π΄ How Do I Make Sure My Work-From-Home Users Install Updates? π΄
π Read
via "Dark Reading: ".
Most enterprise endpoint solutions will support policies to enforce recommended updates.π Read
via "Dark Reading: ".
Dark Reading
How Do I Make Sure My Work-From-Home Users Install Updates?
Most enterprise endpoint solutions will support policies to enforce recommended updates.
ATENTIONβΌ New - CVE-2015-9545
π Read
via "National Vulnerability Database".
An issue was discovered in xdLocalStorage through 2.0.5. The receiveMessage() function in xdLocalStorage.js does not implement any validation of the origin of web messages. Remote attackers who can entice a user to load a malicious site can exploit this issue to impact the confidentiality and integrity of data in the local storage of the vulnerable site via malicious web messages.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9544
π Read
via "National Vulnerability Database".
An issue was discovered in xdLocalStorage through 2.0.5. The receiveMessage() function in xdLocalStoragePostMessageApi.js does not implement any validation of the origin of web messages. Remote attackers who can entice a user to load a malicious site can exploit this issue to impact the confidentiality and integrity of data in the local storage of the vulnerable site via malicious web messages.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-7488
π Read
via "National Vulnerability Database".
perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input.π Read
via "National Vulnerability Database".
β Serious Exchange Flaw Still Plagues 350K Servers β
π Read
via "Threatpost".
The Microsoft Exchange vulnerability was patched in February and has been targeted by several threat groups.π Read
via "Threatpost".
Threat Post
Serious Exchange Flaw Still Plagues 350K Servers
The Microsoft Exchange vulnerability was patched in February and has been targeted by several threat groups.
π΄ The Edge Names 'Holy Cow' Cartoon Caption Winners π΄
π Read
via "Dark Reading: ".
What can cows possibly have to do with cybersecurity?π Read
via "Dark Reading: ".
Dark Reading
The Edge
What can cows possibly have to do with cybersecurity?
π΄ Cybercriminals Hide Malware & Phishing Sites Under SSL Certificates π΄
π Read
via "Dark Reading: ".
More than half of the top 1 million websites use HTTPS, researchers report, but not all encrypted traffic is safe.π Read
via "Dark Reading: ".
Dark Reading
Cybercriminals Hide Malware & Phishing Sites Under SSL Certificates
More than half of the top 1 million websites use HTTPS, researchers report, but not all encrypted traffic is safe.
π΄ Chinese APT Groups Targeted Enterprise Linux Systems in Decade-Long Data Theft Campaign π΄
π Read
via "Dark Reading: ".
Organizations across multiple industries compromised in a systematic effort to steal IP and other sensitive business data, BlackBerry says.π Read
via "Dark Reading: ".
Dark Reading
Chinese APT Groups Targeted Enterprise Linux Systems in Decade-Long Data Theft Campaign
Organizations across multiple industries compromised in a systematic effort to steal IP and other sensitive business data, BlackBerry says.
π΄ Privacy & Digital-Rights Experts Worry Contact-Tracing Apps Lack Limits π΄
π Read
via "Dark Reading: ".
Mobile-phone-based tracking of people can help fight pandemics, but privacy and security researchers stress that it needs to be done right.π Read
via "Dark Reading: ".
Dark Reading
Privacy & Digital-Rights Experts Worry Contact-Tracing Apps Lack Limits
Mobile-phone-based tracking of people can help fight pandemics, but privacy and security researchers stress that it needs to be done right.
β As if the world couldnβt get any weirder, this AI toilet scans your anus to identify you β
π Read
via "Naked Security".
It's what the researchers call "A mountable toilet system for personalized health monitoring via the analysis of excreta."π Read
via "Naked Security".
Naked Security
As if the world couldnβt get any weirder, this AI toilet scans your anus to identify you
Itβs what the researchers call βA mountable toilet system for personalized health monitoring via the analysis of excreta.β
β Microsoft project proposed to aid Linux IoT code integrity β
π Read
via "Naked Security".
Imagine a computer user from 2010 dreaming of a world in which Microsoft is not only an enthusiastic proponent of open source software but actively contributes to it with its own ideas. The time is now.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Update Firefox again β more RCEs and an Android βtakeoverβ bug too β
π Read
via "Naked Security".
