β News Wrap, Coronavirus Edition: WFH Security Woes, Pwn2Own β
π Read
via "Threatpost".
Threatpost editors discuss this week's top news stories from COVID-19 themed malware attacks to Pwn2Own updates.π Read
via "Threatpost".
Threat Post
News Wrap, Coronavirus Edition: WFH Security Woes, Pwn2Own
Threatpost editors discuss this week's top news stories from COVID-19 themed malware attacks to Pwn2Own updates.
π΄ Dark Reading Cybersecurity Crossword Puzzle π΄
π Read
via "Dark Reading: ".
Here's a little something to snuggle up with if you're on lockdown.π Read
via "Dark Reading: ".
Darkreading
Dark Reading Cybersecurity Crossword Puzzle
Here's a little something to snuggle up with if you're on lockdown.
β Defying Covid-19βs Pall: Pwn2Own Goes Virtual β
π Read
via "Threatpost".
Hacking contest goes virtual with participants remotely winning $295k in prizes for taking down Adobe Reader, Safari and Ubuntu.π Read
via "Threatpost".
Threat Post
Defying Covid-19βs Pall: Pwn2Own Goes Virtual
Hacking contest goes virtual with participants remotely winning $295k in prizes for taking down Adobe Reader, Safari and Ubuntu.
β Revamped HawkEye Keylogger Swoops in on Coronavirus Fears β
π Read
via "Threatpost".
Emails claiming to be directly from WHOβs Dr. Tedros Adhanom Ghebreyesus offer "drug advice" -- and malware infections.π Read
via "Threatpost".
Threat Post
Revamped HawkEye Keylogger Swoops in on Coronavirus Fears
Emails claiming to be directly from WHOβs Dr. Tedros Adhanom Ghebreyesus offer "drug advice" β and malware infections.
π΄ 200M Records of US Citizens Leaked in Unprotected Database π΄
π Read
via "Dark Reading: ".
Researchers have not determined who owns the database, which was one of several large exposed instances disclosed this week.π Read
via "Dark Reading: ".
Dark Reading
200M Records of US Citizens Leaked in Unprotected Database
Researchers have not determined who owns the database, which was one of several large exposed instances disclosed this week.
ATENTIONβΌ New - CVE-2019-11574
π Read
via "National Vulnerability Database".
An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-7487
π Read
via "National Vulnerability Database".
On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to Γ’β¬œsystemΓ’β¬οΏ½, which allows remote attackers to execute arbitrary code via TCP port 9000.π Read
via "National Vulnerability Database".
π GNU Privacy Guard 2.2.20 π
π Go!
via "Security Tool Files β Packet Storm".
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
GNU Privacy Guard 2.2.20 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Monday review β the hot 23 stories of the week β
π Read
via "Naked Security".
From the EARN IT Act to the Martinelli hoax - and everything in between. Itβs your weekly security roundup.π Read
via "Naked Security".
Naked Security
Monday review β the hot 23 stories of the week
From the EARN IT Act to the Martinelli hoax β and everything in between. Itβs your weekly security roundup.
β Firefox is dropping FTP support β
π Read
via "Naked Security".
Heads up, Firefox users who rely on FTP: the browser is eliminating support for this venerable protocol.π Read
via "Naked Security".
Naked Security
Firefox is dropping FTP support
Heads up, Firefox users who rely on FTP: the browser is eliminating support for this venerable protocol.
β Stolen data of company that refused REvil ransom payment now on sale β
π Read
via "Naked Security".
A comment from one buyer of data purportedly from Brooks International: "It even has credit card number & a password. lol !!"π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Tour guide/Chinese spy gets four years for SD card dead drops β
π Read
via "Naked Security".
The dead drops were very James Bond: once, the data mule taped the SD card to the underside of a desk in a hotel.π Read
via "Naked Security".
Naked Security
Tour guide/Chinese spy gets four years for SD card dead drops
The dead drops were very James Bond: once, the data mule taped the SD card to the underside of a desk in a hotel.
β Cisco issues urgent fixes for SD-WAN router flaws β
π Read
via "Naked Security".
Cisco has patched a clutch of high-priority vulnerabilities in its SD-WAN routes and their management software.π Read
via "Naked Security".
Naked Security
Cisco issues urgent fixes for SD-WAN router flaws
Cisco has patched a clutch of high-priority vulnerabilities in its SD-WAN routes and their management software.
π΄ From Zero to Hero: CISO Edition π΄
π Read
via "Dark Reading: ".
It's time for organizations to realize that an empowered CISO can effectively manage enterprise risk and even grow the business along the way.π Read
via "Dark Reading: ".
Darkreading
From Zero to Hero: CISO Edition
It's time for organizations to realize that an empowered CISO can effectively manage enterprise risk and even grow the business along the way.
π 3 ways to revamp the hiring process for cybersecurity jobs π
π Read
via "Security on TechRepublic".
Deloitte expert recommends using tactics to compete for the pool of security pros, including offering new incentives like student loan repayment.π Read
via "Security on TechRepublic".
TechRepublic
3 ways to revamp the hiring process for cybersecurity jobs
Deloitte expert recommends using tactics to compete for the pool of security pros, including offering new incentives like student loan repayment.
β Fake Coronavirus βVaccineβ Website Busted in DoJ Takedown β
π Read
via "Threatpost".
Authorities have cracked down on a website that claimed to give out coronavirus vaccine kits - but that was actually stealing victims' payment card data and personal information.π Read
via "Threatpost".
Threat Post
Fake Coronavirus βVaccineβ Website Busted in DoJ Takedown
Authorities have cracked down on a website that claimed to give out coronavirus vaccine kits - but that was actually stealing victims' payment card data and personal information.
π΄ 8 Infosec Page-Turners for Days Spent Indoors π΄
π Read
via "Dark Reading: ".
Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry.π Read
via "Dark Reading: ".
Darkreading
8 Infosec Page-Turners for Days Spent Indoors
Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry.
ATENTIONβΌ New - CVE-2016-11022
π Read
via "National Vulnerability Database".
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.π Read
via "National Vulnerability Database".
π Cybercriminals now recycling standard phishing emails with coronavirus themes π
π Read
via "Security on TechRepublic".
The latest malicious COVID-19 campaigns are repurposing conventional phishing emails with a coronavirus angle, says security trainer KnowBe4.π Read
via "Security on TechRepublic".
TechRepublic
Cybercriminals now recycling standard phishing emails with coronavirus themes
The latest malicious COVID-19 campaigns are repurposing conventional phishing emails with a coronavirus angle, says security trainer KnowBe4.
π΄ FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert π΄
π Read
via "Dark Reading: ".
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.π Read
via "Dark Reading: ".
Darkreading
FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.