ATENTIONβΌ New - CVE-2018-19516
π Read
via "National Vulnerability Database".
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-10704
π Read
via "National Vulnerability Database".
yidashi yii2cmf 2.0 has XSS via the /search q parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18350
π Read
via "National Vulnerability Database".
bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-3641
π Read
via "National Vulnerability Database".
bitcoind and Bitcoin-Qt prior to 0.10.2 allow attackers to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack.π Read
via "National Vulnerability Database".
β Confessions app Whisper spills almost a billion records β
π Read
via "Naked Security".
Researchers say the exposure includes exact locations of users' last posts, nicknames, age, and gender.π Read
via "Naked Security".
Naked Security
Confessions app Whisper spills almost a billion records
Researchers say the exposure includes exact locations of usersβ last posts, nicknames, age, and gender.
β Homeland Security sued over secretive use of face recognition β
π Read
via "Naked Security".
As of June 2019, CBP had processed more than 20 million travelers using facial recognition, civil rights group ACLU says.π Read
via "Naked Security".
Naked Security
Homeland Security sued over secretive use of face recognition
As of June 2019, CBP had processed more than 20 million travelers using facial recognition, civil rights group ACLU says.
β EARN IT Act threatens end-to-end encryption β
π Read
via "Naked Security".
The bill, which would undercut Section 230 protections for online publishing, presents itself as a way to stop online child abuse.π Read
via "Naked Security".
Naked Security
EARN IT Act threatens end-to-end encryption
The bill, which would undercut Section 230 protections for online publishing, presents itself as a way to stop online child abuse.
π Dang... How Did I Miss International Womenβs Day on Sunday, March 8?! π
π Read
via "Subscriber Blog RSS Feed ".
While there have been some successes when it comes to getting women involved in tech, by and large, we haven't made enough progress.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Dang... How Did I Miss International Womenβs Day on Sunday, March 8?!
While there have been some successes when it comes to getting women involved in tech, by and large, we haven't made enough progress.
π΄ Texas Chose to Fight Ransomware and Not Pay. What About the Rest of Us? π΄
π Read
via "Dark Reading: ".
π Read
via "Dark Reading: ".
Darkreading
Texas Chose to Fight Ransomware and Not Pay. What About the Rest of Us?
Law-abiding folks like us applauded Texas for its bravery β but would we have the steel will to stand on the side of justice if it happened to us? Probably not.
β ACLU Sues Over U.S. Airport Facial-Recognition Technology β
π Read
via "Threatpost".
Civil-liberties group wants more transparency about who the government is partnering with and how they are using the information gathered in biometric checks.π Read
via "Threatpost".
Threat Post
ACLU Sues Over U.S. Airport Facial-Recognition Technology
Civil-liberties group wants more transparency about who the government is partnering with and how they are using the information gathered in biometric checks.
π΄ A Lesson in Social Engineering π΄
π Read
via "Dark Reading: ".
What kind of school project is this?π Read
via "Dark Reading: ".
Dark Reading
A Lesson in Social Engineering
What kind of school project is this?
ATENTIONβΌ New - CVE-2009-5159
π Read
via "National Vulnerability Database".
Invision Power Board (aka IPB or IP.Board) 2.x through 3.0.4, when Internet Explorer 5 is used, allows XSS via a .txt attachment.π Read
via "National Vulnerability Database".
π΄ Princess Cruises Confirms Data Breach π΄
π Read
via "Dark Reading: ".
The cruise liner, forced to shut down operations due to coronavirus, says the incident may have compromised passengers' personal data.π Read
via "Dark Reading: ".
Darkreading
Princess Cruises Confirms Data Breach
The cruise liner, forced to shut down operations due to coronavirus, says the incident may have compromised passengers' personal data.
π΄ What Cybersecurity Pros Really Think About Artificial Intelligence π΄
π Read
via "Dark Reading: ".
While there's a ton of unbounded optimism from vendor marketing and consultant types, practitioners are still reserving a lot of judgment.π Read
via "Dark Reading: ".
Dark Reading
What Cybersecurity Pros Really Think About Artificial Intelligence
While there's a ton of unbounded optimism from vendor marketing and consultant types, practitioners are still reserving a lot of judgment.
β Coronavirus-Themed APT Attack Spreads Malware β
π Read
via "Threatpost".
The APT group was spotted sending spear-phishing emails that purport to detail information about coronavirus - but they actually infect victims with a custom RAT.π Read
via "Threatpost".
Threat Post
Coronavirus-Themed APT Attack Spreads Malware
The APT group was spotted sending spear-phishing emails that purport to detail information about coronavirus - but they actually infect victims with a custom RAT.
π Friday Five: 3/13 π
π Read
via "Subscriber Blog RSS Feed ".
Ryuk Ransomware targets another U.S. city, University of Kentucky ends a month-long cyberattack, and a secret-sharing app exposes user data - catch up on the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 3/13
Ryuk Ransomware targets another U.S. city, University of Kentucky ends a month-long cyberattack, and a secret-sharing app exposes user data - catch up on the week's news with the Friday Five.
π΄ Beyond Burnout: What Is Cybersecurity Doing to Us? π΄
π Read
via "Dark Reading: ".
Infosec professionals may feel not only fatigued, but isolated, unwell, and unsafe. And the problem may hurt both them and the businesses they aim to protect.π Read
via "Dark Reading: ".
Dark Reading
Beyond Burnout: What Is Cybersecurity Doing to Us?
Infosec professionals may feel not only fatigued, but isolated, unwell, and unsafe. And the problem may hurt both them and the businesses they aim to protect.
π΄ Big BEC Bust Brings Down Dozens π΄
π Read
via "Dark Reading: ".
Two dozen individuals have been named in the latest arrests of alleged participants in a business email compromise scheme that cost victims $30 million.π Read
via "Dark Reading: ".
Darkreading
Big BEC Bust Brings Down Dozens
Two dozen individuals have been named in the latest arrests of alleged participants in a business email compromise scheme that cost victims $30 million.
β WordPress Plugin Bug in Popup Builder Threatens 100K Websites β
π Read
via "Threatpost".
The high-severity flaw allows malicious code injection into website pop-up windows.π Read
via "Threatpost".
Threat Post
WordPress Plugin Bug in Popup Builder Threatens 100K Websites
The high-severity flaw allows malicious code injection into website pop-up windows.
β Working from Home: COVID-19βs Constellation of Security Challenges β
π Read
via "Threatpost".
Organizations are sending employees and students home to work and learn -- but implementing the plan opens the door to more attacks, IT headaches and brand-new security challenges.π Read
via "Threatpost".
Threat Post
Working from Home: COVID-19βs Constellation of Security Challenges
Organizations are sending employees and students home to work and learn β but implementing the plan opens the door to more attacks, IT headaches and brand-new security challenges.