ATENTIONβΌ New - CVE-2017-18698
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6100 before 1.0.1.20, R7800 before 1.0.2.40, and R9000 before 1.0.2.52.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18697
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52.π Read
via "National Vulnerability Database".
π΄ Find Your Framework: Thinking Fast and Slow π΄
π Read
via "Dark Reading: ".
Economist Daniel Kahneman's classic book has lessons for those in security, especially now.π Read
via "Dark Reading: ".
Dark Reading
Find Your Framework: Thinking Fast and Slow
Economist Daniel Kahneman's classic book has lessons for those in security, especially now.
π Kapersky offers free cybersecurity training to assist teams working remotely π
π Read
via "Security on TechRepublic".
Telecommuting comes with its own set of cybersecurity risks. Kaspersky has announced a free training module to help remote teams make more informed cybersecurity decisions.π Read
via "Security on TechRepublic".
TechRepublic
Kaspersky offers free cybersecurity training to assist teams working remotely
Telecommuting comes with its own set of cybersecurity risks. Kaspersky has announced a free training module to help remote teams make more informed cybersecurity decisions.
π΄ Cybercrime Group Steals $1.3M from Banks π΄
π Read
via "Dark Reading: ".
A look at how the so-called Florentine Banker Group lurked for two months in a sophisticated business email compromise attack on Israeli and UK financial companies.π Read
via "Dark Reading: ".
Dark Reading
Cybercrime Group Steals $1.3M from Banks
A look at how the so-called Florentine Banker Group lurked for two months in a sophisticated business email compromise attack on Israeli and UK financial companies.
π Adult dating site attacks targeted colleges with remote access trojan π
π Read
via "Security on TechRepublic".
Aimed at students and faculty at colleges in the US, this phishing campaign tried to infect machines with the Hupigon remote access trojan, says security provider Proofpoint.π Read
via "Security on TechRepublic".
TechRepublic
Adult dating site attacks targeted colleges with remote access trojan
Aimed at students and faculty at colleges in the US, this phishing campaign tried to infect machines with the Hupigon remote access trojan, says security provider Proofpoint.
π΄ Apple Downplays Threat Posed by Newly Disclosed Zero-Days in iOS π΄
π Read
via "Dark Reading: ".
Bugs don't pose an immediate threat, and there is no evidence they were exploited, as ZecOps claimed earlier this week, Apple says.π Read
via "Dark Reading: ".
Dark Reading
Apple Downplays Threat Posed by Newly Disclosed Zero-Days in iOS
Bugs don't pose an immediate threat, and there is no evidence they were exploited, as ZecOps claimed earlier this week, Apple says.
π Friday Five: 4/24 π
π Read
via "Subscriber Blog RSS Feed ".
267 million Facebook profiles found being sold on the dark web, the virtual NFL draft raises cybersecurity concerns, and email phishing campaigns target US healthcare providers - catch up on the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 4/24
267 million Facebook profiles found being sold on the dark web, the virtual NFL draft raises cybersecurity concerns, and email phishing campaigns target US healthcare providers - catch up on the week's news with the Friday Five.
β Latest Apple Text-Bomb Crashes iPhones via Message Notifications β
π Read
via "Threatpost".
Sindhi-language characters can crash iPhones and other iOS/macOS devices if a victim views texts, Twitter posts or messages within various apps containing them.π Read
via "Threatpost".
Threat Post
Latest Apple Text-Bomb Crashes iPhones via Message Notifications
Sindhi-language characters can crash iPhones and other iOS/macOS devices if a victim views texts, Twitter posts or messages within various apps containing them.
β SAS@home Virtual Summit Showcases New Threat Intel, Industry Changes β
π Read
via "Threatpost".
The free online conference, scheduled for April 28-30, will feature top security researchers from across the industry.π Read
via "Threatpost".
Threat Post
SAS@home Virtual Summit Showcases New Threat Intel, Industry Changes
The free online conference, scheduled for April 28-30, will feature top security researchers from across the industry.
