π Keep these privacy considerations in mind when using Zoom at home for work collaboration π
π Read
via "Security on TechRepublic".
The platform allows a host to monitor users' activities while screen sharing, as well as access to a participant's device information and other details.π Read
via "Security on TechRepublic".
TechRepublic
Keep these privacy considerations in mind when using Zoom at home for work collaboration
The platform allows a host to monitor users' activities while screen sharing, as well as access to a participant's device information and other details.
π΄ Why Third-Party Risk Management Has Never Been More Important π΄
π Read
via "Dark Reading: ".
Given today's coronavirus pandemic, the need for companies to collect cybersecurity data about their business partners is more critical than ever. Here's how to start.π Read
via "Dark Reading: ".
Darkreading
Why Third-Party Risk Management Has Never Been More Important
Given today's coronavirus pandemic, the need for companies to collect cybersecurity data about their business partners is more critical than ever. Here's how to start.
π΄ Latest Security News & Commentary about COVID-19 π΄
π Read
via "Dark Reading: ".
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.π Read
via "Dark Reading: ".
Dark Reading
Latest Security News & Commentary about COVID-19
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.
π΄ Data from 5.2M Marriott Loyalty Program Members Hit by Breach π΄
π Read
via "Dark Reading: ".
The data was breached through the credentials of two franchisee employees.π Read
via "Dark Reading: ".
Darkreading
Data from 5.2M Marriott Loyalty Program Members Hit by Breach
The data was breached through the credentials of two franchisee employees.
ATENTIONβΌ New - CVE-2019-14905
π Read
via "National Vulnerability Database".
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-14880
π Read
via "National Vulnerability Database".
A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. OAuth 2 providers who do not verify users' email address changes require additional verification during sign-up to reduce the risk of account compromise.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-10180
π Read
via "National Vulnerability Database".
A vulnerability was found in all pki-core 10.x.x version, where the Token Processing Service (TPS) did not properly sanitize several parameters stored for the tokens, possibly resulting in a Stored Cross Site Scripting (XSS) vulnerability. An attacker able to modify the parameters of any token could use this flaw to trick an authenticated user into executing arbitrary JavaScript code.π Read
via "National Vulnerability Database".
π΄ Researchers Uncover Unsophisticated - But Creative - Watering-Hole Attack π΄
π Read
via "Dark Reading: ".
Holy Water campaign is targeting users of a specific religious and ethnic group in Asia, Kaspersky says.π Read
via "Dark Reading: ".
Darkreading
Researchers Uncover Unsophisticated - But Creative - Watering-Hole Attack
Holy Water campaign is targeting users of a specific religious and ethnic group in Asia, Kaspersky says.
π Two Exabeam employees at RSA conference who tested positive for COVID-19 are recovering π
π Read
via "Security on TechRepublic".
Exabeam's employees are recovering from coronavirus. Both tested positive for coronavirus after attending RSA in San Francisco.π Read
via "Security on TechRepublic".
TechRepublic
Two Exabeam employees at RSA conference who tested positive for COVID-19 are recovering
Exabeam's employees are recovering from coronavirus. Both tested positive for COVID-19 after attending RSA in San Francisco.
π FBI warns about Zoom bombing as hijackers take over school and business video conferences π
π Read
via "Security on TechRepublic".
Teleconferences are being disrupted by internet trolls shouting profanity and racist remarks and posting pornographic and hate images.π Read
via "Security on TechRepublic".
TechRepublic
FBI warns about Zoom bombing as hijackers take over school and business video conferences
Teleconferences are being disrupted by internet trolls shouting profanity and racist remarks and posting pornographic and hate images.
π FBI Urges Vigiliance Around COVID-19 Scams, Malware π
π Read
via "Subscriber Blog RSS Feed ".
Itβs been difficult keeping track of all the scams leveraging the COVID-19 pandemic to steal your money or your personal information. Now, the FBI is warning of increased attacks that target the supply chain and the healthcare industry in addition to βZoom-bombingβ style attacks.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
FBI Urges Vigiliance Around COVID-19 Scams, Malware
Itβs been difficult keeping track of all the scams leveraging the COVID-19 pandemic to steal your money or your personal information. Now, the FBI is warning of increased attacks that target the supply chain and the healthcare industry in addition to βZoomβ¦
ATENTIONβΌ New - CVE-2019-13495
π Read
via "National Vulnerability Database".
In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross-site scripting (XSS) issues allows remote authenticated users to inject arbitrary web script via an rpSys.html Name or Location field.π Read
via "National Vulnerability Database".
β Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy β
π Read
via "Threatpost".
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.π Read
via "Threatpost".
Threat Post
Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.
π΄ Defense Evasion Dominated 2019 Attack Tactics π΄
π Read
via "Dark Reading: ".
Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.π Read
via "Dark Reading: ".
Darkreading
Defense Evasion Dominated 2019 Attack Tactics
Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.
β Microsoftβs Edge browser to get breached credential alerts β
π Read
via "Naked Security".
Microsoft has announced a list of new security and privacy features it plans to add to forthcoming versions in an effort to take on its rivals.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Major Cloud, CDN Providers Join Secure Routing Initiative π΄
π Read
via "Dark Reading: ".
Akamai, AWS, Azion, Cloudflare, Facebook, and Netflix are now members of the Mutually Agreed Norms for Routing Security (MANRS) effort.π Read
via "Dark Reading: ".
Dark Reading
Major Cloud, CDN Providers Join Secure Routing Initiative
Akamai, AWS, Azion, Cloudflare, Facebook, and Netflix are now members of the Mutually Agreed Norms for Routing Security (MANRS) effort.
β QR code generator scam steals thousands in Bitcoin β
π Read
via "Naked Security".
Every once in a while an attack comes along that is so simple to set up, and yet so effective, that it makes your jaw drop. Here's one.π Read
via "Naked Security".
Naked Security
QR code generator scam steals thousands in Bitcoin
Every once in a while an attack comes along that is so simple to set up, and yet so effective, that it makes your jaw drop. Hereβs one.
β Bill Gatesβs YouTube βBitcoin giveawayβ is a big fat scam β
π Read
via "Naked Security".
And no, Microsoft said, none of our verified accounts have been hijacked, vehemently denying early reports.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Top Email Protections Fail in Latest COVID-19 Phishing Campaign β
π Read
via "Threatpost".
An effective spoofing campaign promises users important information about new coronavirus cases in their local area, scooting past Proofpoint and Microsoft Office 356 ATPs.π Read
via "Threatpost".
Threat Post
Top Email Protections Fail in Latest COVID-19 Phishing Campaign
An effective spoofing campaign promises users important information about new coronavirus cases in their local area, scooting past Proofpoint and Microsoft Office 356 ATPs.
π΄ The SOC Emergency Room Faces Malware Pandemic π΄
π Read
via "Dark Reading: ".
To keep users and networks healthy and secure, security teams need to mimic countries that have taken on COVID-19 with a rapid, disciplined approach.π Read
via "Dark Reading: ".
Dark Reading
The SOC Emergency Room Faces Malware Pandemic
To keep users and networks healthy and secure, security teams need to mimic countries that have taken on COVID-19 with a rapid, disciplined approach.
π΄ COVID-19: Latest Security News & Commentary π΄
π Read
via "Dark Reading: ".
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.π Read
via "Dark Reading: ".
Dark Reading
COVID-19: Latest Security News & Commentary
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.