π΄ Apple iOS Zero-Day Vulnerabilities Exploited in Targeted Attacks π΄
π Read
via "Dark Reading: ".
One of the flaws is remotely exploitable with no user interaction needed, ZecOps says.π Read
via "Dark Reading: ".
Darkreading
Apple iOS Zero-Day Vulnerabilities Exploited in Targeted Attacks
One of the flaws is remotely exploitable with no user interaction needed, ZecOps says.
β Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug β
π Read
via "Threatpost".
The rapidly evolving Hoaxcalls botnet is exploiting an unpatched vulnerability in the ZyXEL Cloud CNM SecuManager in a bid to widen its spread.π Read
via "Threatpost".
Threat Post
Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug
The rapidly evolving Hoaxcalls botnet is exploiting an unpatched vulnerability in the ZyXEL Cloud CNM SecuManager in a bid to widen its spread.
π΄ IBM Cloud Data Shield Brings Confidential Computing to Public Cloud π΄
π Read
via "Dark Reading: ".
The Cloud Data Shield relies on confidential computing, which protects data while it's in use by enterprise applications.π Read
via "Dark Reading: ".
Dark Reading
IBM Cloud Data Shield Brings Confidential Computing to Public Cloud
The Cloud Data Shield relies on confidential computing, which protects data while it's in use by enterprise applications.
π΄ Attackers Prefer Ransomware to Stealing Data π΄
π Read
via "Dark Reading: ".
Financial data is still in demand, but ransomware becomes the most popular way to try to cash in from compromised companies, according to Trustwave.π Read
via "Dark Reading: ".
Dark Reading
Attackers Prefer Ransomware to Stealing Data
Financial data is still in demand, but ransomware becomes the most popular way to try to cash in from compromised companies, according to Trustwave.
β S2 Ep36: Rogue Chrome extensions, Signal fears and Darth Vader β Naked Security podcast β
π Read
via "Naked Security".
We discuss the biggest cybersecurity news stories of the week. New podcast episode out now!π Read
via "Naked Security".
Naked Security
S2 Ep36: Rogue Chrome extensions, Signal fears and Darth Vader β Naked Security podcast
We discuss the biggest cybersecurity news stories of the week. New podcast episode out now!
π Lessons learned from the Small Business Administration's data breach π
π Read
via "Security on TechRepublic".
The event impacted the accounts of almost 8,000 people. Here are tips on how to protect yourself and your organization from website breaches.π Read
via "Security on TechRepublic".
TechRepublic
Lessons learned from the Small Business Administration's data breach
The event impacted the accounts of almost 8,000 people. Here are tips on how to protect yourself and your organization from website breaches.
π How businesses and individuals can be ensnared by coronavirus-related spam π
π Read
via "Security on TechRepublic".
Many people said they would respond to emails claiming to be from the IRS or WHO, according to IBM X-Force.π Read
via "Security on TechRepublic".
TechRepublic
How businesses and individuals can be ensnared by coronavirus-related spam
Many people said they would respond to emails claiming to be from the IRS or WHO, according to IBM X-Force.
β Password-free database of exercise app Kinomap leaks 42m user records β
π Read
via "Naked Security".
It's like a cloud of personal information breathed out in a plume by a database that didn't bother to wear a mask.π Read
via "Naked Security".
Naked Security
Password-free database of exercise app Kinomap leaks 42m user records
Itβs like a cloud of personal information breathed out in a plume by a database that didnβt bother to wear a mask.
β Fake Skype, Signal Apps Used to Spread Surveillanceware β
π Read
via "Threatpost".
Threat groups are increasingly relying on trojanized apps pretending to be legitimate - such as Skype or Signal - but are really spreading surveillanceware.π Read
via "Threatpost".
Threat Post
Fake Skype, Signal Apps Used to Spread Surveillanceware
Threat groups are increasingly relying on trojanized apps pretending to be legitimate - such as Skype or Signal - but are really spreading surveillanceware.
β Trove of RubyGems malware highlights software supply chain issues β
π Read
via "Naked Security".
Ruby developers beware: a would-be cryptocurrency thief is out to get at your digital wallet, and they're using typosquatting code to do it.π Read
via "Naked Security".
Naked Security
Trove of RubyGems malware highlights software supply chain issues
Ruby developers beware: a would-be cryptocurrency thief is out to get at your digital wallet, and theyβre using typosquatting code to do it.
β Skype Phishing Attack Targets Remote Workersβ Passwords β
π Read
via "Threatpost".
