π΄ Microsoft Discloses New Remote Execution Flaw in SMBv3 π΄
π Read
via "Dark Reading: ".
A patch for the flaw is not yet available, but there are no known exploits -- so far.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π΄ Ransomware Increasingly Targeting Small Governments π΄
π Read
via "Dark Reading: ".
To get back up and running quickly, and because it's cheaper, city and county governments often pay the ransom, especially if insurance companies are footing the bill. The result: More ransomware.π Read
via "Dark Reading: ".
Darkreading
Ransomware Increasingly Targeting Small Governments
To get back up and running quickly, and because it's cheaper, city and county governments often pay the ransom, especially if insurance companies are footing the bill. The result: More ransomware.
π΄ Cyberspace Solarium Commission Slams US Cybersecurity Readiness π΄
π Read
via "Dark Reading: ".
The federal commission outlined more than 60 recommendations to remedy major security problems.π Read
via "Dark Reading: ".
Dark Reading
Cyberspace Solarium Commission Slams US Cybersecurity Readiness
The federal commission outlined more than 60 recommendations to remedy major security problems.
ATENTIONβΌ New - CVE-2016-1000111
π Read
via "National Vulnerability Database".
Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.π Read
via "National Vulnerability Database".
β Necurs zombie botnet disrupted by Microsoft β
π Read
via "Naked Security".
Necurs, one of the world's biggest botnets, infected over 9 million computers worldwide.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Analytics firmβs VPN and ad-blocking apps are secretly grabbing user data β
π Read
via "Naked Security".
Both Google and Apple have removed at least some of the apps from the company, Sensor Tower.π Read
via "Naked Security".
Naked Security
Analytics firmβs VPN and ad-blocking apps are secretly grabbing user data
Both Google and Apple have removed at least some of the apps from the company, Sensor Tower.
π Dell: Cost of data loss per organization surpassed $1M in the past year π
π Read
via "Security on TechRepublic".
Businesses now manage an average of 13.53 petabytes of data, but struggle to keep it secure.π Read
via "Security on TechRepublic".
TechRepublic
Dell: Cost of data loss per organization surpassed $1M in the past year
Businesses now manage an average of 13.53 petabytes of data, but struggle to keep it secure.
β Intel patches graphics drivers and offers new LVI flaw mitigations β
π Read
via "Naked Security".
Intelβs March security updates reached its customers this week and the dominant theme is the bundle of flaws affecting Graphics drivers.π Read
via "Naked Security".
Naked Security
Intel patches graphics drivers and offers new LVI flaw mitigations
Intelβs March security updates reached its customers this week and the dominant theme is the bundle of flaws affecting Graphics drivers.
β Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs β
π Read
via "Threatpost".
Researchers with Akamai say that 75 percent of all credential abuse attacks against the financial services industry were targeting APIs.π Read
via "Threatpost".
Threat Post
Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs
Researchers with Akamai say that 75 percent of all credential abuse attacks against the financial services industry were targeting APIs.
π΄ Back to the Future: A Threat Intelligence Journey π΄
π Read
via "Dark Reading: ".
Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce -- whatever their gender.π Read
via "Dark Reading: ".
Dark Reading
Back to the Future: A Threat Intelligence Journey
Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce -- whatever their gender.
β $100K Paid Out for Google Cloud Shell Root Compromise β
π Read
via "Threatpost".
A Dutch researcher claimed Google's very first annual Cloud Platform bug-bounty prize, for a clever container escape exploit.π Read
via "Threatpost".
Threat Post
$100K Paid Out for Google Cloud Shell Root Compromise
A Dutch researcher claimed Google's very firstl annual Cloud Platform bug-bounty prize, for a clever container escape exploit.
β Firefox 74 offers privacy and security updates β
π Read
via "Naked Security".
A month after shipping version 73 of its Firefox browser, Mozilla has released version 74 with a range of privacy and security enhancements.π Read
via "Naked Security".
Naked Security
Firefox 74 offers privacy and security updates
A month after shipping version 73 of its Firefox browser, Mozilla has released version 74 with a range of privacy and security enhancements.
β Data of millions of eBay and Amazon shoppers exposed β
π Read
via "Naked Security".
Eight million customer records belonging to companies including Amazon, eBay, Shopify, PayPal, and Stripe were collected.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Cybercriminals raking in $1.5 trillion every year π
π Read
via "Security on TechRepublic".
Research from Atlas VPN found that criminals' net proceeds outpace the revenue made by tech giants each year.π Read
via "Security on TechRepublic".
TechRepublic
Cybercriminals raking in $1.5 trillion every year | TechRepublic
Research from Atlas VPN found that criminals' net proceeds outpace the revenue made by tech giants each year.
π΄ Microsoft Patches Leaked Remote Code Execution Flaw π΄
π Read
via "Dark Reading: ".
A vulnerability in Microsoft's Server Message Block protocol prompted concerns of wormable exploits when it was disclosed this week.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π΄ Working from Home? These Tips Can Help You Adapt π΄
π Read
via "Dark Reading: ".
COVID-19 means many people are doing their jobs from outside the confines of the office. That may not be as easy as it sounds.π Read
via "Dark Reading: ".
Dark Reading
Working from Home? These Tips Can Help You Adapt
COVID-19 means many people are doing their jobs from outside the confines of the office. That may not be as easy as it sounds.
π Microsoft Patches SMBv3 Bug π
π Read
via "Subscriber Blog RSS Feed ".
Microsoft issued an out-of-band security update for a critical SMB bug (CVE-2020-0796) on Thursday.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Microsoft Patches SMBv3 Bug
Microsoft issued an out-of-band security update for a critical SMB bug (CVE-2020-0796) on Thursday.
π Nearly 300 cybersecurity incidents impacted supply chain entities in 2019 π
π Read
via "Security on TechRepublic".
A study from Resilience360 listed cyberthreats as one of the biggest issues facing global supply chains in 2020.π Read
via "Security on TechRepublic".
TechRepublic
Nearly 300 cybersecurity incidents impacted supply chain entities in 2019
A study from Resilience360 listed cyberthreats as one of the biggest issues facing global supply chains in 2020.
π΄ CASB 101: Why a Cloud Access Security Broker Matters π΄
π Read
via "Dark Reading: ".
A CASB isn't a WAF, isn't an NGF, and isn't an SWG. So what is it, precisely, and why do you need one to go along with all the other letters? Read on for the answer.π Read
via "Dark Reading: ".
Dark Reading
CASB 101: Why a Cloud Access Security Broker Matters
A CASB isn't a WAF, isn't an NGF, and isn't an SWG. So what is it, precisely, and why do you need one to go along with all the other letters? Read on for the an
π΄ New Android Malware Strain Sneaks Cookies from Facebook π΄
π Read
via "Dark Reading: ".
Two malware modifications, when combined, can snatch cookies collected by browsers and social networking apps.π Read
via "Dark Reading: ".
Dark Reading
New Android Malware Strain Sneaks Cookies from Facebook - Dark Reading
Two malware modifications, when combined, can snatch cookies collected by browsers and social networking apps.
β Trojan Raids Android Usersβ Cookie Jars β
π Read
via "Threatpost".
Cookiethief steals cookies to infiltrate Facebook and other web service accounts.π Read
via "Threatpost".
Threat Post
Trojan Raids Android Usersβ Cookie Jars
Cookiethief steals cookies to infiltrate Facebook and other web service accounts.