β Warning! Fake Zoom βHR meetingβ emails phish for your password β
π Read
via "Naked Security".
Scammers have turned to employment worries as their latest lure for Zoom phishing scams.π Read
via "Naked Security".
Naked Security
Warning! Fake Zoom βHR meetingβ emails phish for your password
Scammers have turned to employment worries as their latest lure for Zoom phishing scams.
β βEvil GIFβ account takeover flaw patched in Teams β
π Read
via "Naked Security".
Microsoft has fixed a flaw in Teams that could have allowed attackers to launch a wormlike attack on multiple accounts by sending one victim a malicious GIF image.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Coronavirus tracking tool from Apple and Google embraced by Germany β
π Read
via "Naked Security".
Germany's ditched a homegrown alternative that featured a centralized database of location data, raising privacy concerns.π Read
via "Naked Security".
Naked Security
Coronavirus tracking tool from Apple and Google embraced by Germany
Germanyβs ditched a homegrown alternative that featured a centralized database of location data, raising privacy concerns.
β Troves of Zoom Credentials Shared on Hacker Forums β
π Read
via "Threatpost".
Several new databases have been uncovered on underground forums sharing recycled Zoom credentials.π Read
via "Threatpost".
Threat Post
Troves of Zoom Credentials Shared on Hacker Forums
Several new databases have been uncovered on underground forums sharing recycled Zoom credentials.
π΄ New Startup Accurics Tackles Cloud Infrastructure Security π΄
π Read
via "Dark Reading: ".
Accurics offers a free product to prevent "drift" between infrastructure defined through code and infrastructure running in the cloud.π Read
via "Dark Reading: ".
Dark Reading
New Startup Accurics Tackles Cloud Infrastructure Security
Accurics offers a free product to prevent drift between infrastructure defined through code and infrastructure running in the cloud.
π Android ransomware attack spoofs the FBI with accusation of pornography π
π Read
via "Security on TechRepublic".
The attack accuses victims of possessing pornography, encrypts all files on the device, and then instructs them to pay a fine to unlock the data, according to Check Point Research.π Read
via "Security on TechRepublic".
TechRepublic
Android ransomware attack spoofs the FBI with accusation of pornography
The attack accuses victims of possessing pornography, encrypts all files on the device, and then instructs them to pay a fine to unlock the data, according to Check Point Research.
π΄ What's Your Cybersecurity Architecture Integration Business Plan? π΄
π Read
via "Dark Reading: ".
To get the most out of your enterprise cybersecurity products, they need to work together. But getting those products talking to each other isn't easy.π Read
via "Dark Reading: ".
Dark Reading
What's Your Cybersecurity Architecture Integration Business Plan?
To get the most out of your enterprise cybersecurity products, they need to work together. But getting those products talking to each other isn't easy.
π΄ Security Pros Reassigned to IT Tasks in Coronavirus Pandemic π΄
π Read
via "Dark Reading: ".
Most security practitioners surveyed say their job functions have changed during the pandemic, and 90% are now working remotely full time.π Read
via "Dark Reading: ".
Dark Reading
Security Pros Reassigned to IT Tasks in Coronavirus Pandemic
Most security practitioners surveyed say their job functions have changed during the pandemic, and 90% are now working remotely full time.
π Suricata IDPE 5.0.3 π
π Go!
via "Security Tool Files β Packet Storm".
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Suricata IDPE 5.0.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Sophisticated Android Spyware Attack Spreads via Google Play β
π Read
via "Threatpost".
The PhantomLance espionage campaign is targeting specific victims, mainly in Southeast Asia -- and could be the work of the OceanLotus APT.π Read
via "Threatpost".
Threat Post
Sophisticated Android Spyware Attack Spreads via Google Play
The PhantomLance espionage campaign is targeting specific victims, mainly in Southeast Asia β and could be the work of the OceanLotus APT.
β WordPress Plugin Bug Opens 100K Websites to Compromise β
π Read
via "Threatpost".
