π΄ Checkmarx Acquires Custodela π΄
π Read
via "Dark Reading: ".
The purchase adds DevSecOps capabilities to a software license compliance platform.π Read
via "Dark Reading: ".
Dark Reading
Checkmarx Acquires Custodela
The purchase adds DevSecOps capabilities to a software license compliance platform.
π΄ Crytpocurrency Exchange Targeted Via Attack on Web Traffic Analysis Firm π΄
π Read
via "Dark Reading: ".
"Island-hopping" attackers breached StatCounter so they could get to users of gate.io.π Read
via "Dark Reading: ".
Dark Reading
Crytpocurrency Exchange Targeted Via Attack on Web Traffic Analysis Firm
Island-hopping attackers breached StatCounter so they could get to users of gate.io.
π΄ Finding Gold in the Threat Intelligence Rush π΄
π Read
via "Dark Reading: ".
Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.π Read
via "Dark Reading: ".
Dark Reading
Finding Gold in the Threat Intelligence Rush
Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.
π΄ New Side-Channel Attacks Target Graphics Processing Units π΄
π Read
via "Dark Reading: ".
A trio of new attacks bypass CPUs to wring data from vulnerable GPUs.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
β Phone companies slammed for lousy robocall efforts β
π Read
via "Naked Security".
By this time next year, says Chairman Ajit Pai, the FCC wants to see an anti-robocall system on consumers' phones - or else.π Read
via "Naked Security".
Naked Security
Phone companies slammed for lousy robocall efforts
By this time next year, says Chairman Ajit Pai, the FCC wants to see an anti-robocall system on consumersβ phones β or else.
β Google warning: Fix your dodgy ads within 30 days or get banned β
π Read
via "Naked Security".
Having taken what it thought was a decisive swipe at the problem of βabusiveβ advertising a year ago, Google now says next monthβs Chrome 71 will unleash an even tougher crackdown.π Read
via "Naked Security".
Naked Security
Google warning: Fix your dodgy ads within 30 days or get banned
Having taken what it thought was a decisive swipe at the problem of βabusiveβ advertising a year ago, Google now says next monthβs Chrome 71 will unleash an even tougher crackdown.
β Closed doors are no match for a WiβFi peeping tom and a smartphone β
π Read
via "Naked Security".
Researchers have found that a smartphone and some smart number crunching can track people moving in their homes as they reflect radio waves.π Read
via "Naked Security".
Naked Security
Closed doors are no match for a WiβFi peeping tom and a smartphone
Researchers have found that a smartphone and some smart number crunching can track people moving in their homes as they reflect radio waves.
β Apple Modernizes Its Hardware Security with T2 β
π Read
via "The first stop for security news | Threatpost ".
Apple has widened the range of Macs running its T2 security chip. Is macOS finally catching up with other platforms when it comes to secure computing?π Read
via "The first stop for security news | Threatpost ".
Threat Post
Apple Modernizes Its Hardware Security with T2
Apple has widened the range of Macs running its T2 security chip. Is macOS finally catching up with other platforms when it comes to secure computing?
β Ranting researcher publishes VM-busting zero-day without warning β
π Read
via "Naked Security".
A security researcher has published a zero-day flaw in a commonly-used virtual machine management system without notifying the vendor, justifying it with a scathing critique of the infosecurity industry.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Podcast: Troy Hunt Talks Bad Passwords β and Whoβs to Blame for Them β
π Read
via "The first stop for security news | Threatpost ".
Troy Hunt sounds off on how both consumers and services have a joint role in creating and enforcing strong passwords.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Podcast: Troy Hunt Talks Bad Passwords β and Whoβs to Blame for Them
Troy Hunt sounds off on how both consumers and services have a joint role in creating and enforcing strong passwords.
π΄ The Executive Summit Returns to Black Hat Europe 2018 π΄
π Read
via "Dark Reading: ".
This day-long event for CISOs and execs will show you the way to next-level skills, strategies, and techniques that will bolster your relevance and wow the board.π Read
via "Dark Reading: ".
Dark Reading
The Executive Summit Returns to Black Hat Europe 2018 - Dark Reading
This day-long event for CISOs and execs will show you the way to next-level skills, strategies, and techniques that will bolster your relevance and wow the board.
