β Microsoft Edge Shares Privacy-Busting Telemetry, Research Alleges β
π Read
via "Threatpost".
An academic study found Microsoft's Edge browser to be the least private, due to it sending device identifiers and web browsing pages to back-end servers.π Read
via "Threatpost".
Threat Post
Microsoft Edge Shares Privacy-Busting Telemetry, Research Alleges
An academic study found Microsoft's Edge browser to be the least private, due to it sending device identifiers and web browsing pages to back-end servers.
π 88% of IT pros say world is in permanent state of cyberwar π
π Read
via "Security on TechRepublic".
A Venafi study looked into what digital infrastructure will suffer from cyberattacks, which are most vulnerable, and what it means.π Read
via "Security on TechRepublic".
TechRepublic
88% of IT pros say world is in permanent state of cyberwar
A Venafi study looked into what digital infrastructure will suffer from cyberattacks, which are most vulnerable, and what it means.
π Case Almost Closed: Motorola Wins Multimillion Dollar Trade Secret Case π
π Read
via "Subscriber Blog RSS Feed ".
A jury ruled the telecom is owed upwards to $420 million in damages after a Chinese company was caught stealing its trade secrets for radios.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Case Almost Closed: Motorola Wins Multimillion Dollar Trade Secret Case
A jury ruled the telecom is owed upwards to $420 million in damages after a Chinese company was caught stealing its trade secrets for radios.
π΄ Five Indicted on Romance and Lottery Fraud Charges π΄
π Read
via "Dark Reading: ".
Fraudsters allegedly targeted elderly victims, ultimately wringing more than $4 million from their bank accounts.π Read
via "Dark Reading: ".
Darkreading
Five Indicted on Romance and Lottery Fraud Charges
Fraudsters allegedly targeted elderly victims, ultimately wringing more than $4 million from their bank accounts.
ATENTIONβΌ New - CVE-2019-11073
π Read
via "National Vulnerability Database".
A Remote Code Execution vulnerability exists in PRTG Network Monitor before 19.4.54.1506 that allows attackers to execute code due to insufficient sanitization when passing arguments to the HttpTransactionSensor.exe binary. In order to exploit the vulnerability, remote authenticated administrators need to create a new HTTP Transaction Sensor and set specific settings when the sensor is executed.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-19325
π Read
via "National Vulnerability Database".
tcpdump 4.9.2 (and probably lower versions) is prone to a heap-based buffer over-read in the EXTRACT_32BITS function (extract.h, called from the rx_cache_find function, print-rx.c) due to improper serviceId sanitization.π Read
via "National Vulnerability Database".
β Convincing Google Impersonation Opens Door to MiTM, Phishing β
π Read
via "Threatpost".
Using homographic characters is an easy way to execute a convincing fake site.π Read
via "Threatpost".
Threat Post
Convincing Google Impersonation Opens Door to MiTM, Phishing
Using homographic characters is an easy way to execute a convincing fake site.
π΄ Privacy in a Pandemic: What You Can (and Can't) Ask Employees π΄
π Read
via "Dark Reading: ".
Businesses struggle to strike a balance between workplace health and employees' privacy rights in the midst of a global health emergency.π Read
via "Dark Reading: ".
Dark Reading
Privacy in a Pandemic: What You Can (and Can't) Ask Employees
Businesses struggle to strike a balance between workplace health and employees' privacy rights in the midst of a global health emergency.
ATENTIONβΌ New - CVE-2017-12842
π Read
via "National Vulnerability Database".
Bitcoin Core before 0.14 allows an attacker to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in situations where an autonomous system relies solely on an SPV proof for transactions of a greater dollar amount.π Read
via "National Vulnerability Database".
β Europol busts up two SIM-swapping hacking rings β
π Read
via "Naked Security".
What a nightmare: your phone goes dead, and you can't log into your bank account because it's controlled by a hacker who's draining you dry.π Read
via "Naked Security".
Naked Security
Europol busts up two SIM-swapping hacking rings
What a nightmare: your phone goes dead, and you canβt log into your bank account because itβs controlled by a hacker whoβs draining you dry.
β Activities of a Nigerian Cybercriminal Uncovered β
π Read
via "Threatpost".
