β Zoom Bombing Attack Hits U.S. Government Meeting β
π Read
via "Threatpost".
A recent U.S. House Oversight Committee meeting was the latest victim of Zoom bombing, according to an internal letter.π Read
via "Threatpost".
Threat Post
Zoom Bombing Attack Hits U.S. Government Meeting
A recent U.S. House Oversight Committee meeting was the latest victim of Zoom bombing, according to an internal letter.
π΄ Cybersecurity Home-School: The Robot Project π΄
π Read
via "Dark Reading: ".
This fun project can teach your home-bound children and teens about cybersecurity (and keep them occupied for at least a little while).π Read
via "Dark Reading: ".
Dark Reading
Cybersecurity Home-School: The Robot Project
This fun project can teach your homebound children and teens about cybersecurity (and keep them occupied for at least a little while).
π Falco 0.22.1 π
π Go!
via "Security Tool Files β Packet Storm".
Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Falco 0.22.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2019-12002
π Read
via "National Vulnerability Database".
A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-12001
π Read
via "National Vulnerability Database".
A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier.π Read
via "National Vulnerability Database".
π Microsoft: Our new machine learning model spots critical security bugs 97% of the time π
π Read
via "Security on TechRepublic".
Microsoft claims a machine learning models its built for software developers can distinguish between security and non-security bugs 99% of the time.π Read
via "Security on TechRepublic".
π Friday Five: 4/17 Edition π
π Read
via "Subscriber Blog RSS Feed ".
San Francisco International Airport was hacked, Pentagon networks are at risk, and a TikTok hack circulates Coronavirus consipiracy theories. Catch up on the news of the week with the Friday Five!π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 4/17 Edition
San Francisco International Airport was hacked, Pentagon networks are at risk, and a TikTok hack circulates Coronavirus consipiracy theories. Catch up on the news of the week with the Friday Five!
β Critical bug in Google Chrome β get your update now β
π Read
via "Naked Security".
Here's the short version: Google just issued a Chrome update with a note that says, "This update includes 1 critical security fix."π Read
via "Naked Security".
Naked Security
Critical bug in Google Chrome β get your update now
Hereβs the short version: Google just issued a Chrome update with a note that says, βThis update includes 1 critical security fix.β
β Attacks on Linksys Routers Trigger Mass Password Reset β
π Read
via "Threatpost".
Linksys Smart Wi-Fi users were forced to reset their passwords after researchers discovered a router hack.π Read
via "Threatpost".
Threat Post
Attacks on Linksys Routers Trigger Mass Password Reset
Linksys Smart Wi-Fi users were forced to reset their passwords after researchers discovered a router hack.
π΄ Researchers Explore Details of Critical VMware Vulnerability π΄
π Read
via "Dark Reading: ".
The vCenter vulnerability, patched on April 9, could give an intruder access to administrative credentials in three steps.π Read
via "Dark Reading: ".
Dark Reading
Researchers Explore Details of Critical VMware Vulnerability
The vCenter vulnerability, patched on April 9, could give an intruder access to administrative credentials in three steps.
π΄ COVID-Themed Phishing Messages Fill Phishing Filters on Gmail π΄
π Read
via "Dark Reading: ".
In the past week, Google says it identified more than 18 million daily phishing messages featuring coronavirus themes.π Read
via "Dark Reading: ".
Dark Reading
COVID-Themed Phishing Messages Fill Phishing Filters on Gmail
In the past week, Google says it identified more than 18 million daily phishing messages featuring coronavirus themes.
β DHS Urges Pulse Secure VPN Users To Update Passwords β
π Read
via "Threatpost".
The DHS urged organizations to update their passwords and make sure that a critical Pulse Secure VPN flaw has been patched, as attackers continue to exploit the flaw.π Read
via "Threatpost".
Threat Post
DHS Urges Pulse Secure VPN Users To Update Passwords
The DHS urged organizations to update their passwords and make sure that a critical Pulse Secure VPN flaw has been patched, as attackers continue to exploit the flaw.
π Zoom: A cheat sheet about the video conferencing solution π
π Read
via "Security on TechRepublic".
Zoom has become a household name because lots of people are working from home and using the video conferencing software. Here is your guide to Zoom basics, including its security vulnerabilities.π Read
via "Security on TechRepublic".
TechRepublic
Zoom: A cheat sheet about the video conferencing solution
Zoom is now a household name for work-from-home employees. Here is your guide to Zoom basics, including its security vulnerabilities and video conferencing alternatives such as Microsoft Teams.
π΄ Pen-Test Results Hint at Improvements in Enterprise Security π΄
π Read
via "Dark Reading: ".
Though many problems remain, organizations are making attackers work harder.π Read
via "Dark Reading: ".
Dark Reading
Pen-Test Results Hint at Improvements in Enterprise Security
Though many problems remain, organizations are making attackers work harder.
β Monday review β the hot 13 stories of the week β
π Read
via "Naked Security".
From the critical bug in Google Chrome to Signal's fears over the EARN Act, get yourself up to date with everything we've written in the last week.π Read
via "Naked Security".
Naked Security
Monday review β the hot 13 stories of the week
From the critical bug in Google Chrome to Signalβs fears over the EARN Act, get yourself up to date with everything weβve written in the last week.
β Bot creates millions of fake eyeballs to rip off smart-TV advertisers β
π Read
via "Naked Security".
The massive ICEBUCKET scheme has, so far, impersonated more than 2m people in 30+ countries, defrauding more than 300 brands of ad dollars.π Read
via "Naked Security".
Naked Security
Bot creates millions of fake eyeballs to rip off smart-TV advertisers
The massive ICEBUCKET scheme has, so far, impersonated more than 2m people in 30+ countries, defrauding more than 300 brands of ad dollars.
π Scammers exploiting stimulus payments with phishing attacks and malicious domains π
π Read
via "Security on TechRepublic".
Since January, more than 4,000 domains related to coronavirus stimulus packages have been registered, many of them malicious or suspicious, according to Check Point Research.π Read
via "Security on TechRepublic".
TechRepublic
Scammers exploiting stimulus payments with phishing attacks and malicious domains
Since January, more than 4,000 domains related to coronavirus stimulus packages have been registered, many of them malicious or suspicious, according to Check Point Research.
β New sextortion scam: βHigh level of risk. Your account has been hacked.β β
π Read
via "Naked Security".
The latest sextortion emails try to fool you with technical terms they hope you won't understand.π Read
via "Naked Security".
Naked Security
New sextortion scam: βHigh level of risk. Your account has been hacked.β
The latest sextortion emails try to fool you with technical terms they hope you wonβt understand.
ATENTIONβΌ New - CVE-2017-18852
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by CSRF and authentication bypass. This affects R7300DST before 1.0.0.54, R8300 before 1.0.2.100_1.0.82, R8500 before 1.0.2.100_1.0.82, and WNDR3400v3 before 1.0.1.14.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18851
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D8500 through 1.0.3.28, R6400 through 1.0.1.22, R6400v2 through 1.0.2.18, R8300 through 1.0.2.94, R8500 through 1.0.2.94, and R6100 through 1.0.1.12.π Read
via "National Vulnerability Database".
β Fan vibrations can be used transmit data from air-gapped machines β
π Read
via "Naked Security".
The scientists known for finding ways to transmit software from non-networked computers, have figured out a way to do it using computer fan vibrations.π Read
via "Naked Security".
Naked Security
Fan vibrations can be used to transmit data from air-gapped machines
Scientists known for finding ways to transmit software from non-networked computers have figured out a way to do it with computer fan vibrations.