β $100K Paid Out for Google Cloud Shell Root Compromise β
π Read
via "Threatpost".
A Dutch researcher claimed Google's very first annual Cloud Platform bug-bounty prize, for a clever container escape exploit.π Read
via "Threatpost".
Threat Post
$100K Paid Out for Google Cloud Shell Root Compromise
A Dutch researcher claimed Google's very firstl annual Cloud Platform bug-bounty prize, for a clever container escape exploit.
β Firefox 74 offers privacy and security updates β
π Read
via "Naked Security".
A month after shipping version 73 of its Firefox browser, Mozilla has released version 74 with a range of privacy and security enhancements.π Read
via "Naked Security".
Naked Security
Firefox 74 offers privacy and security updates
A month after shipping version 73 of its Firefox browser, Mozilla has released version 74 with a range of privacy and security enhancements.
β Data of millions of eBay and Amazon shoppers exposed β
π Read
via "Naked Security".
Eight million customer records belonging to companies including Amazon, eBay, Shopify, PayPal, and Stripe were collected.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Cybercriminals raking in $1.5 trillion every year π
π Read
via "Security on TechRepublic".
Research from Atlas VPN found that criminals' net proceeds outpace the revenue made by tech giants each year.π Read
via "Security on TechRepublic".
TechRepublic
Cybercriminals raking in $1.5 trillion every year | TechRepublic
Research from Atlas VPN found that criminals' net proceeds outpace the revenue made by tech giants each year.
π΄ Microsoft Patches Leaked Remote Code Execution Flaw π΄
π Read
via "Dark Reading: ".
A vulnerability in Microsoft's Server Message Block protocol prompted concerns of wormable exploits when it was disclosed this week.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π΄ Working from Home? These Tips Can Help You Adapt π΄
π Read
via "Dark Reading: ".
COVID-19 means many people are doing their jobs from outside the confines of the office. That may not be as easy as it sounds.π Read
via "Dark Reading: ".
Dark Reading
Working from Home? These Tips Can Help You Adapt
COVID-19 means many people are doing their jobs from outside the confines of the office. That may not be as easy as it sounds.
π Microsoft Patches SMBv3 Bug π
π Read
via "Subscriber Blog RSS Feed ".
Microsoft issued an out-of-band security update for a critical SMB bug (CVE-2020-0796) on Thursday.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Microsoft Patches SMBv3 Bug
Microsoft issued an out-of-band security update for a critical SMB bug (CVE-2020-0796) on Thursday.
π Nearly 300 cybersecurity incidents impacted supply chain entities in 2019 π
π Read
via "Security on TechRepublic".
A study from Resilience360 listed cyberthreats as one of the biggest issues facing global supply chains in 2020.π Read
via "Security on TechRepublic".
TechRepublic
Nearly 300 cybersecurity incidents impacted supply chain entities in 2019
A study from Resilience360 listed cyberthreats as one of the biggest issues facing global supply chains in 2020.
π΄ CASB 101: Why a Cloud Access Security Broker Matters π΄
π Read
via "Dark Reading: ".
A CASB isn't a WAF, isn't an NGF, and isn't an SWG. So what is it, precisely, and why do you need one to go along with all the other letters? Read on for the answer.π Read
via "Dark Reading: ".
Dark Reading
CASB 101: Why a Cloud Access Security Broker Matters
A CASB isn't a WAF, isn't an NGF, and isn't an SWG. So what is it, precisely, and why do you need one to go along with all the other letters? Read on for the an
π΄ New Android Malware Strain Sneaks Cookies from Facebook π΄
π Read
via "Dark Reading: ".
Two malware modifications, when combined, can snatch cookies collected by browsers and social networking apps.π Read
via "Dark Reading: ".
Dark Reading
New Android Malware Strain Sneaks Cookies from Facebook - Dark Reading
Two malware modifications, when combined, can snatch cookies collected by browsers and social networking apps.
β Trojan Raids Android Usersβ Cookie Jars β
π Read
via "Threatpost".
Cookiethief steals cookies to infiltrate Facebook and other web service accounts.π Read
via "Threatpost".
Threat Post
Trojan Raids Android Usersβ Cookie Jars
Cookiethief steals cookies to infiltrate Facebook and other web service accounts.
β Researchers Warn of Novel PXJ Ransomware Strain β
π Read
via "Threatpost".
While PXJ performs typical ransomware functions, it does not appear to share the same underlying code with most known ransomware families.π Read
via "Threatpost".
Threat Post
Researchers Warn of Novel PXJ Ransomware Strain
While PXJ performs typical ransomware functions, it does not appear to share the same underlying code with most known ransomware families.
π Facebook cookie-stealing trojans surface on Android devices π
π Read
via "Security on TechRepublic".
The trojans are designed to gain control of Facebook user accounts by capturing browser cookies in Android, says Kaspersky.π Read
via "Security on TechRepublic".
TechRepublic
Facebook cookie-stealing trojans surface on Android devices
The trojans are designed to gain control of Facebook user accounts by capturing browser cookies in Android, says Kaspersky.
π΄ New Report Shows Breach Costs Continuing to Grow π΄
π Read
via "Dark Reading: ".
The costs associated with data breaches climb alongside the amount of data managed by the enterprise according to the latest Global Protection Index Snapshot.π Read
via "Dark Reading: ".
Dark Reading
New Report Shows Breach Costs Continuing to Grow
The costs associated with data breaches climb alongside the amount of data managed by the enterprise according to the latest Global Protection Index Snapshot.
π΄ Russia-Based Turla APT Group's Infrastructure, Activity Traceable π΄
π Read
via "Dark Reading: ".
Threat actor's practice of using known malware and tactics gives an opening for defenders, says Recorded Future.π Read
via "Dark Reading: ".
Darkreading
Russia-Based Turla APT Group's Infrastructure, Activity Traceable
Threat actor's practice of using known malware and tactics gives an opening for defenders, says Recorded Future.
ATENTIONβΌ New - CVE-2018-20586
π Read
via "National Vulnerability Database".
bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-19516
π Read
via "National Vulnerability Database".
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-10704
π Read
via "National Vulnerability Database".
yidashi yii2cmf 2.0 has XSS via the /search q parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18350
π Read
via "National Vulnerability Database".
bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-3641
π Read
via "National Vulnerability Database".
bitcoind and Bitcoin-Qt prior to 0.10.2 allow attackers to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack.π Read
via "National Vulnerability Database".
β Confessions app Whisper spills almost a billion records β
π Read
via "Naked Security".
Researchers say the exposure includes exact locations of users' last posts, nicknames, age, and gender.π Read
via "Naked Security".
Naked Security
Confessions app Whisper spills almost a billion records
Researchers say the exposure includes exact locations of usersβ last posts, nicknames, age, and gender.