β DJI Patches Forum Bug That Allowed Drone Account Takeovers β
π Read
via "The first stop for security news | Threatpost".
Bug opened door for malicious link attack, giving hacker access to stored DJI drone data of commercial and consumer customers.π Read
via "The first stop for security news | Threatpost".
Threat Post
DJI Patches Forum Bug That Allowed Drone Account Takeovers
Bug opened door for malicious link attack, giving hacker access to stored DJI drone data of commercial and consumer customers.
π Watch out for bogus warnings to downgrade Windows 10 π
π Read
via "Security on TechRepublic".
Windows 10 users running genuine copies of the Pro edition are being told to swap to Windows 10 Home after what appears to be an issue with Microsoft's activation servers.π Read
via "Security on TechRepublic".
ATENTIONβΌ New - CVE-2018-11777
π Read
via "National Vulnerability Database".
In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on HiveServer2 machines are not properly protected against malicious user if ranger, sentry or sql standard authorizer is not in use.π Read
via "National Vulnerability Database".
π΄ 5 Things the Most Secure Software Companies Do (and How You Can Be Like Them) π΄
π Read
via "Dark Reading: ".
What sets apart the largest and most innovative software engineering organizations? These five approaches are a good way to start, and they won't break the bank.π Read
via "Dark Reading: ".
Darkreading
5 Things the Most Secure Software Companies Do (and How You Can Be Like Them)
What sets apart the largest and most innovative software engineering organizations? These five approaches are a good way to start, and they won't break the bank.
π How to disable simultaneous multithreading on Lenovo ThinkPads π
π Read
via "Security on TechRepublic".
Major side-channel exploits demonstrated the feasibility of programs extracting data from a program in an adjacent thread in the same core. Here's how and why to protect your ThinkPad.π Read
via "Security on TechRepublic".
TechRepublic
How to disable simultaneous multithreading on Lenovo ThinkPads | TechRepublic
Major side-channel exploits demonstrated the feasibility of programs extracting data from a program in an adjacent thread in the same core. Here's how and why to protect your ThinkPad.
β βDerpTrollβ Faces 10 Years in Prison for DDoSing Gaming Sites as a Teen β
π Read
via "Threatpost | The first stop for security news".
He admitted to taking Steam, EA Origin and Sony Online Entertainment offline in 2013 and 2014, causing at least $95,000 in damages.π Read
via "Threatpost | The first stop for security news".
Threat Post
βDerpTrollβ Faces 10 Years in Prison for DDoSing Gaming Sites as a Teen
He admitted to taking Steam, EA Origin and Sony Online Entertainment offline in 2013 and 2014, causing at least $95,000 in damages.
ATENTIONβΌ New - CVE-2018-0284
π Read
via "National Vulnerability Database".
A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files. The vulnerability occurs when handling requests to the local status page. An exploit could allow the attacker to establish an interactive session to the device with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device that is being exploited.π Read
via "National Vulnerability Database".
β Cisco Accidentally Released Dirty Cow Exploit Code in Software β
π Read
via "Threatpost | The first stop for security news".
Cisco revealed that it had "inadvertently" shipped an in-house exploit code that was used in test scripts as part of its TelePresence Video Communication Server and Expressway Series software.π Read
via "Threatpost | The first stop for security news".
Threat Post
Cisco Accidentally Released Dirty Cow Exploit Code in Software
The most severe vulnerability, CVE-2018-15439, has a CVSS severity score of 9.8 (out of 10).
β Apple 0, JosΓ© 3 β Man versus Megacorp! [PODCAST] β
π Read
via "Naked Security".
Here's the latest Naked Security Podcast - enjoy!π Read
via "Naked Security".
Naked Security
Apple 0, JosΓ© 3 β Man versus Megacorp! [PODCAST]
Hereβs the latest Naked Security Podcast β enjoy!
π΄ Banking Malware Takes Aim at Brazilians π΄
π Read
via "Dark Reading: ".
Two malware distribution campaigns are sending banking Trojans to customers of financial institutions in Brazil.π Read
via "Dark Reading: ".
Darkreading
Banking Malware Takes Aim at Brazilians
Two malware distribution campaigns are sending banking Trojans to customers of financial institutions in Brazil.