β Monday review β the hot 16 stories of the week β
π Read
via "Naked Security".
It's weekly roundup time!π Read
via "Naked Security".
Naked Security
Monday review β the hot 16 stories of the week
Itβs weekly roundup time!
β Web shell warning issued by US and Australia β
π Read
via "Naked Security".
The US NSA and its Australian counterpart the ASD have published a set of guidelines to help companies avoid a common kind of attack: web shell exploits.π Read
via "Naked Security".
Naked Security
Web shell warning issued by US and Australia
The US NSA and its Australian counterpart the ASD have published a set of guidelines to help companies avoid a common kind of attack: web shell exploits.
β Eight Common OT / Industrial Firewall Mistakes β
π Read
via "Threatpost".
Firewalls are easy to misconfigure. While the security consequences of such errors may be acceptable for some firewalls, the accumulated risks of misconfigured firewalls in a defense-in-depth OT network architecture are generally unacceptable.π Read
via "Threatpost".
Threat Post
Eight Common OT / Industrial Firewall Mistakes
While the security consequences of firewall errors may be acceptable, the combined risks of misconfigured firewalls are unacceptable.
π΄ COVID-19 Quarantine: A Unique Learning Opportunity for Defenders π΄
π Read
via "Dark Reading: ".
Use these spare moments at home to master new skills that will help protect your organization and enhance your career.π Read
via "Dark Reading: ".
Dark Reading
COVID-19 Quarantine: A Unique Learning Opportunity for Defenders
Use these spare moments at home to master new skills that will help protect your organization and enhance your career.
π Container security meets Kubernetes: What IT pros need to know π
π Read
via "Security on TechRepublic".
Docker brought containers into the enterprise; static scanning makes sure they are secure when the images are created. Who watches them when they run?π Read
via "Security on TechRepublic".
TechRepublic
Container security meets Kubernetes: What IT pros need to know
Docker brought containers into the enterprise; static scanning makes sure they are secure when the images are created. Who watches them when they run?
π URLCrazy Domain Name Typo Tool 0.7.1 π
π Go!
via "Security Tool Files β Packet Storm".
URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
URLCrazy Domain Name Typo Tool 0.7.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Bing.com Hostname / IP Enumerator 1.0.2 π
π Go!
via "Security Tool Files β Packet Storm".
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Bing.com Hostname / IP Enumerator 1.0.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π How to secure sensitive data and technology when a remote employee leaves π
π Read
via "Security on TechRepublic".
If an employee decides to pursue another job during the coronavirus pandemic, organizations must be prepared to keep proprietary data and company technology safe.π Read
via "Security on TechRepublic".
TechRepublic
How to secure sensitive data and technology when a remote employee leaves
If an employee decides to pursue another job during the coronavirus pandemic, organizations must be prepared to keep proprietary data and company technology safe.
β 5 common mistakes that lead to ransomware β
π Read
via "Naked Security".
Here are five simple tips that will help you keep ransomware out and your precious data inπ Read
via "Naked Security".
Naked Security
5 common mistakes that lead to ransomware
Here are five simple tips that will help you keep ransomware out and your precious data in
β U.S. Universities Hit With βAdult Datingβ Spear-Phishing Attack β
π Read
via "Threatpost".
More than 150,000 emails spreading the Hupigon RAT that use adult dating as a lure have been uncovered, with almost half being sent to U.S. university and college email addresses.π Read
via "Threatpost".
Threat Post
U.S. Universities Hit With βAdult Datingβ Spear-Phishing Attack
More than 150,000 emails spreading the Hupigon RAT that use adult dating as a lure have been uncovered, with almost half being sent to U.S. university and college email addresses.
β Hackers Mount Zero-Day Attacks on Sophos Firewalls β
π Read
via "Threatpost".
A pre-auth SQL injection bug leading to remote code execution is at the heart of a data-stealing campaign against XG firewalls, using the Asnarok trojan.π Read
via "Threatpost".
Threat Post
Hackers Mount Zero-Day Attacks on Sophos Firewalls
A pre-auth SQL injection bug leading to remote code execution is at the heart of a data-stealing campaign against XG firewalls, using the Asnarok trojan.
π How to use the new Vivaldi tracking feature π
π Read
via "Security on TechRepublic".