β Single Malicious GIF Opened Microsoft Teams to Nasty Attack β
π Read
via "Threatpost".
Now patched flaw allowed attacker to take over an organizationβs entire roster of Microsoft Teams accounts.π Read
via "Threatpost".
Threat Post
Single Malicious GIF Opened Microsoft Teams to Nasty Attack
Now patched flaw allowed attacker to take over an organizationβs entire roster of Microsoft Teams accounts.
β Monday review β the hot 16 stories of the week β
π Read
via "Naked Security".
It's weekly roundup time!π Read
via "Naked Security".
Naked Security
Monday review β the hot 16 stories of the week
Itβs weekly roundup time!
β Web shell warning issued by US and Australia β
π Read
via "Naked Security".
The US NSA and its Australian counterpart the ASD have published a set of guidelines to help companies avoid a common kind of attack: web shell exploits.π Read
via "Naked Security".
Naked Security
Web shell warning issued by US and Australia
The US NSA and its Australian counterpart the ASD have published a set of guidelines to help companies avoid a common kind of attack: web shell exploits.
β Eight Common OT / Industrial Firewall Mistakes β
π Read
via "Threatpost".
Firewalls are easy to misconfigure. While the security consequences of such errors may be acceptable for some firewalls, the accumulated risks of misconfigured firewalls in a defense-in-depth OT network architecture are generally unacceptable.π Read
via "Threatpost".
Threat Post
Eight Common OT / Industrial Firewall Mistakes
While the security consequences of firewall errors may be acceptable, the combined risks of misconfigured firewalls are unacceptable.
π΄ COVID-19 Quarantine: A Unique Learning Opportunity for Defenders π΄
π Read
via "Dark Reading: ".
Use these spare moments at home to master new skills that will help protect your organization and enhance your career.π Read
via "Dark Reading: ".
Dark Reading
COVID-19 Quarantine: A Unique Learning Opportunity for Defenders
Use these spare moments at home to master new skills that will help protect your organization and enhance your career.
π Container security meets Kubernetes: What IT pros need to know π
π Read
via "Security on TechRepublic".
Docker brought containers into the enterprise; static scanning makes sure they are secure when the images are created. Who watches them when they run?π Read
via "Security on TechRepublic".
TechRepublic
Container security meets Kubernetes: What IT pros need to know
Docker brought containers into the enterprise; static scanning makes sure they are secure when the images are created. Who watches them when they run?
π URLCrazy Domain Name Typo Tool 0.7.1 π
π Go!
via "Security Tool Files β Packet Storm".
URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
URLCrazy Domain Name Typo Tool 0.7.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Bing.com Hostname / IP Enumerator 1.0.2 π
π Go!
via "Security Tool Files β Packet Storm".
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Bing.com Hostname / IP Enumerator 1.0.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π How to secure sensitive data and technology when a remote employee leaves π
π Read
via "Security on TechRepublic".
If an employee decides to pursue another job during the coronavirus pandemic, organizations must be prepared to keep proprietary data and company technology safe.π Read
via "Security on TechRepublic".
TechRepublic
How to secure sensitive data and technology when a remote employee leaves
If an employee decides to pursue another job during the coronavirus pandemic, organizations must be prepared to keep proprietary data and company technology safe.
β 5 common mistakes that lead to ransomware β
π Read
via "Naked Security".
Here are five simple tips that will help you keep ransomware out and your precious data inπ Read
via "Naked Security".
Naked Security
5 common mistakes that lead to ransomware
Here are five simple tips that will help you keep ransomware out and your precious data in
β U.S. Universities Hit With βAdult Datingβ Spear-Phishing Attack β
π Read
via "Threatpost".
More than 150,000 emails spreading the Hupigon RAT that use adult dating as a lure have been uncovered, with almost half being sent to U.S. university and college email addresses.π Read
via "Threatpost".
Threat Post
U.S. Universities Hit With βAdult Datingβ Spear-Phishing Attack
More than 150,000 emails spreading the Hupigon RAT that use adult dating as a lure have been uncovered, with almost half being sent to U.S. university and college email addresses.