebook β
π Read
via "Naked Security".
The mobile app saves people money but was letting 20 companies know who's taking antipsychotics, erectile dysfunction and HIV meds, and more.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Huge flaw found in how facial features are measured from images β
π Read
via "Naked Security".
It has to do with optics: faces appear to flatten out as we get further away. Our brains compensate, but AI-run facial recognition doesn't.π Read
via "Naked Security".
Naked Security
Huge flaw found in how facial features are measured from images
It has to do with optics: faces appear to flatten out as we get further away. Our brains compensate, but AI-run facial recognition doesnβt.
π΄ How Security Leaders at Starbucks and Microsoft Prepare for Breaches π΄
π Read
via "Dark Reading: ".
Executives discuss the security incidents they're most worried about and the steps they take to prepare for them.π Read
via "Dark Reading: ".
Darkreading
How Security Leaders at Starbucks and Microsoft Prepare for Breaches
Executives discuss the security incidents they're most worried about and the steps they take to prepare for them.
β Digital piggy bank sevice broken into by cybercrooks β
π Read
via "Naked Security".
A financial proivider that gives loans but locks them down to turn them into savings... didn't lock down its own network.π Read
via "Naked Security".
Naked Security
Digital piggy bank sevice broken into by cybercrooks
A financial proivider that gives loans but locks them down to turn them into savingsβ¦ didnβt lock down its own network.
π΄ The Cybercrime Pandemic Keeps Spreading π΄
π Read
via "Dark Reading: ".
The World Economic Forum says cyberattacks will be one of the top global business risks over the next 10 years.π Read
via "Dark Reading: ".
Darkreading
The Cybercrime Pandemic Keeps Spreading
The World Economic Forum says cyberattacks will be one of the top global business risks over the next 10 years.
π How to create a Linux user that cannot log in π
π Read
via "Security on TechRepublic".
For security reasons, you might need to create a Linux user without the ability to log in. Jack Wallen shows you how.π Read
via "Security on TechRepublic".
TechRepublic
How to create a Linux user that cannot log in
For security reasons, you might need to create a Linux user without the ability to log in. Jack Wallen shows you how.
π΄ Chinese Nationals Charged with Laundering $100M in Cryptocurrency π΄
π Read
via "Dark Reading: ".
The two defendants allegedly laundered $100 million for the benefit of North Korean threat actors who stole the funds in 2018.π Read
via "Dark Reading: ".
Dark Reading
Chinese Nationals Charged with Laundering $100M in Cryptocurrency
The two defendants allegedly laundered $100 million for the benefit of North Korean threat actors who stole the funds in 2018.
π Cybercriminals and drug cartels are teaming up to spread malware and steal financial information across Latin America π
π Read
via "Security on TechRepublic".
Drug cartels are using cryptocurrency and partnering with hackers to scam banks in Latin American banks.π Read
via "Security on TechRepublic".
π Data security: 5 problems and solutions π
π Read
via "Security on TechRepublic".
When it comes to securing data, most enterprises are negligent and unaware, according to a Lepide report.π Read
via "Security on TechRepublic".
TechRepublic
Data security: 5 problems and solutions
When it comes to securing data, most enterprises are negligent and unaware, according to a Lepide report.
β Have I Been Pwned No Longer For Sale β
π Read
via "Threatpost".
Troy Hunt said the popular HIBP will continue to be run as an independent service.π Read
via "Threatpost".
Threat Post
Have I Been Pwned No Longer For Sale
Troy Hunt said the popular HIBP will continue to be run as an independent service.