π΄ Researchers Explore Details of Critical VMware Vulnerability π΄
π Read
via "Dark Reading: ".
The vCenter vulnerability, patched on April 9, could give an intruder access to administrative credentials in three steps.π Read
via "Dark Reading: ".
Dark Reading
Researchers Explore Details of Critical VMware Vulnerability
The vCenter vulnerability, patched on April 9, could give an intruder access to administrative credentials in three steps.
π΄ COVID-Themed Phishing Messages Fill Phishing Filters on Gmail π΄
π Read
via "Dark Reading: ".
In the past week, Google says it identified more than 18 million daily phishing messages featuring coronavirus themes.π Read
via "Dark Reading: ".
Dark Reading
COVID-Themed Phishing Messages Fill Phishing Filters on Gmail
In the past week, Google says it identified more than 18 million daily phishing messages featuring coronavirus themes.
β DHS Urges Pulse Secure VPN Users To Update Passwords β
π Read
via "Threatpost".
The DHS urged organizations to update their passwords and make sure that a critical Pulse Secure VPN flaw has been patched, as attackers continue to exploit the flaw.π Read
via "Threatpost".
Threat Post
DHS Urges Pulse Secure VPN Users To Update Passwords
The DHS urged organizations to update their passwords and make sure that a critical Pulse Secure VPN flaw has been patched, as attackers continue to exploit the flaw.
π Zoom: A cheat sheet about the video conferencing solution π
π Read
via "Security on TechRepublic".
Zoom has become a household name because lots of people are working from home and using the video conferencing software. Here is your guide to Zoom basics, including its security vulnerabilities.π Read
via "Security on TechRepublic".
TechRepublic
Zoom: A cheat sheet about the video conferencing solution
Zoom is now a household name for work-from-home employees. Here is your guide to Zoom basics, including its security vulnerabilities and video conferencing alternatives such as Microsoft Teams.
π΄ Pen-Test Results Hint at Improvements in Enterprise Security π΄
π Read
via "Dark Reading: ".
Though many problems remain, organizations are making attackers work harder.π Read
via "Dark Reading: ".
Dark Reading
Pen-Test Results Hint at Improvements in Enterprise Security
Though many problems remain, organizations are making attackers work harder.
β Monday review β the hot 13 stories of the week β
π Read
via "Naked Security".
From the critical bug in Google Chrome to Signal's fears over the EARN Act, get yourself up to date with everything we've written in the last week.π Read
via "Naked Security".
Naked Security
Monday review β the hot 13 stories of the week
From the critical bug in Google Chrome to Signalβs fears over the EARN Act, get yourself up to date with everything weβve written in the last week.
β Bot creates millions of fake eyeballs to rip off smart-TV advertisers β
π Read
via "Naked Security".
The massive ICEBUCKET scheme has, so far, impersonated more than 2m people in 30+ countries, defrauding more than 300 brands of ad dollars.π Read
via "Naked Security".
Naked Security
Bot creates millions of fake eyeballs to rip off smart-TV advertisers
The massive ICEBUCKET scheme has, so far, impersonated more than 2m people in 30+ countries, defrauding more than 300 brands of ad dollars.
π Scammers exploiting stimulus payments with phishing attacks and malicious domains π
π Read
via "Security on TechRepublic".
Since January, more than 4,000 domains related to coronavirus stimulus packages have been registered, many of them malicious or suspicious, according to Check Point Research.π Read
via "Security on TechRepublic".
TechRepublic
Scammers exploiting stimulus payments with phishing attacks and malicious domains
Since January, more than 4,000 domains related to coronavirus stimulus packages have been registered, many of them malicious or suspicious, according to Check Point Research.
β New sextortion scam: βHigh level of risk. Your account has been hacked.β β
π Read
via "Naked Security".
The latest sextortion emails try to fool you with technical terms they hope you won't understand.π Read
via "Naked Security".
Naked Security
New sextortion scam: βHigh level of risk. Your account has been hacked.β
The latest sextortion emails try to fool you with technical terms they hope you wonβt understand.
ATENTIONβΌ New - CVE-2017-18852
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by CSRF and authentication bypass. This affects R7300DST before 1.0.0.54, R8300 before 1.0.2.100_1.0.82, R8500 before 1.0.2.100_1.0.82, and WNDR3400v3 before 1.0.1.14.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18851
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D8500 through 1.0.3.28, R6400 through 1.0.1.22, R6400v2 through 1.0.2.18, R8300 through 1.0.2.94, R8500 through 1.0.2.94, and R6100 through 1.0.1.12.π Read
via "National Vulnerability Database".
β Fan vibrations can be used transmit data from air-gapped machines β
π Read
via "Naked Security".