Legions of website visitors could be infected with drive-by malware, among other issues, thanks to a CSRF bug in Real-Time Search and Replace.π Read
via "Threatpost".
Threat Post
WordPress Plugin Bug Opens 100K Websites to Compromise
Legions of website visitors could be infected with drive-by malware, among other issues, thanks to a CSRF bug in Real-Time Search and Replace.
π Research shows malware is easy to buy, own, and deploy π
π Read
via "Security on TechRepublic".
With just a few Bitcoins and a quick search of Dark Web marketplaces, bad actors can become the owners of powerfully malicious tools.π Read
via "Security on TechRepublic".
TechRepublic
Research shows malware is easy to buy, own, and deploy | TechRepublic
With just a few Bitcoins and a quick search of Dark Web marketplaces, bad actors can become the owners of powerfully malicious tools.
π Tech company offers free online cybersecurity training courses π
π Read
via "Security on TechRepublic".
Conscious of the state of employment during the pandemic, as well as after, Fortinet offers an opportunity to build skill sets from home.π Read
via "Security on TechRepublic".
TechRepublic
Tech company offers free online cybersecurity training courses
Conscious of the state of employment during the pandemic, as well as after, Fortinet offers an opportunity to build skill sets from home.
π Cybersecurity professionals are being repurposed during COVID-19 pandemic π
π Read
via "Security on TechRepublic".
47% of respondents have been temporarily moved to assist with IT-related tasks during remote work, (ISC)2 survey finds.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity professionals are being repurposed during COVID-19 pandemic
47% of respondents have been temporarily moved to assist with IT-related tasks during remote work, (ISC)2 survey finds.
β iPhone βword of deathβ could crash your phone β what you need to know β
π Read
via "Naked Security".
Yes, a rogue "word" could freeze up your iPhone - but it's not malware, it doesn't steal data and doesn't do permanent damage.π Read
via "Naked Security".
Naked Security
iPhone βword of deathβ could crash your phone β what you need to know
Yes, a rogue βwordβ could freeze up your iPhone β but itβs not malware, it doesnβt steal data and doesnβt do permanent damage.
β Hackers Leak Biopharmaceutical Firmβs Data Stolen in Ransomware Attack β
π Read
via "Threatpost".
The Clop ransomware group has reportedly leaked compromised data of biopharmaceutical company ExecuPharm after a recent cyberattack.π Read
via "Threatpost".
Threat Post
Hackers Leak Biopharmaceutical Firmβs Data Stolen in Ransomware Attack
The Clop ransomware group has reportedly leaked compromised data of biopharmaceutical company ExecuPharm after a recent cyberattack.
π Mozilla ranks video call apps by security and privacy features π
π Read
via "Security on TechRepublic".
12 of the 15 most popular video call apps meet Mozilla's Minimum Security Standards, according to a new report.π Read
via "Security on TechRepublic".
TechRepublic
Mozilla ranks video call apps by security and privacy features
12 of the 15 most popular video call apps meet Mozilla's Minimum Security Standards, according to a new report.
π΄ Increased Credential Threats in the Age of Uncertainty π΄
π Read
via "Dark Reading: ".
Three things your company should do to protect credentials during the coronavirus pandemic.π Read
via "Dark Reading: ".
Dark Reading
Increased Credential Threats in the Age of Uncertainty
Three things your company should do to protect credentials during the coronavirus pandemic.
ATENTIONβΌ New - CVE-2016-11060
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by insecure renegotiation. This affects SRX5308 before 2017-02-10, FVS336Gv3 before 2017-02-10, FVS318N before 2017-02-10, and FVS318Gv2 before 2017-02-10.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-11059
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-11058
π Read
via "National Vulnerability Database".
The NETGEAR genie application before 2.4.34 for Android is affected by mishandling of hard-coded API keys and session IDs.π Read
via "National Vulnerability Database".