ATENTIONβΌ New - CVE-2019-15796
π Read
via "National Vulnerability Database".
Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5.π Read
via "National Vulnerability Database".
β Hackers Hijack Routers to Spread Malware Via Coronavirus Apps β
π Read
via "Threatpost".
The router DNS hijacking attacks have targeted more than a thousand victims with the Oski info-stealing malware.π Read
via "Threatpost".
Threat Post
Hackers Hijack Routers to Spread Malware Via Coronavirus Apps
The router DNS hijacking attacks have targeted more than a thousand victims with the Oski info-stealing malware.
π nullscan 1.0.0 π
π Go!
via "Security Tool Files β Packet Storm".
nullscan is a modular framework designed to chain and automate security tests. It parses target definitions from the command line and runs corresponding modules and their nullscan-tools afterwards. It can also take hosts and start nmap first in order to perform a basic portscan and run the modules afterwards. Also, nullscan can parse a given nmap logfile for open tcp and udp ports and again run the modules afterwards. All results will be logged in specified directories with a clean structure and an HTML report can subsequently be generated.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
nullscan 1.0.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Watch out! Scummy scammers target home deliveries β
π Read
via "Naked Security".
Anxiously waiting for a home delivery? Don't be tricked by a message that says there's a problem with your address...π Read
via "Naked Security".
Naked Security
Watch out! Scummy scammers target home deliveries
Anxiously waiting for a home delivery? Donβt be tricked by a message that says thereβs a problem with your addressβ¦
ATENTIONβΌ New - CVE-2019-15795
π Read
via "National Vulnerability Database".
python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5.π Read
via "National Vulnerability Database".
π΄ Technology Empowers Pandemic Response, But Privacy Worries Remain π΄
π Read
via "Dark Reading: ".
As technology companies and the medical community work to find ways to track and test for the virus, privacy might fall by the wayside.π Read
via "Dark Reading: ".
Dark Reading
Technology Empowers Pandemic Response, But Privacy Worries Remain
As technology companies and the medical community work to find ways to track and test for the virus, privacy might fall by the wayside.
β As Zoom Booms Incidents of βZoomBombingβ Become a Growing Nuisance β
π Read
via "Threatpost".
Numerous instances of online conferences being disrupted by pornographic images, hate speech or even threats can be mitigated using some platform tools.π Read
via "Threatpost".
Threat Post
As Zoom Booms, Incidents of βZoomBombingβ Become a Growing Nuisance
Numerous instances of online conferences being disrupted by pornographic images, hate speech or even threats can be mitigated using some platform tools.
π Hackers hijacking home routers to direct people to malicious coronavirus app π
π Read
via "Security on TechRepublic".
The attackers are changing DNS settings on Linksys routers to redirect users to a malicious website promising an informative COVID-19 app, says security provider BitDefender.π Read
via "Security on TechRepublic".
TechRepublic
Hackers hijacking home routers to direct people to malicious coronavirus app
The attackers are changing DNS settings on Linksys routers to redirect users to a malicious website promising an informative COVID-19 app, says security provider BitDefender.
β Emerging APT Mounts Mass iPhone Surveillance Campaign β
π Read
via "Threatpost".
The malware, the work of a new APT called TwoSail Junk, allows deep surveillance and total control over iOS devices.π Read
via "Threatpost".
Threat Post
Emerging APT Mounts Mass iPhone Surveillance Campaign
The malware, the work of a new APT called TwoSail Junk, allows deep surveillance and total control over iOS devices.
π Digital Guardian Named to JMP Securities 2020 Elite 80 List π
π Read
via "Subscriber Blog RSS Feed ".
JMP Securities has announced its annual Elite 80 list and we're pleased to report Digital Guardian is on it!π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Digital Guardian Named to JMP Securities 2020 Elite 80 List
JMP Securities has announced its annual Elite 80 list and we're pleased to report Digital Guardian is on it!