Attackers are sending convincing emails that ultimately steal victims' Skype credentials.π Read
via "Threatpost".
Threat Post
Skype Phishing Attack Targets Remote Workersβ Passwords
Attackers are sending convincing emails that ultimately steal victims' Skype credentials.
π΄ The Evolving Threat of Credential Stuffing π΄
π Read
via "Dark Reading: ".
Bots' swerve to focus on APIs means businesses must take the threat seriously and take effective action.π Read
via "Dark Reading: ".
Dark Reading
The Evolving Threat of Credential Stuffing
Bots' swerve to focus on APIs means businesses must take the threat seriously and take effective action.
β A Dozen Nation-Backed APTs Tap COVID-19 to Cover Spy Attacks β
π Read
via "Threatpost".
Iran's Charming Kitten and other nation-state actors are using the coronavirus pandemic to their advantage, for espionage.π Read
via "Threatpost".
Threat Post
A Dozen Nation-Backed APTs Tap COVID-19 to Cover Spy Attacks
Iran's Charming Kitten and other nation-state actors are using the coronavirus pandemic to their advantage, for espionage.
β WHO, CDC and Bill and Melinda Gates Foundation Victims of Credential Dump, Report β
π Read
via "Threatpost".
Hackers have used credentials allegedly stolen from the WHO, CDC and other notable groups to spread coronavirus misinformation online.π Read
via "Threatpost".
Threat Post
WHO, CDC and Bill and Melinda Gates Foundation Victims of Credential Dump, Report
Hackers have used credentials allegedly stolen from the WHO, CDC and other notable groups to spread coronavirus misinformation online.
β Public Sector Ransomware Attacks Rage On: Can Your Organization Repel Them? β
π Read
via "Threatpost".
To pay or not to pay continues to be the question as ransomware targets cities, even amid COVID-19.π Read
via "Threatpost".
Threat Post
Public Sector Ransomware Attacks Rage On: Can Your Organization Repel Them?
To pay or not to pay continues to be the question as ransomware targets cities, even amid COVID-19.
β iPhone zero day β donβt panic! Hereβs what you need to know β
π Read
via "Naked Security".
A mobile phone forensics outfit looking into real-world attacks going back more than two years has uncovered two Apple Mail app bugs.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ White-Hat Hackers Help 'Fold' COVID-19 Proteins π΄
π Read
via "Dark Reading: ".
A grassroots effort provides scientists with computing power to help simulate the novel coronavirus' proteins and come up with therapeutic solutions for the disease.π Read
via "Dark Reading: ".
Dark Reading
White-Hat Hackers Help 'Fold' COVID-19 Proteins
A grassroots effort provides scientists with computing power to help simulate the novel coronavirus' proteins and come up with therapeutic solutions for the disease.
β Valve Confirms CS:GO, Team Fortress 2 Source-Code Leak β
π Read
via "Threatpost".
Leaked source code for Counter-Strike: Global Offensive and Team Fortress 2 has led to widespread gamer worries about security and cheating.π Read
via "Threatpost".
Threat Post
Valve Confirms CS:GO, Team Fortress 2 Source-Code Leak
Leaked source code for Counter-Strike: Global Offensive and Team Fortress 2 has led to widespread gamer worries about security and cheating.
π΄ Demand for Cybersecurity Jobs Declines But Still Outperforms Other Sectors π΄
π Read
via "Dark Reading: ".
While companies are cutting back on plans to hire, cybersecurity and the technology industry as a whole are doing better than the general economy.π Read
via "Dark Reading: ".
Dark Reading
Demand for Cybersecurity Jobs Declines But Still Outperforms Other Sectors
While companies are cutting back on plans to hire, cybersecurity and the technology industry as a whole are doing better than the general economy.
π΄ Resiliency: The Trait National Sporting Leagues Share with Security & IT Teams π΄
π Read
via "Dark Reading: ".
During unprecedented times such as these, both businesses and professional sports are forced to go back to basics.π Read
via "Dark Reading: ".
Dark Reading
Resiliency: The Trait National Sporting Leagues Share with Security & IT Teams - Dark Reading
During unprecedented times such as these, both businesses and professional sports are forced to go back to basics.
ATENTIONβΌ New - CVE-2017-18751
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.28, R6100 before 1.0.1.16, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.88, WNDR4300 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, and WNDR4500v3 before 1.0.0.48.π Read
via "National Vulnerability Database".