ATENTIONβΌ New - CVE-2016-11022
π Read
via "National Vulnerability Database".
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.π Read
via "National Vulnerability Database".
π Cybercriminals now recycling standard phishing emails with coronavirus themes π
π Read
via "Security on TechRepublic".
The latest malicious COVID-19 campaigns are repurposing conventional phishing emails with a coronavirus angle, says security trainer KnowBe4.π Read
via "Security on TechRepublic".
TechRepublic
Cybercriminals now recycling standard phishing emails with coronavirus themes
The latest malicious COVID-19 campaigns are repurposing conventional phishing emails with a coronavirus angle, says security trainer KnowBe4.
π΄ FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert π΄
π Read
via "Dark Reading: ".
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.π Read
via "Dark Reading: ".
Darkreading
FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.
β WhatsApp βMartinelliβ hoax is back, warning about βDance of the Popeβ β
π Read
via "Naked Security".
Two old WhatsApp hoaxes are back, with a grain-of-truth story in the middle to add a veneer of believability. Don't spread this stuff!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Hyperion Runtime Encrypter 2.3 π
π Go!
via "Security Tool Files β Packet Storm".
Hyperion is a runtime encrypter for 32-bit and 64-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".π Go!
via "Security Tool Files β Packet Storm".
π Mandos Encrypted File System Unattended Reboot Utility 1.8.10 π
π Go!
via "Security Tool Files β Packet Storm".
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Mandos Encrypted File System Unattended Reboot Utility 1.8.10 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π How to protect your organization and remote workers against ransomware π
π Read
via "Security on TechRepublic".
Phishing emails and unsecure remote desktop protocol access are two common types of attack methods used to spread ransomware, says cyber breach firm Beazley Breach Response Services.π Read
via "Security on TechRepublic".
TechRepublic
How to protect your organization and remote workers against ransomware
Phishing emails and unsecure remote desktop protocol access are two common types of attack methods used to spread ransomware, says cyber breach firm Beazley Breach Response Services.
β Microsoft Warns of Critical Windows Zero-Day Flaws β
π Read
via "Threatpost".
The unpatched Windows zero day flaws are being exploited in "limited, targeted" attacks, according to Microsoft.π Read
via "Threatpost".
Threat Post
Microsoft Warns of Critical Windows Zero-Day Flaws
The unpatched Windows zero day flaws are being exploited in "limited, targeted" attacks, according to Microsoft.
π Ex-Google Engineer Pleads Guilty to Trade Secret Theft π
π Read
via "Subscriber Blog RSS Feed ".
Ex-Google engineer Anthony Levandowski plead guilty to trade secret theft last week, acknowleding he took a sensitive Google file before joining Uber.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Ex-Google Engineer Pleads Guilty to Trade Secret Theft
Ex-Google engineer Anthony Levandowski plead guilty to trade secret theft last week, acknowleding he took a sensitive Google file before joining Uber.
β Hackers Actively Exploit 0-Day in CCTV Camera Hardware β
π Read
via "Threatpost".
Criminals behind botnets Chalubo, FBot and Moobot attack unpatched vulnerabilities in the commercial DVRs made by LILIN.π Read
via "Threatpost".
Threat Post
Hackers Actively Exploit 0-Day in CCTV Camera Hardware
Criminals behind botnets Chalubo, FBot and Moobot attack unpatched vulnerabilities in the commercial DVRs made by LILIN.
β Apache Tomcat Exploit Poised to Pounce, Stealing Files β
π Read
via "Threatpost".
Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers.π Read
via "Threatpost".
Threat Post
Apache Tomcat Exploit Poised to Pounce, Stealing Files
Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers.
π΄ 538 Million Weibo Users' Info for Sale on Dark Web π΄
π Read
via "Dark Reading: ".
The user data, which does not include passwords, purportedly comes from a mid-2019 breach.π Read
via "Dark Reading: ".
