ATENTIONβΌ New - CVE-2017-18701
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by reflected XSS. This affects R6700 before 1.0.1.36 and R6900 before 1.0.1.34.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18700
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8300 before 1.0.2.106, R8500 before 1.0.2.106, R9000 before 1.0.2.52, WNDR3400v3 before 1.0.1.16, WNR3500Lv2 before 1.2.0.46, and WNDR3700v5 before 1.1.0.48.π Read
via "National Vulnerability Database".
π How to protect your Nintendo account after the recent data breach π
π Read
via "Security on TechRepublic".
A breach has impacted the accounts of some 160,000 Nintendo users. Here's what to do if you're one of them.π Read
via "Security on TechRepublic".
TechRepublic
How to protect your Nintendo account after the recent data breach
A breach has impacted the accounts of some 160,000 Nintendo users. Here's what to do if you're one of them.
ATENTIONβΌ New - CVE-2017-18699
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18698
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6100 before 1.0.1.20, R7800 before 1.0.2.40, and R9000 before 1.0.2.52.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18697
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52.π Read
via "National Vulnerability Database".
π΄ Find Your Framework: Thinking Fast and Slow π΄
π Read
via "Dark Reading: ".
Economist Daniel Kahneman's classic book has lessons for those in security, especially now.π Read
via "Dark Reading: ".
Dark Reading
Find Your Framework: Thinking Fast and Slow
Economist Daniel Kahneman's classic book has lessons for those in security, especially now.
π Kapersky offers free cybersecurity training to assist teams working remotely π
π Read
via "Security on TechRepublic".
Telecommuting comes with its own set of cybersecurity risks. Kaspersky has announced a free training module to help remote teams make more informed cybersecurity decisions.π Read
via "Security on TechRepublic".
TechRepublic
Kaspersky offers free cybersecurity training to assist teams working remotely
Telecommuting comes with its own set of cybersecurity risks. Kaspersky has announced a free training module to help remote teams make more informed cybersecurity decisions.
π΄ Cybercrime Group Steals $1.3M from Banks π΄
π Read
via "Dark Reading: ".
A look at how the so-called Florentine Banker Group lurked for two months in a sophisticated business email compromise attack on Israeli and UK financial companies.π Read
via "Dark Reading: ".
Dark Reading
Cybercrime Group Steals $1.3M from Banks
A look at how the so-called Florentine Banker Group lurked for two months in a sophisticated business email compromise attack on Israeli and UK financial companies.
π Adult dating site attacks targeted colleges with remote access trojan π
π Read
via "Security on TechRepublic".
Aimed at students and faculty at colleges in the US, this phishing campaign tried to infect machines with the Hupigon remote access trojan, says security provider Proofpoint.π Read
via "Security on TechRepublic".
TechRepublic
Adult dating site attacks targeted colleges with remote access trojan
Aimed at students and faculty at colleges in the US, this phishing campaign tried to infect machines with the Hupigon remote access trojan, says security provider Proofpoint.
π΄ Apple Downplays Threat Posed by Newly Disclosed Zero-Days in iOS π΄
π Read
via "Dark Reading: ".
Bugs don't pose an immediate threat, and there is no evidence they were exploited, as ZecOps claimed earlier this week, Apple says.π Read
via "Dark Reading: ".
Dark Reading
Apple Downplays Threat Posed by Newly Disclosed Zero-Days in iOS
Bugs don't pose an immediate threat, and there is no evidence they were exploited, as ZecOps claimed earlier this week, Apple says.
π Friday Five: 4/24 π
π Read
via "Subscriber Blog RSS Feed ".
267 million Facebook profiles found being sold on the dark web, the virtual NFL draft raises cybersecurity concerns, and email phishing campaigns target US healthcare providers - catch up on the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 4/24
267 million Facebook profiles found being sold on the dark web, the virtual NFL draft raises cybersecurity concerns, and email phishing campaigns target US healthcare providers - catch up on the week's news with the Friday Five.
β Latest Apple Text-Bomb Crashes iPhones via Message Notifications β
π Read
via "Threatpost".
Sindhi-language characters can crash iPhones and other iOS/macOS devices if a victim views texts, Twitter posts or messages within various apps containing them.π Read
via "Threatpost".
Threat Post
Latest Apple Text-Bomb Crashes iPhones via Message Notifications
Sindhi-language characters can crash iPhones and other iOS/macOS devices if a victim views texts, Twitter posts or messages within various apps containing them.
β SAS@home Virtual Summit Showcases New Threat Intel, Industry Changes β
π Read
via "Threatpost".
The free online conference, scheduled for April 28-30, will feature top security researchers from across the industry.π Read
via "Threatpost".
Threat Post
SAS@home Virtual Summit Showcases New Threat Intel, Industry Changes
The free online conference, scheduled for April 28-30, will feature top security researchers from across the industry.
β Single Malicious GIF Opened Microsoft Teams to Nasty Attack β
π Read
via "Threatpost".
Now patched flaw allowed attacker to take over an organizationβs entire roster of Microsoft Teams accounts.π Read
via "Threatpost".
Threat Post
Single Malicious GIF Opened Microsoft Teams to Nasty Attack
Now patched flaw allowed attacker to take over an organizationβs entire roster of Microsoft Teams accounts.
β Monday review β the hot 16 stories of the week β
π Read
via "Naked Security".
It's weekly roundup time!π Read
via "Naked Security".
Naked Security
Monday review β the hot 16 stories of the week
Itβs weekly roundup time!
β Web shell warning issued by US and Australia β
π Read
via "Naked Security".
The US NSA and its Australian counterpart the ASD have published a set of guidelines to help companies avoid a common kind of attack: web shell exploits.π Read
via "Naked Security".
Naked Security
Web shell warning issued by US and Australia
The US NSA and its Australian counterpart the ASD have published a set of guidelines to help companies avoid a common kind of attack: web shell exploits.
β Eight Common OT / Industrial Firewall Mistakes β
π Read
via "Threatpost".
Firewalls are easy to misconfigure. While the security consequences of such errors may be acceptable for some firewalls, the accumulated risks of misconfigured firewalls in a defense-in-depth OT network architecture are generally unacceptable.π Read
via "Threatpost".
Threat Post
Eight Common OT / Industrial Firewall Mistakes
While the security consequences of firewall errors may be acceptable, the combined risks of misconfigured firewalls are unacceptable.
π΄ COVID-19 Quarantine: A Unique Learning Opportunity for Defenders π΄
π Read
via "Dark Reading: ".
Use these spare moments at home to master new skills that will help protect your organization and enhance your career.π Read
via "Dark Reading: ".
Dark Reading
COVID-19 Quarantine: A Unique Learning Opportunity for Defenders
Use these spare moments at home to master new skills that will help protect your organization and enhance your career.
π Container security meets Kubernetes: What IT pros need to know π
π Read
via "Security on TechRepublic".
Docker brought containers into the enterprise; static scanning makes sure they are secure when the images are created. Who watches them when they run?π Read
via "Security on TechRepublic".
TechRepublic
Container security meets Kubernetes: What IT pros need to know
Docker brought containers into the enterprise; static scanning makes sure they are secure when the images are created. Who watches them when they run?
π URLCrazy Domain Name Typo Tool 0.7.1 π
π Go!
via "Security Tool Files β Packet Storm".
URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
URLCrazy Domain Name Typo Tool 0.7.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers