π΄ From Zero to Hero: CISO Edition π΄
π Read
via "Dark Reading: ".
It's time for organizations to realize that an empowered CISO can effectively manage enterprise risk and even grow the business along the way.π Read
via "Dark Reading: ".
Darkreading
From Zero to Hero: CISO Edition
It's time for organizations to realize that an empowered CISO can effectively manage enterprise risk and even grow the business along the way.
π 3 ways to revamp the hiring process for cybersecurity jobs π
π Read
via "Security on TechRepublic".
Deloitte expert recommends using tactics to compete for the pool of security pros, including offering new incentives like student loan repayment.π Read
via "Security on TechRepublic".
TechRepublic
3 ways to revamp the hiring process for cybersecurity jobs
Deloitte expert recommends using tactics to compete for the pool of security pros, including offering new incentives like student loan repayment.
β Fake Coronavirus βVaccineβ Website Busted in DoJ Takedown β
π Read
via "Threatpost".
Authorities have cracked down on a website that claimed to give out coronavirus vaccine kits - but that was actually stealing victims' payment card data and personal information.π Read
via "Threatpost".
Threat Post
Fake Coronavirus βVaccineβ Website Busted in DoJ Takedown
Authorities have cracked down on a website that claimed to give out coronavirus vaccine kits - but that was actually stealing victims' payment card data and personal information.
π΄ 8 Infosec Page-Turners for Days Spent Indoors π΄
π Read
via "Dark Reading: ".
Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry.π Read
via "Dark Reading: ".
Darkreading
8 Infosec Page-Turners for Days Spent Indoors
Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry.
ATENTIONβΌ New - CVE-2016-11022
π Read
via "National Vulnerability Database".
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.π Read
via "National Vulnerability Database".
π Cybercriminals now recycling standard phishing emails with coronavirus themes π
π Read
via "Security on TechRepublic".
The latest malicious COVID-19 campaigns are repurposing conventional phishing emails with a coronavirus angle, says security trainer KnowBe4.π Read
via "Security on TechRepublic".
TechRepublic
Cybercriminals now recycling standard phishing emails with coronavirus themes
The latest malicious COVID-19 campaigns are repurposing conventional phishing emails with a coronavirus angle, says security trainer KnowBe4.
π΄ FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert π΄
π Read
via "Dark Reading: ".
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.π Read
via "Dark Reading: ".
Darkreading
FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.
β WhatsApp βMartinelliβ hoax is back, warning about βDance of the Popeβ β
π Read
via "Naked Security".
Two old WhatsApp hoaxes are back, with a grain-of-truth story in the middle to add a veneer of believability. Don't spread this stuff!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Hyperion Runtime Encrypter 2.3 π
π Go!
via "Security Tool Files β Packet Storm".
Hyperion is a runtime encrypter for 32-bit and 64-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".π Go!
via "Security Tool Files β Packet Storm".
π Mandos Encrypted File System Unattended Reboot Utility 1.8.10 π
π Go!
via "Security Tool Files β Packet Storm".
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Mandos Encrypted File System Unattended Reboot Utility 1.8.10 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π How to protect your organization and remote workers against ransomware π
π Read
via "Security on TechRepublic".
Phishing emails and unsecure remote desktop protocol access are two common types of attack methods used to spread ransomware, says cyber breach firm Beazley Breach Response Services.π Read
via "Security on TechRepublic".
TechRepublic
How to protect your organization and remote workers against ransomware
Phishing emails and unsecure remote desktop protocol access are two common types of attack methods used to spread ransomware, says cyber breach firm Beazley Breach Response Services.
β Microsoft Warns of Critical Windows Zero-Day Flaws β
π Read
via "Threatpost".
The unpatched Windows zero day flaws are being exploited in "limited, targeted" attacks, according to Microsoft.π Read
via "Threatpost".
Threat Post
Microsoft Warns of Critical Windows Zero-Day Flaws
The unpatched Windows zero day flaws are being exploited in "limited, targeted" attacks, according to Microsoft.
π Ex-Google Engineer Pleads Guilty to Trade Secret Theft π
π Read
via "Subscriber Blog RSS Feed ".
Ex-Google engineer Anthony Levandowski plead guilty to trade secret theft last week, acknowleding he took a sensitive Google file before joining Uber.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Ex-Google Engineer Pleads Guilty to Trade Secret Theft
Ex-Google engineer Anthony Levandowski plead guilty to trade secret theft last week, acknowleding he took a sensitive Google file before joining Uber.
β Hackers Actively Exploit 0-Day in CCTV Camera Hardware β
π Read
via "Threatpost".
Criminals behind botnets Chalubo, FBot and Moobot attack unpatched vulnerabilities in the commercial DVRs made by LILIN.π Read
via "Threatpost".
Threat Post
Hackers Actively Exploit 0-Day in CCTV Camera Hardware
Criminals behind botnets Chalubo, FBot and Moobot attack unpatched vulnerabilities in the commercial DVRs made by LILIN.
β Apache Tomcat Exploit Poised to Pounce, Stealing Files β
π Read
via "Threatpost".
Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers.π Read
via "Threatpost".
Threat Post
Apache Tomcat Exploit Poised to Pounce, Stealing Files
Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers.
π΄ 538 Million Weibo Users' Info for Sale on Dark Web π΄
π Read
via "Dark Reading: ".
The user data, which does not include passwords, purportedly comes from a mid-2019 breach.π Read
via "Dark Reading: ".
Darkreading
538 Million Weibo Users' Info for Sale on Dark Web
The user data, which does not include passwords, purportedly comes from a mid-2019 breach.
π΄ Three Ways Your BEC Defense Is Failing & How to Do Better π΄
π Read
via "Dark Reading: ".
Business email compromises cost the economy billions of dollars. Experts have advice on how to stop them from hitting you for millions at a pop.π Read
via "Dark Reading: ".
Darkreading
Three Ways Your BEC Defense Is Failing & How to Do Better
Business email compromises cost the economy billions of dollars. Experts have advice on how to stop them from hitting you for millions at a pop.
π΄ Microsoft Publishes Advisory for Windows Zero-Day π΄
π Read
via "Dark Reading: ".
There is no available patch for the vulnerabilities, which Microsoft says exist in all supported versions of Windows.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Feds shut down bogus COVID-19 vaccine site β
π Read
via "Naked Security".
A vaccine for $4.95!? Nah, we didn't think so, either. Shuttering the alleged rip-off site is the DOJ's 1st takedown of COVID-19 flimflam.π Read
via "Naked Security".
Naked Security
Feds shut down bogus COVID-19 vaccine site
A vaccine for $4.95!? Nah, we didnβt think so, either. Shuttering the alleged rip-off site is the DOJβs 1st takedown of COVID-19 flimflam.
π΅ Top VPNs are recording users and potentially leaking their data when they visit their website π΅
π Read
via "VPNpro".
π Read
via "VPNpro".
VPNpro
Top VPNs are recording users and potentially leaking their data when they visit their website
Our research uncovered that top VPN websites, valued for their privacy, are actually recording users and may be leaking their data. Find out who they are.
β€1
π Microsoft Defender for Linux is coming. This is what you need to know π
π Read
via "Security on TechRepublic".
Microsoft's security tools extend beyond the company's own platforms. While the ambition for Defender for Linux is broad, the first preview is aimed just at servers and does less than on Windows.π Read
via "Security on TechRepublic".
TechRepublic
Microsoft Defender for Linux is coming. This is what you need to know
Microsoft's security tools extend beyond the company's own platforms. While the ambition for Defender for Linux is broad, the first preview is aimed just at servers and does less than on Windows.