π IBM providing 9 free public cloud business services to customers during coronavirus pandemic π
π Read
via "Security on TechRepublic".
With companies sending employees home to work during the COVID-19 threat, IBM offers a range of tools to support critical IT applications.π Read
via "Security on TechRepublic".
TechRepublic
IBM providing 9 free public cloud business services to customers during coronavirus pandemic
With companies sending employees home to work during the COVID-19 threat, IBM offers a range of tools to support critical IT applications.
π How to better secure your Microsoft Remote Desktop Protocol connections π
π Read
via "Security on TechRepublic".
Microsoft's Remote Desktop Protocol has been saddled with security bugs and weaknesses, which means you need to take certain precautions when using RDP for remote connections.π Read
via "Security on TechRepublic".
TechRepublic
How to better secure your Microsoft Remote Desktop Protocol connections
Microsoft's Remote Desktop Protocol has been saddled with security bugs and weaknesses, which means you need to take certain precautions when using RDP for remote connections.
β 8-Year-Old VelvetSweatshop Bug Resurrected in LimeRAT Campaign β
π Read
via "Threatpost".
An old RAT learns an old trick.π Read
via "Threatpost".
Threat Post
8-Year-Old VelvetSweatshop Bug Resurrected in LimeRAT Campaign
An old RAT learns an old trick.
β Zoom Scrutinized As Security Woes Mount β
π Read
via "Threatpost".
The New York Attorney General has inquired about Zoom's data security strategy, as the conferencing platform comes under heavy scrutiny for its privacy policies.π Read
via "Threatpost".
Threat Post
Zoom Scrutinized As Security Woes Mount
The New York Attorney General has inquired about Zoom's data security strategy, as the conferencing platform comes under heavy scrutiny for its privacy policies.
π΄ Patching Poses Security Problems with Move to More Remote Work π΄
π Read
via "Dark Reading: ".
Security teams were not ready for the wholesale move to remote work and the sudden expansion of the attack surface area, experts say.π Read
via "Dark Reading: ".
Dark Reading
Patching Poses Security Problems with Move to More Remote Work
Security teams were not ready for the wholesale move to remote work and the sudden expansion of the attack surface area, experts say.
π Keep these privacy considerations in mind when using Zoom at home for work collaboration π
π Read
via "Security on TechRepublic".
The platform allows a host to monitor users' activities while screen sharing, as well as access to a participant's device information and other details.π Read
via "Security on TechRepublic".
TechRepublic
Keep these privacy considerations in mind when using Zoom at home for work collaboration
The platform allows a host to monitor users' activities while screen sharing, as well as access to a participant's device information and other details.
π΄ Why Third-Party Risk Management Has Never Been More Important π΄
π Read
via "Dark Reading: ".
Given today's coronavirus pandemic, the need for companies to collect cybersecurity data about their business partners is more critical than ever. Here's how to start.π Read
via "Dark Reading: ".
Darkreading
Why Third-Party Risk Management Has Never Been More Important
Given today's coronavirus pandemic, the need for companies to collect cybersecurity data about their business partners is more critical than ever. Here's how to start.
π΄ Latest Security News & Commentary about COVID-19 π΄
π Read
via "Dark Reading: ".
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.π Read
via "Dark Reading: ".
Dark Reading
Latest Security News & Commentary about COVID-19
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
π΄ Data from 5.2M Marriott Loyalty Program Members Hit by Breach π΄
π Read
via "Dark Reading: ".
The data was breached through the credentials of two franchisee employees.π Read
via "Dark Reading: ".
Darkreading
Data from 5.2M Marriott Loyalty Program Members Hit by Breach
The data was breached through the credentials of two franchisee employees.
ATENTIONβΌ New - CVE-2019-14905
π Read
via "National Vulnerability Database".
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-14880
π Read
via "National Vulnerability Database".
A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. OAuth 2 providers who do not verify users' email address changes require additional verification during sign-up to reduce the risk of account compromise.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-10180
π Read
via "National Vulnerability Database".