The latest release of the Vivaldi web browser includes one of the easiest to use tracker blockers on the market.π Read
via "Security on TechRepublic".
TechRepublic
How to use the new Vivaldi tracking feature
The latest release of the Vivaldi web browser includes one of the easiest to use tracker blockers on the market.
π΄ Cloud Services Are the New Critical Infrastructure. Can We Rely on Them? π΄
π Read
via "Dark Reading: ".
If cloud services vendors successfully asked themselves these three questions, we'd all be better off.π Read
via "Dark Reading: ".
Dark Reading
Cloud Services Are the New Critical Infrastructure. Can We Rely on Them?
If cloud services vendors successfully asked themselves these three questions, we'd all be better off.
π How to prevent unattended SSH connections from remaining connected π
π Read
via "Security on TechRepublic".
Preventing idle SSH sessions from remaining connected is an easy way to add a bit more security to secure shell. Find out how.π Read
via "Security on TechRepublic".
TechRepublic
How to prevent unattended SSH connections from remaining connected
Preventing idle SSH sessions from remaining connected is an easy way to add a bit more security to secure shell. Find out how.
π΄ Microsoft Advisory Warns of Vulnerabilities Affecting Office π΄
π Read
via "Dark Reading: ".
The flaws exist in Autodesk's FBX Software Development Kit, which is supported in Microsoft Office 2019 and Office 365 ProPlus.π Read
via "Dark Reading: ".
Darkreading
Microsoft Advisory Warns of Vulnerabilities Affecting Office
The flaws exist in Autodesk's FBX Software Development Kit, which is supported in Microsoft Office 2019 and Office 365 ProPlus.
π Resources, Budget Remain An Issue for DPOs π
π Read
via "Subscriber Blog RSS Feed ".
In a recent survey, data protection officers cited a lack of budget and cohesion across all business units when it comes to developing an organization-wide data protection and privacy strategy as some of the role's top challenges.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Resources, Budget Remain An Issue for DPOs
In a recent survey, data protection officers cited a lack of budget and cohesion across all business units when it comes to developing an organization-wide data protection and privacy strategy as some of the role's top challenges.
π΄ Microsoft Patches Dangerous Teams Vulnerability π΄
π Read
via "Dark Reading: ".
CyberArk says issue would have allowed attackers to take over Teams accounts using a malicious GIF.π Read
via "Dark Reading: ".
Darkreading
Microsoft Patches Dangerous Teams Vulnerability
CyberArk says issue would have allowed attackers to take over Teams accounts using a malicious GIF.
π How to protect your data against the Mail.app vulnerability in Apple devices π
π Read
via "Security on TechRepublic".
A recent bug discovered can allow your device to be compromised through Apple's default Mail application, but until a patch is released, follow these steps to protect yourself.π Read
via "Security on TechRepublic".
TechRepublic
How to protect your data against the Mail.app vulnerability in Apple devices
A recent bug discovered can allow your device to be compromised through Apple's default Mail application. Until a patch is released, follow these steps to protect yourself.
β GDPR Compliance Site Leaks Git Data, Passwords β
π Read
via "Threatpost".
Researchers discovered a .git folder exposing passwords and more for a website that gives advice to organizations about complying with the General Data Protection Regulation (GDPR) rules.π Read
via "Threatpost".
Threat Post
GDPR Compliance Site Leaks Git Data, Passwords
Researchers discovered a .git folder exposing passwords and more for a website that gives advice to organizations about complying with the General Data Protection Regulation (GDPR) rules.
π΄ Attackers Target Sophos Firewalls with Zero-Day π΄
π Read
via "Dark Reading: ".
Remote exploit compromises specific configurations of XG firewalls with the intent of stealing data from the devices.π Read
via "Dark Reading: ".
Darkreading
Attackers Target Sophos Firewalls with Zero-Day
Remote exploit compromises specific configurations of XG firewalls with the intent of stealing data from the devices.
π How to securely configure screen sharing remotely on macOS Catalina π
π Read
via "Security on TechRepublic".
Apple added more security to screen sharing, so the default behavior restricts all but local users from enabling this feature. With an MDM, admins can automate this process.π Read
via "Security on TechRepublic".
TechRepublic
How to securely configure screen sharing remotely on macOS Catalina
Apple added more security to screen sharing, so the default behavior restricts all but local users from enabling this feature. With an MDM, admins can automate this process.