ATENTIONβΌ New - CVE-2019-11285
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
β GitHub users targetted by Sawfish phishing campaign β
π Read
via "Naked Security".
GitHub users beware: online criminals have launched a phishing campaign to try and gain access to your accounts.π Read
via "Naked Security".
Naked Security
GitHub users targeted by Sawfish phishing campaign
GitHub users beware: online criminals have launched a phishing campaign to try and gain access to your accounts.
β US offers up to $5m reward for information on North Korean hackers β
π Read
via "Naked Security".
Know anything about North Korean hackers and their activities in cyberspace, past or ongoing? The US on Wednesday said that itβs got up to $5 million in Rewards for Justice money if you cough up useful details, which you can do here. The FBI and the Departments of State, Treasury, and Homeland Security (DHS) put [β¦]π Read
via "Naked Security".
Naked Security
US offers up to $5m reward for information on North Korean hackers
UN experts believe the DPRK cyber-steals and launders money, extorts companies and funnels the cash into its nuclear program.
π΄ 10 Standout Security M&A Deals from Q1 2020 π΄
π Read
via "Dark Reading: ".
The first quarter of 2020 brought investments in enterprise IoT and endpoint security, as well as billion-dollar investments from private equity firms.π Read
via "Dark Reading: ".
Dark Reading
10 Standout Security M&A Deals from Q1 2020
The first quarter of 2020 brought investments in enterprise IoT and endpoint security, as well as billion-dollar investments from private equity firms.
π How Google Cloud users can combat coronavirus-themed phishing emails π
π Read
via "Security on TechRepublic".
Google is striving to block Gmail messages and other content that exploit COVID-19, but there are steps users can take to fight such malware.π Read
via "Security on TechRepublic".
TechRepublic
How Google Cloud users can combat coronavirus-themed phishing emails
Google is striving to block Gmail messages and other content that exploit COVID-19, but there are steps users can take to fight such malware.
π΄ 'Look for the Helpers' to Securely Enable the Remote Workforce π΄
π Read
via "Dark Reading: ".
CISOs and CIOs, you are our helpers. As you take action to reassure your company, your confidence is our confidence.π Read
via "Dark Reading: ".
Dark Reading
'Look for the Helpers' to Securely Enable the Remote Workforce
CISOs and CIOs, you are our helpers. As you take action to reassure your company, your confidence is our confidence.
π Microsoft: Do this to secure your remote desktop users π
π Read
via "Security on TechRepublic".
More people working from home has led to an increase in remote desktop access, putting corporate systems at risk.π Read
via "Security on TechRepublic".
β Hackers Update Age-Old Excel 4.0 Macro Attack β
π Read
via "Threatpost".
XLS files sent via emails appear password protected but arenβt, opening automatically to install malware from compromised macros, according to researchers.π Read
via "Threatpost".
Threat Post
Hackers Update Age-Old Excel 4.0 Macro Attack
XLS files sent via emails appear password protected but arenβt, opening automatically to install malware from compromised macros, according to researchers.
β Zoom Bombing Attack Hits U.S. Government Meeting β
π Read
via "Threatpost".
A recent U.S. House Oversight Committee meeting was the latest victim of Zoom bombing, according to an internal letter.π Read
via "Threatpost".
Threat Post
Zoom Bombing Attack Hits U.S. Government Meeting
A recent U.S. House Oversight Committee meeting was the latest victim of Zoom bombing, according to an internal letter.
π΄ Cybersecurity Home-School: The Robot Project π΄
π Read
via "Dark Reading: ".
This fun project can teach your home-bound children and teens about cybersecurity (and keep them occupied for at least a little while).π Read
via "Dark Reading: ".
Dark Reading
Cybersecurity Home-School: The Robot Project
This fun project can teach your homebound children and teens about cybersecurity (and keep them occupied for at least a little while).
π Falco 0.22.1 π
π Go!
via "Security Tool Files β Packet Storm".
Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Falco 0.22.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2019-12002
π Read
via "National Vulnerability Database".
A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-12001
π Read
via "National Vulnerability Database".
A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier.π Read
via "National Vulnerability Database".
π Microsoft: Our new machine learning model spots critical security bugs 97% of the time π
π Read
via "Security on TechRepublic".
Microsoft claims a machine learning models its built for software developers can distinguish between security and non-security bugs 99% of the time.π Read
via "Security on TechRepublic".
π Friday Five: 4/17 Edition π
π Read
via "Subscriber Blog RSS Feed ".
San Francisco International Airport was hacked, Pentagon networks are at risk, and a TikTok hack circulates Coronavirus consipiracy theories. Catch up on the news of the week with the Friday Five!π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 4/17 Edition
San Francisco International Airport was hacked, Pentagon networks are at risk, and a TikTok hack circulates Coronavirus consipiracy theories. Catch up on the news of the week with the Friday Five!
β Critical bug in Google Chrome β get your update now β
π Read
via "Naked Security".
Here's the short version: Google just issued a Chrome update with a note that says, "This update includes 1 critical security fix."π Read
via "Naked Security".
Naked Security
Critical bug in Google Chrome β get your update now
Hereβs the short version: Google just issued a Chrome update with a note that says, βThis update includes 1 critical security fix.β
β Attacks on Linksys Routers Trigger Mass Password Reset β
π Read
via "Threatpost".
Linksys Smart Wi-Fi users were forced to reset their passwords after researchers discovered a router hack.π Read
via "Threatpost".
Threat Post
Attacks on Linksys Routers Trigger Mass Password Reset
Linksys Smart Wi-Fi users were forced to reset their passwords after researchers discovered a router hack.
π΄ Researchers Explore Details of Critical VMware Vulnerability π΄
π Read
via "Dark Reading: ".
The vCenter vulnerability, patched on April 9, could give an intruder access to administrative credentials in three steps.π Read
via "Dark Reading: ".
Dark Reading
Researchers Explore Details of Critical VMware Vulnerability
The vCenter vulnerability, patched on April 9, could give an intruder access to administrative credentials in three steps.
π΄ COVID-Themed Phishing Messages Fill Phishing Filters on Gmail π΄
π Read
via "Dark Reading: ".
In the past week, Google says it identified more than 18 million daily phishing messages featuring coronavirus themes.π Read
via "Dark Reading: ".
Dark Reading
COVID-Themed Phishing Messages Fill Phishing Filters on Gmail
In the past week, Google says it identified more than 18 million daily phishing messages featuring coronavirus themes.
β DHS Urges Pulse Secure VPN Users To Update Passwords β
π Read
via "Threatpost".
The DHS urged organizations to update their passwords and make sure that a critical Pulse Secure VPN flaw has been patched, as attackers continue to exploit the flaw.π Read
via "Threatpost".
Threat Post
DHS Urges Pulse Secure VPN Users To Update Passwords
The DHS urged organizations to update their passwords and make sure that a critical Pulse Secure VPN flaw has been patched, as attackers continue to exploit the flaw.
π Zoom: A cheat sheet about the video conferencing solution π
π Read
via "Security on TechRepublic".
Zoom has become a household name because lots of people are working from home and using the video conferencing software. Here is your guide to Zoom basics, including its security vulnerabilities.π Read
via "Security on TechRepublic".
TechRepublic
Zoom: A cheat sheet about the video conferencing solution
Zoom is now a household name for work-from-home employees. Here is your guide to Zoom basics, including its security vulnerabilities and video conferencing alternatives such as Microsoft Teams.