β Tor browser fixes bug that allows JavaScript to run when disabled β
π Read
via "Naked Security".
The Tor browser has a bug that could allow JavaScript to execute on websites even when users think theyβve disabled it for maximum anonymity.π Read
via "Naked Security".
Naked Security
Tor browser fixes bug that allows JavaScript to run when disabled
The Tor browser has a bug that could allow JavaScript to execute on websites even when users think theyβve disabled it for maximum anonymity.
β Slack fixes account-stealing bug β
π Read
via "Naked Security".
Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions.π Read
via "Naked Security".
Naked Security
Slack fixes account-stealing bug
Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions.
π΄ Many Ransomware Attacks Can be Stopped Before They Begin π΄
π Read
via "Dark Reading: ".
The tendency by many attackers to wait for the right time to strike gives defenders an opening, FireEye says.π Read
via "Dark Reading: ".
Darkreading
Many Ransomware Attacks Can be Stopped Before They Begin
The tendency by many attackers to wait for the right time to strike gives defenders an opening, FireEye says.
π Lulzbuster 1.3.2 π
π Go!
via "Security Tool Files β Packet Storm".
Lulzbuster is a very fast and smart web directory and file enumeration tool written in C.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Lulzbuster 1.3.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π CovidLock ransomware exploits coronavirus with malicious Android app π
π Read
via "Security on TechRepublic".
The app promises access to a coronavirus map tracker but instead holds your contacts and other data for ransom, DomainTools found.π Read
via "Security on TechRepublic".
TechRepublic
CovidLock ransomware exploits coronavirus with malicious Android app
The app promises access to a coronavirus map tracker but instead holds your contacts and other data for ransom, DomainTools found.
π΄ Hellman & Friedman Acquires Checkmarx for $1.15B π΄
π Read
via "Dark Reading: ".
The private equity firm will buy Checkmarx from Insight Partners, which will continue to own a minority interest.π Read
via "Dark Reading: ".
Dark Reading
Hellman & Friedman Acquires Checkmarx for $1.15B
The private equity firm will buy Checkmarx from Insight Partners, which will continue to own a minority interest.
π΄ Needed: A Cybersecurity Good Samaritan Law π΄
π Read
via "Dark Reading: ".
Legislation should protect the good hackers who are helping to keep us safe, not just go after the bad.π Read
via "Dark Reading: ".
Darkreading
Needed: A Cybersecurity Good Samaritan Law
Legislation should protect the good hackers who are helping to keep us safe, not just go after the bad.
π΄ InfoSec Pros Uncertain About Relationships With Partner Security Teams π΄
π Read
via "Dark Reading: ".
Only half of respondents to a recent Dark Reading study felt confident that their third-party business partners would, at least, tell them if a compromise occurred.π Read
via "Dark Reading: ".
Darkreading
InfoSec Pros Uncertain About Relationships With Partner Security Teams
Only half of respondents to a recent Dark Reading study felt confident that their third-party business partners would, at least, tell them if a compromise occurred.
π Cybersecurity risks grow as thousands of federal employees shift to telecommuting π
π Read
via "Security on TechRepublic".
The Trump administration has ordered hundreds of thousands of federal employees to be prepared to work from home full time and use VPNs to connect to government systems.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity risks grow as thousands of federal employees shift to telecommuting
The Trump administration has ordered hundreds of thousands of federal employees to be prepared to work from home full time and use VPNs to connect to government systems.
β APT36 Taps Coronavirus as βGolden Opportunityβ to Spread Crimson RAT β
π Read
via "Threatpost".
The Pakistani-linked APT has been spotted infecting victims with data exfiltration malware.π Read
via "Threatpost".
Threat Post
APT36 Taps Coronavirus as βGolden Opportunityβ to Spread Crimson RAT
The Pakistani-linked APT has been spotted infecting victims with data exfiltration malware.
π How to protect your organization from security threats amidst the rise in telecommuters π
π Read
via "Security on TechRepublic".
Security becomes a greater challenge as more people work from home due to the coronavirus. Learn how to better protect your organization and employees.π Read
via "Security on TechRepublic".
TechRepublic
How to protect your organization from security threats amidst the rise in telecommuters
Security becomes a greater challenge as more people work from home due to the coronavirus. Learn how to better protect your organization and employees.
π΄ Remote Workforce Jumps 15% In Two Weeks π΄
π Read
via "Dark Reading: ".
Netskope reports the total number of remote employees is the highest it has ever observed.π Read
via "Dark Reading: ".
Dark Reading
Remote Workforce Jumps 15% In Two Weeks
Netskope reports the total number of remote employees is the highest it has ever observed.
ATENTIONβΌ New - CVE-2019-11074
π Read
via "National Vulnerability Database".
A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files in arbitrary locations with SYSTEM privileges (although not controlling the contents of such files) due to insufficient sanitisation when passing arguments to the phantomjs.exe binary. In order to exploit the vulnerability, remote authenticated administrators need to create a new HTTP Full Web Page Sensor and set specific settings when executing the sensor.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21037
π Read
via "National Vulnerability Database".
Subrion CMS 4.1.5 (and possibly earlier versions) allow CSRF to change the administrator password via the panel/members/edit/1 URI.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-18576
π Read
via "National Vulnerability Database".
The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing via the views/admin/dashboard/ URI.π Read
via "National Vulnerability Database".
π΄ This Tax Season, Save the Scorn and Protect Customers from Phishing Scams π΄
π Read
via "Dark Reading: ".
As security professionals, it's easy to get cynical about the continued proliferation of tax ID theft and blame the consumers themselves. But that doesn't help anyone.π Read
via "Dark Reading: ".
Dark Reading
This Tax Season, Save the Scorn and Protect Customers from Phishing Scams
As security professionals, it's easy to get cynical about the continued proliferation of tax ID theft and blame the consumers themselves. But that doesn't help anyone.
π΄ Security Lessons We've Learned (So Far) from COVID-19 π΄
π Read
via "Dark Reading: ".
Takeaways about fighting new fires, securely enabling remote workforces, and human nature during difficult times.π Read
via "Dark Reading: ".
Dark Reading
Security Lessons We've Learned (So Far) from COVID-19
Takeaways about fighting new fires, securely enabling remote workforces, and human nature during difficult times.
π Canadian Govt Prioritizing Rules Around Insider Threats π
π Read
via "Subscriber Blog RSS Feed ".
Following a high profile espionage case, Canada is set to roll out a new set of protocols designed to stop insider threats within government departments.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Canadian Govt Prioritizing Rules Around Insider Threats
Following a high profile espionage case, Canada is set to roll out a new set of protocols designed to stop insider threats within government departments.
π΄ Startup Offering Secure Access to Corporate Apps Emerges from Stealth π΄
π Read
via "Dark Reading: ".
Axis Security has raised $17 million in VC funding.π Read
via "Dark Reading: ".
Dark Reading
Startup Offering Secure Access to Corporate Apps Emerges from Stealth
Axis Security has raised $17 million in VC funding.
π΄ Attorney General Directs DoJ to Prioritize Coronavirus Crime π΄
π Read
via "Dark Reading: ".
Criminal activity related to the pandemic cannot be tolerated, William Barr states in memo.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading