β Firefox is dropping FTP support β
π Read
via "Naked Security".
Heads up, Firefox users who rely on FTP: the browser is eliminating support for this venerable protocol.π Read
via "Naked Security".
Naked Security
Firefox is dropping FTP support
Heads up, Firefox users who rely on FTP: the browser is eliminating support for this venerable protocol.
β Stolen data of company that refused REvil ransom payment now on sale β
π Read
via "Naked Security".
A comment from one buyer of data purportedly from Brooks International: "It even has credit card number & a password. lol !!"π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Tour guide/Chinese spy gets four years for SD card dead drops β
π Read
via "Naked Security".
The dead drops were very James Bond: once, the data mule taped the SD card to the underside of a desk in a hotel.π Read
via "Naked Security".
Naked Security
Tour guide/Chinese spy gets four years for SD card dead drops
The dead drops were very James Bond: once, the data mule taped the SD card to the underside of a desk in a hotel.
β Cisco issues urgent fixes for SD-WAN router flaws β
π Read
via "Naked Security".
Cisco has patched a clutch of high-priority vulnerabilities in its SD-WAN routes and their management software.π Read
via "Naked Security".
Naked Security
Cisco issues urgent fixes for SD-WAN router flaws
Cisco has patched a clutch of high-priority vulnerabilities in its SD-WAN routes and their management software.
π΄ From Zero to Hero: CISO Edition π΄
π Read
via "Dark Reading: ".
It's time for organizations to realize that an empowered CISO can effectively manage enterprise risk and even grow the business along the way.π Read
via "Dark Reading: ".
Darkreading
From Zero to Hero: CISO Edition
It's time for organizations to realize that an empowered CISO can effectively manage enterprise risk and even grow the business along the way.
π 3 ways to revamp the hiring process for cybersecurity jobs π
π Read
via "Security on TechRepublic".
Deloitte expert recommends using tactics to compete for the pool of security pros, including offering new incentives like student loan repayment.π Read
via "Security on TechRepublic".
TechRepublic
3 ways to revamp the hiring process for cybersecurity jobs
Deloitte expert recommends using tactics to compete for the pool of security pros, including offering new incentives like student loan repayment.
β Fake Coronavirus βVaccineβ Website Busted in DoJ Takedown β
π Read
via "Threatpost".
Authorities have cracked down on a website that claimed to give out coronavirus vaccine kits - but that was actually stealing victims' payment card data and personal information.π Read
via "Threatpost".
Threat Post
Fake Coronavirus βVaccineβ Website Busted in DoJ Takedown
Authorities have cracked down on a website that claimed to give out coronavirus vaccine kits - but that was actually stealing victims' payment card data and personal information.
π΄ 8 Infosec Page-Turners for Days Spent Indoors π΄
π Read
via "Dark Reading: ".
Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry.π Read
via "Dark Reading: ".
Darkreading
8 Infosec Page-Turners for Days Spent Indoors
Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry.
ATENTIONβΌ New - CVE-2016-11022
π Read
via "National Vulnerability Database".
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.π Read
via "National Vulnerability Database".
π Cybercriminals now recycling standard phishing emails with coronavirus themes π
π Read
via "Security on TechRepublic".
The latest malicious COVID-19 campaigns are repurposing conventional phishing emails with a coronavirus angle, says security trainer KnowBe4.π Read
via "Security on TechRepublic".
TechRepublic
Cybercriminals now recycling standard phishing emails with coronavirus themes
The latest malicious COVID-19 campaigns are repurposing conventional phishing emails with a coronavirus angle, says security trainer KnowBe4.
π΄ FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert π΄
π Read
via "Dark Reading: ".
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.π Read
via "Dark Reading: ".
Darkreading
FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.
β WhatsApp βMartinelliβ hoax is back, warning about βDance of the Popeβ β
π Read
via "Naked Security".
Two old WhatsApp hoaxes are back, with a grain-of-truth story in the middle to add a veneer of believability. Don't spread this stuff!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Hyperion Runtime Encrypter 2.3 π
π Go!
via "Security Tool Files β Packet Storm".
Hyperion is a runtime encrypter for 32-bit and 64-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".π Go!
via "Security Tool Files β Packet Storm".
π Mandos Encrypted File System Unattended Reboot Utility 1.8.10 π
π Go!
via "Security Tool Files β Packet Storm".
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Mandos Encrypted File System Unattended Reboot Utility 1.8.10 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π How to protect your organization and remote workers against ransomware π
π Read
via "Security on TechRepublic".
Phishing emails and unsecure remote desktop protocol access are two common types of attack methods used to spread ransomware, says cyber breach firm Beazley Breach Response Services.π Read
via "Security on TechRepublic".
TechRepublic
How to protect your organization and remote workers against ransomware
Phishing emails and unsecure remote desktop protocol access are two common types of attack methods used to spread ransomware, says cyber breach firm Beazley Breach Response Services.
β Microsoft Warns of Critical Windows Zero-Day Flaws β
π Read
via "Threatpost".
The unpatched Windows zero day flaws are being exploited in "limited, targeted" attacks, according to Microsoft.π Read
via "Threatpost".
Threat Post
Microsoft Warns of Critical Windows Zero-Day Flaws
The unpatched Windows zero day flaws are being exploited in "limited, targeted" attacks, according to Microsoft.
π Ex-Google Engineer Pleads Guilty to Trade Secret Theft π
π Read
via "Subscriber Blog RSS Feed ".
Ex-Google engineer Anthony Levandowski plead guilty to trade secret theft last week, acknowleding he took a sensitive Google file before joining Uber.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Ex-Google Engineer Pleads Guilty to Trade Secret Theft
Ex-Google engineer Anthony Levandowski plead guilty to trade secret theft last week, acknowleding he took a sensitive Google file before joining Uber.
β Hackers Actively Exploit 0-Day in CCTV Camera Hardware β
π Read
via "Threatpost".
Criminals behind botnets Chalubo, FBot and Moobot attack unpatched vulnerabilities in the commercial DVRs made by LILIN.π Read
via "Threatpost".
Threat Post
Hackers Actively Exploit 0-Day in CCTV Camera Hardware
Criminals behind botnets Chalubo, FBot and Moobot attack unpatched vulnerabilities in the commercial DVRs made by LILIN.
β Apache Tomcat Exploit Poised to Pounce, Stealing Files β
π Read
via "Threatpost".
Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers.π Read
via "Threatpost".
Threat Post
Apache Tomcat Exploit Poised to Pounce, Stealing Files
Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers.
π΄ 538 Million Weibo Users' Info for Sale on Dark Web π΄
π Read
via "Dark Reading: ".
The user data, which does not include passwords, purportedly comes from a mid-2019 breach.π Read
via "Dark Reading: ".
Darkreading
538 Million Weibo Users' Info for Sale on Dark Web
The user data, which does not include passwords, purportedly comes from a mid-2019 breach.
π΄ Three Ways Your BEC Defense Is Failing & How to Do Better π΄
π Read
via "Dark Reading: ".
Business email compromises cost the economy billions of dollars. Experts have advice on how to stop them from hitting you for millions at a pop.π Read
via "Dark Reading: ".
Darkreading
Three Ways Your BEC Defense Is Failing & How to Do Better
Business email compromises cost the economy billions of dollars. Experts have advice on how to stop them from hitting you for millions at a pop.