β Tupperware Cyberattack Stores Away Customer Payment Cards β
π Read
via "Threatpost".
The food container company's main website had a card skimmer that scooped up online customers' payment card data.π Read
via "Threatpost".
Threat Post
Tupperware Cyberattack Stores Away Customer Payment Cards
The food container company's main website had a card skimmer that scooped up online customers' payment card data.
π How to safely work from home during the coronavirus outbreak π
π Read
via "Security on TechRepublic".
A malware expert offers telecommuters security tips about their work computer, remote access and network connections, phishing emails, and more.π Read
via "Security on TechRepublic".
TechRepublic
How to safely work from home during the coronavirus outbreak
A malware expert offers telecommuters security tips about their work computer, remote access and network connections, phishing emails, and more.
π 667% spike in email phishing attacks due to coronavirus fears π
π Read
via "Security on TechRepublic".
New data from Barracuda shows cybercriminals are taking advantage of people's concerns during the COVID-19 pandemic.π Read
via "Security on TechRepublic".
TechRepublic
667% spike in email phishing attacks due to coronavirus fears
New data from Barracuda shows cybercriminals are taking advantage of people's concerns during the COVID-19 pandemic.
π΄ 3 Mobile Security Problems That Most Security Teams Haven't Fixed Yet π΄
π Read
via "Dark Reading: ".
Mobility must be included in the security operations workflow so that company data is protected regardless of where remote workers are located.π Read
via "Dark Reading: ".
Dark Reading
3 Mobile Security Problems That Most Security Teams Haven't Fixed Yet
Mobility must be included in the security operations workflow so that company data is protected regardless of where remote workers are located.
π΄ Security Not a Priority for SAP Projects, Users Report π΄
π Read
via "Dark Reading: ".
Nearly 70% of SAP users surveyed believe organizations lacked focus on IT security during previous SAP implementations.π Read
via "Dark Reading: ".
Dark Reading
Security Not A Priority for SAP Projects, Users Report
Nearly 70% of SAP users surveyed believe organizations lacked focus on IT security during previous SAP implementations.
π΄ 10 Security Services Options for SMBs π΄
π Read
via "Dark Reading: ".
Outsourcing security remains one of the best ways for small to midsize businesses to protect themselves from cyberthreats.π Read
via "Dark Reading: ".
Dark Reading
10 Security Services Options for SMBs
Outsourcing security remains one of the best ways for small to midsize businesses to protect themselves from cyberthreats.
β Critical CODESYS Bug Allows Remote Code Execution β
π Read
via "Threatpost".
CVE-2020-10245, a heap-based buffer overflow that rates 10 out of 10 in severity, exists in the CODESYS web server and takes little skill to exploit.π Read
via "Threatpost".
Threat Post
Critical CODESYS Bug Allows Remote Code Execution
CVE-2020-10245, a heap-based buffer overflow that rates 10 out of 10 in severity, exists in the CODESYS web server and takes little skill to exploit.
π΄ How Zoom, Netflix, and Dropbox are Staying Online During the Pandemic π΄
π Read
via "Dark Reading: ".
Inside the efforts to keep the quarantined world's popular Internet services running smoothly.π Read
via "Dark Reading: ".
Dark Reading
How Zoom, Netflix, and Dropbox are Staying Online During the Pandemic
Inside the efforts to keep the quarantined world's popular Internet services running smoothly.
π΄ How to Evict Attackers Living Off Your Land π΄
π Read
via "Dark Reading: ".
As cyber defenses improve, adversaries are shifting to stealthy "living-off-the-land" attacks that use targets' own tools against them. Here are some tips to defend your turf.π Read
via "Dark Reading: ".
Dark Reading
How to Evict Attackers Living Off Your Land
As cyber defenses improve, adversaries are shifting to stealthy living-off-the-land attacks that use targets' own tools against them. Here are some tips to defend your turf.