Hot on the heels of Firefox's emergency update over the weekend are the four-weekly fixes that Mozilla had in train already. Get 'em now!π Read
via "Naked Security".
Naked Security
Update Firefox again β more RCEs and an Android βtakeoverβ bug too
Hot on the heels of Firefoxβs emergency update over the weekend are the four-weekly fixes that Mozilla had in train already. Get βem now!
β COVID-19 CISO Checklist for Securing a Remote Workforce β
π Read
via "Threatpost".
The CISO Checklist for Secure Remote Working was built to assist CISOs in navigating through COVID-19, providing them with a concise, high-level list of the absolute essentials needed to ensure their organization is well protected in these challenging times.π Read
via "Threatpost".
Threat Post
COVID-19 CISO Checklist for Securing a Remote Workforce
The CISO Checklist for Secure Remote Working was built to assist CISOs in navigating through COVID-19, to ensure their organization is well-protected.
β βFake Fingerprintsβ Bypass Scanners with 3D Printing β
π Read
via "Threatpost".
New research used 3D printing technology to bypass fingerprint scanners, and tested it against Apple, Samsung and Microsoft mobile products.π Read
via "Threatpost".
Threat Post
βFake Fingerprintsβ Bypass Scanners with 3D Printing
New research used 3D printing technology to bypass fingerprint scanners, and tested it against Apple, Samsung and Microsoft mobile products.
π Talos researchers fabricate a fake that frequently fooled fingerprint locks π
π Read
via "Security on TechRepublic".
The 3D printed duplicates worked on phone and a MacBook Pro laptop but not on Windows machines or two USB jump drives.π Read
via "Security on TechRepublic".
TechRepublic
Talos researchers fabricate a fake that frequently fooled fingerprint locks
The 3D printed duplicates worked on phone and a MacBook Pro laptop but not on Windows machines or two USB jump drives.
β WhatsApp Axes COVID-19 Mass Message Forwarding β
π Read
via "Threatpost".
Amid rampant misinformation, users of the Facebook-owned messaging platform can no longer send coronavirus messages to more than one user at a time.π Read
via "Threatpost".
Threat Post
WhatsApp Axes COVID-19 Mass Message Forwarding
Amid rampant misinformation, users of the Facebook-owned messaging platform can no longer send coronavirus messages to more than one user at a time.
π΄ Why Threat Hunting with XDR Matters π΄
π Read
via "Dark Reading: ".
Extended detection response technology assumes a breach across all your endpoints, networks, SaaS applications, cloud infrastructure, and any network-addressable resource.π Read
via "Dark Reading: ".
Dark Reading
Why Threat Hunting with XDR Matters
Extended detection response technology assumes a breach across all your endpoints, networks, SaaS applications, cloud infrastructure, and any network-addressable resource.
π The seL4 microkernel: Optimized for security and endorsed by the Linux foundation π
π Read
via "Security on TechRepublic".
What is seL4, and what does it mean for the future of connected devices?π Read
via "Security on TechRepublic".
TechRepublic
The seL4 microkernel: Optimized for security and endorsed by the Linux Foundation
What is seL4, and what does it mean for the future of connected devices?
π΄ Accenture Buys Revolutionary Security in Third Acquisition of 2020 π΄
π Read
via "Dark Reading: ".
The deal is intended to strengthen Accenture's critical infrastructure protection capabilities and address more complex IT and OT challenges.π Read
via "Dark Reading: ".
Dark Reading
Accenture Buys Revolutionary Security in Third Acquisition of 2020
The deal is intended to strengthen Accenture's critical infrastructure protection capabilities and address more complex IT and OT challenges.
π Cybercriminals, state-sponsored groups ramping up attacks exploiting COVID-19 pandemic π
π Read
via "Security on TechRepublic".
IntSights researchers surveyed the cyberthreat landscape, finding a wide variety of coronavirus-themed phishing lures, malware infections, network intrusions, scams, and disinformation campaigns.π Read
via "Security on TechRepublic".
TechRepublic
Cybercriminals, state-sponsored groups ramping up attacks exploiting COVID-19 pandemic
IntSights researchers surveyed the cyberthreat landscape, finding a wide variety of coronavirus-themed phishing lures, malware infections, network intrusions, scams, and disinformation campaigns.