The scientists known for finding ways to transmit software from non-networked computers, have figured out a way to do it using computer fan vibrations.π Read
via "Naked Security".
Naked Security
Fan vibrations can be used to transmit data from air-gapped machines
Scientists known for finding ways to transmit software from non-networked computers have figured out a way to do it with computer fan vibrations.
π΄ Remote Access Makes a Comeback: 4 Security Challenges in the Wake of COVID-19 π΄
π Read
via "Dark Reading: ".
As companies continue to support increasing numbers of work-from-home employees, the pressure to secure access and reduce risk has never been greater.π Read
via "Dark Reading: ".
Dark Reading
Remote Access Makes a Comeback: 4 Security Challenges in the Wake of COVID-19
As companies continue to support increasing numbers of work-from-home employees, the pressure to secure access and reduce risk has never been greater.
β Maze ransomware hits US giant Cognizant β
π Read
via "Naked Security".
The latest company to fall victim to a ransomware attack is Cognizant, a large US IT services company which admitted at the weekend that it had fallen victim to Maze.π Read
via "Naked Security".
Naked Security
Maze ransomware hits US giant Cognizant
The latest company to fall victim to a ransomware attack is Cognizant, a large US IT services company which admitted at the weekend that it had fallen victim to Maze.
ATENTIONβΌ New - CVE-2017-18850
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by authentication bypass. This affects D6220 before 1.0.0.26, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.12, R6400 before 1.01.24, R6400v2 before 1.0.2.30, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R6900P before 1.0.0.56, R7000 before 1.0.9.4, R7000P before 1.0.0.56, R7100LG before 1.0.0.32, R7300DST before 1.0.0.54, R7900 before 1.0.1.18, R8000 before 1.0.3.44, R8300 before 1.0.2.100_1.0.82, and R8500 before 1.0.2.100_1.0.82.π Read
via "National Vulnerability Database".
β Bitcoin Stealers Hide in 700+ Ruby Developer Libraries β
π Read
via "Threatpost".
Cybercriminals uploaded typosquatted malicious libraries to RubyGems, which contains open-source components that are used as basic application building blocks by software developers.π Read
via "Threatpost".
Threat Post
Bitcoin Stealers Hide in 700+ Ruby Developer Libraries
Cybercriminals uploaded typosquatted malicious libraries to RubyGems, which contains open-source components that are used as basic application building blocks by software developers.
π΄ COVID-19 Caption Contest Winners π΄
π Read
via "Dark Reading: ".
It was a tough choice! And the winner is...π Read
via "Dark Reading: ".
Dark Reading
COVID-19 Caption Contest Winners
It was a tough choice! And the winner is...
β Foxit PDF Reader, PhantomPDF Open to Remote Code Execution β
π Read
via "Threatpost".
Foxit Reader and PhantomPDF are plagued by several high-severity flaws that, if exploited, could enable remote code execution.π Read
via "Threatpost".
Threat Post
Foxit PDF Reader, PhantomPDF Open to Remote Code Execution
Foxit Reader and PhantomPDF are plagued by several high-severity flaws that, if exploited, could enable remote code execution.
π NYDFS Stresses Cybersecurity Awareness in COVID-19 Pandemic π
π Read
via "Subscriber Blog RSS Feed ".
In a reminder to regulated entities, the New York Department of Financial Services warned last week of a potential uptick in phishing, fraud, and third-party risk.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
NYDFS Stresses Cybersecurity Awareness in COVID-19 Pandemic
In a reminder to regulated entities, the New York Department of Financial Services warned last week of a potential uptick in phishing, fraud, and third-party risk.
π΄ IT Services Firm Cognizant Hit with Maze Ransomware π΄
π Read
via "Dark Reading: ".
Cognizant is working with cyber defense firms and law enforcement to investigate the attack, disclosed April 17.π Read
via "Dark Reading: ".
Dark Reading
IT Services Firm Cognizant Hit with Maze Ransomware
Cognizant is working with cyber defense firms and law enforcement to investigate the attack, disclosed April 17.
ATENTIONβΌ New - CVE-2017-18849
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by command injection. This affects D6220 before 1.0.0.26, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.12, R6400 before 1.01.24, R6400v2 before 1.0.2.30, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R6900P before 1.0.0.56, R7000 before 1.0.9.4, R7000P before 1.0.0.56, R7100LG before 1.0.0.32, R7300DST before 1.0.0.54, R7900 before 1.0.1.18, R8000 before 1.0.3.44, R8300 before 1.0.2.100_1.0.82, and R8500 before 1.0.2.100_1.0.82.π Read
via "National Vulnerability Database".