π΄ I Want to Work in Industrial IoT Security. What Lingo Do I Need to Know? π΄
π Read
via "Dark Reading: ".
Should you happen to be in a meeting with an ICS vendor, here are some terms you will need to know so as to not be laughed out of the room.π Read
via "Dark Reading: ".
Dark Reading
I Want to Work in Industrial IoT Security. What Lingo Do I Need to Know?
Should you happen to be in a meeting with an ICS vendor, here are some terms you will need to know so as to not be laughed out of the room.
β Phishing Attack Skirts Detection With YouTube β
π Read
via "Threatpost".
Attackers are using YouTube redirect links, whitelisted by various security defense mechanisms, to evade detection.π Read
via "Threatpost".
Threat Post
Phishing Attack Skirts Detection With YouTube
Attackers are using YouTube redirect links, whitelisted by various security defense mechanisms, to evade detection.
π Sweeping Federal Cybersecurity Upgrades Needed to Defend US π
π Read
via "Subscriber Blog RSS Feed ".
A new report says the federal government and the private sector needs to better defend the United States in cyberspace.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Sweeping Federal Cybersecurity Upgrades Needed to Defend US
A new report says the federal government and the private sector needs to better defend the United States in cyberspace.
π February sees huge jump in exploits designed to spread Mirai botnet π
π Read
via "Security on TechRepublic".
The Mirai botnet is known for targeting Internet of Things devices and conducting massive DDoS attacks, as described by cyberthreat researcher Check Point Research.π Read
via "Security on TechRepublic".
TechRepublic
February sees huge jump in exploits designed to spread Mirai botnet
The Mirai botnet is known for targeting Internet of Things devices and conducting massive DDoS attacks, as described by cyberthreat researcher Check Point Research.
π Cybersecurity pros are using artificial intelligence but still prefer the human touch π
π Read
via "Security on TechRepublic".
More than half of organizations have adopted AI for security efforts, but a majority are more confident in results verified by humans, according to WhiteHat Security.π Read
via "Security on TechRepublic".
β Flaws Riddle Zyxelβs Network Management Software β
π Read
via "Threatpost".
Over 16 security flaws, including multiple backdoors and hardcoded SSH server keys, plague the software.π Read
via "Threatpost".
Threat Post
Flaws Riddle Zyxelβs Network Management Software
Over 16 security flaws, including multiple backdoors and hardcoded SSH server keys, plague the software.
π΄ COVID-19 Drives Rush to Remote Work. Is Your Security Team Ready? π΄
π Read
via "Dark Reading: ".
A rapid transition to remote work puts pressure on security teams to understand and address a wave of potential security risks.π Read
via "Dark Reading: ".
Darkreading
COVID-19 Drives Rush to Remote Work. Is Your Security Team Ready?
A rapid transition to remote work puts pressure on security teams to understand and address a wave of potential security risks.
π΄ Microsoft Discloses New Remote Execution Flaw in SMBv3 π΄
π Read
via "Dark Reading: ".
A patch for the flaw is not yet available, but there are no known exploits -- so far.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π΄ Ransomware Increasingly Targeting Small Governments π΄
π Read
via "Dark Reading: ".
To get back up and running quickly, and because it's cheaper, city and county governments often pay the ransom, especially if insurance companies are footing the bill. The result: More ransomware.π Read
via "Dark Reading: ".
Darkreading
Ransomware Increasingly Targeting Small Governments
To get back up and running quickly, and because it's cheaper, city and county governments often pay the ransom, especially if insurance companies are footing the bill. The result: More ransomware.
π΄ Cyberspace Solarium Commission Slams US Cybersecurity Readiness π΄
π Read
via "Dark Reading: ".
The federal commission outlined more than 60 recommendations to remedy major security problems.π Read
via "Dark Reading: ".
Dark Reading
Cyberspace Solarium Commission Slams US Cybersecurity Readiness
The federal commission outlined more than 60 recommendations to remedy major security problems.
ATENTIONβΌ New - CVE-2016-1000111
π Read
via "National Vulnerability Database".
Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.π Read
via "National Vulnerability Database".
β Necurs zombie botnet disrupted by Microsoft β
π Read
via "Naked Security".
Necurs, one of the world's biggest botnets, infected over 9 million computers worldwide.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Analytics firmβs VPN and ad-blocking apps are secretly grabbing user data β
π Read
via "Naked Security".
Both Google and Apple have removed at least some of the apps from the company, Sensor Tower.π Read
via "Naked Security".
Naked Security
Analytics firmβs VPN and ad-blocking apps are secretly grabbing user data
Both Google and Apple have removed at least some of the apps from the company, Sensor Tower.
π Dell: Cost of data loss per organization surpassed $1M in the past year π
π Read
via "Security on TechRepublic".
Businesses now manage an average of 13.53 petabytes of data, but struggle to keep it secure.π Read
via "Security on TechRepublic".
TechRepublic
Dell: Cost of data loss per organization surpassed $1M in the past year
Businesses now manage an average of 13.53 petabytes of data, but struggle to keep it secure.
β Intel patches graphics drivers and offers new LVI flaw mitigations β
π Read
via "Naked Security".
Intelβs March security updates reached its customers this week and the dominant theme is the bundle of flaws affecting Graphics drivers.π Read
via "Naked Security".
Naked Security
Intel patches graphics drivers and offers new LVI flaw mitigations
Intelβs March security updates reached its customers this week and the dominant theme is the bundle of flaws affecting Graphics drivers.
β Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs β
π Read
via "Threatpost".
Researchers with Akamai say that 75 percent of all credential abuse attacks against the financial services industry were targeting APIs.π Read
via "Threatpost".
Threat Post
Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs
Researchers with Akamai say that 75 percent of all credential abuse attacks against the financial services industry were targeting APIs.
π΄ Back to the Future: A Threat Intelligence Journey π΄
π Read
via "Dark Reading: ".
Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce -- whatever their gender.π Read
via "Dark Reading: ".
Dark Reading
Back to the Future: A Threat Intelligence Journey
Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce -- whatever their gender.
β $100K Paid Out for Google Cloud Shell Root Compromise β
π Read
via "Threatpost".
A Dutch researcher claimed Google's very first annual Cloud Platform bug-bounty prize, for a clever container escape exploit.π Read
via "Threatpost".
Threat Post
$100K Paid Out for Google Cloud Shell Root Compromise
A Dutch researcher claimed Google's very firstl annual Cloud Platform bug-bounty prize, for a clever container escape exploit.
β Firefox 74 offers privacy and security updates β
π Read
via "Naked Security".
A month after shipping version 73 of its Firefox browser, Mozilla has released version 74 with a range of privacy and security enhancements.π Read
via "Naked Security".
Naked Security
Firefox 74 offers privacy and security updates
A month after shipping version 73 of its Firefox browser, Mozilla has released version 74 with a range of privacy and security enhancements.
β Data of millions of eBay and Amazon shoppers exposed β
π Read
via "Naked Security".
Eight million customer records belonging to companies including Amazon, eBay, Shopify, PayPal, and Stripe were collected.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Cybercriminals raking in $1.5 trillion every year π
π Read
via "Security on TechRepublic".
Research from Atlas VPN found that criminals' net proceeds outpace the revenue made by tech giants each year.π Read
via "Security on TechRepublic".
TechRepublic
Cybercriminals raking in $1.5 trillion every year | TechRepublic
Research from Atlas VPN found that criminals' net proceeds outpace the revenue made by tech giants each year.