Rise and fall of a Nigerian cybercriminal called βDton,β who made hundreds of thousands of dollars in a 7-year campaign, outlined in new report.π Read
via "Threatpost".
Threat Post
Activities of a Nigerian Cybercriminal Uncovered
Rise and fall of a Nigerian cybercriminal called βDton,β who made hundreds of thousands of dollars in a 7-year campaign, outlined in new report.
β WordPress to get automatic updates for plugins and themes β
π Read
via "Naked Security".
Good news for website admins: the ability to automatically update plugins and themes is being beta-tested for WordPress 5.5, due in August.π Read
via "Naked Security".
Naked Security
WordPress to get automatic updates for plugins and themes
Good news for website admins: the ability to automatically update plugins and themes is being beta-tested for WordPress 5.5, due in August.
β Tor browser fixes bug that allows JavaScript to run when disabled β
π Read
via "Naked Security".
The Tor browser has a bug that could allow JavaScript to execute on websites even when users think theyβve disabled it for maximum anonymity.π Read
via "Naked Security".
Naked Security
Tor browser fixes bug that allows JavaScript to run when disabled
The Tor browser has a bug that could allow JavaScript to execute on websites even when users think theyβve disabled it for maximum anonymity.
β Slack fixes account-stealing bug β
π Read
via "Naked Security".
Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions.π Read
via "Naked Security".
Naked Security
Slack fixes account-stealing bug
Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions.
π΄ Many Ransomware Attacks Can be Stopped Before They Begin π΄
π Read
via "Dark Reading: ".
The tendency by many attackers to wait for the right time to strike gives defenders an opening, FireEye says.π Read
via "Dark Reading: ".
Darkreading
Many Ransomware Attacks Can be Stopped Before They Begin
The tendency by many attackers to wait for the right time to strike gives defenders an opening, FireEye says.
π Lulzbuster 1.3.2 π
π Go!
via "Security Tool Files β Packet Storm".
Lulzbuster is a very fast and smart web directory and file enumeration tool written in C.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Lulzbuster 1.3.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π CovidLock ransomware exploits coronavirus with malicious Android app π
π Read
via "Security on TechRepublic".
The app promises access to a coronavirus map tracker but instead holds your contacts and other data for ransom, DomainTools found.π Read
via "Security on TechRepublic".
TechRepublic
CovidLock ransomware exploits coronavirus with malicious Android app
The app promises access to a coronavirus map tracker but instead holds your contacts and other data for ransom, DomainTools found.
π΄ Hellman & Friedman Acquires Checkmarx for $1.15B π΄
π Read
via "Dark Reading: ".
The private equity firm will buy Checkmarx from Insight Partners, which will continue to own a minority interest.π Read
via "Dark Reading: ".
Dark Reading
Hellman & Friedman Acquires Checkmarx for $1.15B
The private equity firm will buy Checkmarx from Insight Partners, which will continue to own a minority interest.
π΄ Needed: A Cybersecurity Good Samaritan Law π΄
π Read
via "Dark Reading: ".
Legislation should protect the good hackers who are helping to keep us safe, not just go after the bad.π Read
via "Dark Reading: ".
Darkreading
Needed: A Cybersecurity Good Samaritan Law
Legislation should protect the good hackers who are helping to keep us safe, not just go after the bad.
π΄ InfoSec Pros Uncertain About Relationships With Partner Security Teams π΄
π Read
via "Dark Reading: ".
Only half of respondents to a recent Dark Reading study felt confident that their third-party business partners would, at least, tell them if a compromise occurred.π Read
via "Dark Reading: ".
Darkreading
InfoSec Pros Uncertain About Relationships With Partner Security Teams
Only half of respondents to a recent Dark Reading study felt confident that their third-party business partners would, at least, tell them if a compromise occurred.
π Cybersecurity risks grow as thousands of federal employees shift to telecommuting π
π Read
via "Security on TechRepublic".
The Trump administration has ordered hundreds of thousands of federal employees to be prepared to work from home full time and use VPNs to connect to government systems.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity risks grow as thousands of federal employees shift to telecommuting
The Trump administration has ordered hundreds of thousands of federal employees to be prepared to work from home full time and use VPNs to connect to government systems.