A vulnerability was found in all pki-core 10.x.x version, where the Token Processing Service (TPS) did not properly sanitize several parameters stored for the tokens, possibly resulting in a Stored Cross Site Scripting (XSS) vulnerability. An attacker able to modify the parameters of any token could use this flaw to trick an authenticated user into executing arbitrary JavaScript code.π Read
via "National Vulnerability Database".
π΄ Researchers Uncover Unsophisticated - But Creative - Watering-Hole Attack π΄
π Read
via "Dark Reading: ".
Holy Water campaign is targeting users of a specific religious and ethnic group in Asia, Kaspersky says.π Read
via "Dark Reading: ".
Darkreading
Researchers Uncover Unsophisticated - But Creative - Watering-Hole Attack
Holy Water campaign is targeting users of a specific religious and ethnic group in Asia, Kaspersky says.
π Two Exabeam employees at RSA conference who tested positive for COVID-19 are recovering π
π Read
via "Security on TechRepublic".
Exabeam's employees are recovering from coronavirus. Both tested positive for coronavirus after attending RSA in San Francisco.π Read
via "Security on TechRepublic".
TechRepublic
Two Exabeam employees at RSA conference who tested positive for COVID-19 are recovering
Exabeam's employees are recovering from coronavirus. Both tested positive for COVID-19 after attending RSA in San Francisco.
π FBI warns about Zoom bombing as hijackers take over school and business video conferences π
π Read
via "Security on TechRepublic".
Teleconferences are being disrupted by internet trolls shouting profanity and racist remarks and posting pornographic and hate images.π Read
via "Security on TechRepublic".
TechRepublic
FBI warns about Zoom bombing as hijackers take over school and business video conferences
Teleconferences are being disrupted by internet trolls shouting profanity and racist remarks and posting pornographic and hate images.
π FBI Urges Vigiliance Around COVID-19 Scams, Malware π
π Read
via "Subscriber Blog RSS Feed ".
Itβs been difficult keeping track of all the scams leveraging the COVID-19 pandemic to steal your money or your personal information. Now, the FBI is warning of increased attacks that target the supply chain and the healthcare industry in addition to βZoom-bombingβ style attacks.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
FBI Urges Vigiliance Around COVID-19 Scams, Malware
Itβs been difficult keeping track of all the scams leveraging the COVID-19 pandemic to steal your money or your personal information. Now, the FBI is warning of increased attacks that target the supply chain and the healthcare industry in addition to βZoomβ¦
ATENTIONβΌ New - CVE-2019-13495
π Read
via "National Vulnerability Database".
In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross-site scripting (XSS) issues allows remote authenticated users to inject arbitrary web script via an rpSys.html Name or Location field.π Read
via "National Vulnerability Database".
β Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy β
π Read
via "Threatpost".
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.π Read
via "Threatpost".
Threat Post
Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.
π΄ Defense Evasion Dominated 2019 Attack Tactics π΄
π Read
via "Dark Reading: ".
Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.π Read
via "Dark Reading: ".
Darkreading
Defense Evasion Dominated 2019 Attack Tactics
Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.
β Microsoftβs Edge browser to get breached credential alerts β
π Read
via "Naked Security".
Microsoft has announced a list of new security and privacy features it plans to add to forthcoming versions in an effort to take on its rivals.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Major Cloud, CDN Providers Join Secure Routing Initiative π΄
π Read
via "Dark Reading: ".
Akamai, AWS, Azion, Cloudflare, Facebook, and Netflix are now members of the Mutually Agreed Norms for Routing Security (MANRS) effort.π Read
via "Dark Reading: ".
Dark Reading
Major Cloud, CDN Providers Join Secure Routing Initiative
Akamai, AWS, Azion, Cloudflare, Facebook, and Netflix are now members of the Mutually Agreed Norms for Routing Security (MANRS) effort.