Darkreading
538 Million Weibo Users' Info for Sale on Dark Web
The user data, which does not include passwords, purportedly comes from a mid-2019 breach.
π΄ Three Ways Your BEC Defense Is Failing & How to Do Better π΄
π Read
via "Dark Reading: ".
Business email compromises cost the economy billions of dollars. Experts have advice on how to stop them from hitting you for millions at a pop.π Read
via "Dark Reading: ".
Darkreading
Three Ways Your BEC Defense Is Failing & How to Do Better
Business email compromises cost the economy billions of dollars. Experts have advice on how to stop them from hitting you for millions at a pop.
π΄ Microsoft Publishes Advisory for Windows Zero-Day π΄
π Read
via "Dark Reading: ".
There is no available patch for the vulnerabilities, which Microsoft says exist in all supported versions of Windows.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Feds shut down bogus COVID-19 vaccine site β
π Read
via "Naked Security".
A vaccine for $4.95!? Nah, we didn't think so, either. Shuttering the alleged rip-off site is the DOJ's 1st takedown of COVID-19 flimflam.π Read
via "Naked Security".
Naked Security
Feds shut down bogus COVID-19 vaccine site
A vaccine for $4.95!? Nah, we didnβt think so, either. Shuttering the alleged rip-off site is the DOJβs 1st takedown of COVID-19 flimflam.
π΅ Top VPNs are recording users and potentially leaking their data when they visit their website π΅
π Read
via "VPNpro".
π Read
via "VPNpro".
VPNpro
Top VPNs are recording users and potentially leaking their data when they visit their website
Our research uncovered that top VPN websites, valued for their privacy, are actually recording users and may be leaking their data. Find out who they are.
β€1
π Microsoft Defender for Linux is coming. This is what you need to know π
π Read
via "Security on TechRepublic".
Microsoft's security tools extend beyond the company's own platforms. While the ambition for Defender for Linux is broad, the first preview is aimed just at servers and does less than on Windows.π Read
via "Security on TechRepublic".
TechRepublic
Microsoft Defender for Linux is coming. This is what you need to know
Microsoft's security tools extend beyond the company's own platforms. While the ambition for Defender for Linux is broad, the first preview is aimed just at servers and does less than on Windows.
β Russiaβs FSB wanted its own IoT botnet β
π Read
via "Naked Security".
If you thought the Mirai botnet was bad, what about a version under the control of Russia's military that it could point like an electronic cannon at people it didn't like?π Read
via "Naked Security".
Naked Security
Russiaβs FSB wanted its own IoT botnet
If you thought the Mirai botnet was bad, what about a version under the control of Russiaβs military that it could point like an electronic cannon at people it didnβt like?
β Facebook Messenger may ban mass-forwarding of messages β
π Read
via "Naked Security".
Facebook has done this before: it did it with WhatsApp, following an outbreak of lynchings sparked by viral social media hoaxes.π Read
via "Naked Security".
Naked Security
Facebook Messenger may ban mass-forwarding of messages
Facebook has done this before: it did it with WhatsApp, following an outbreak of lynchings sparked by viral social media hoaxes.
β Tekya Malware Threatens Millions of Android Users via Google Play β
π Read
via "Threatpost".
The ad-fraud malware lurks in dozens of childrens' and utilities apps.π Read
via "Threatpost".
Threat Post
Tekya Malware Threatens Millions of Android Users via Google Play
The ad-fraud malware lurks in dozens of childrens' and utilities apps.
β Domain Name Security: Important Measures You Need to Know β
π Read
via "Threatpost".
A domain name that points to a website hosting your generated content is still one of the most secure means to ensure that an online identity does not fall prey to hackers or hijackers.π Read
via "Threatpost".
Threat Post
Domain Name Security: Important Measures You Need to Know
A domain name that points to your generated content is still a secure means to ensure that an online identity does not fall prey to hackers or hijackers.