π΄ Zoom Installers Used to Spread WebMonitor RAT π΄
π Read
via "Dark Reading: ".
Researchers warn the installers are legitimate but don't come from official sources of the Zoom app, including the Apple App Store and Google Play.π Read
via "Dark Reading: ".
Dark Reading
Zoom Installers Used to Spread WebMonitor RAT
Researchers warn the installers are legitimate but don't come from official sources of the Zoom app, including the Apple App Store and Google Play.
π New Data Protection Act Would Regulate COVID-19 Tracing Apps π
π Read
via "Subscriber Blog RSS Feed ".
The act would require βaffirmative express consentβ for transferring any health, location and proximity data, and allow individuals to opt out of data collection.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
New Data Protection Act Would Regulate COVID-19 Tracing Apps
The act would require βaffirmative express consentβ for transferring any health, location and proximity data, and allow individuals to opt out of data collection.
ATENTIONβΌ New - CVE-2017-18774
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6100 before 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 before 1.0.2.90, and WNDR4500v3 before 1.0.0.48.π Read
via "National Vulnerability Database".
π Ransomware attack on Colorado hospital highlights fears of more healthcare hostage situations π
π Read
via "Security on TechRepublic".
Cybercriminals are making millions by holding the data of healthcare institutions hostage until they get paid.π Read
via "Security on TechRepublic".
TechRepublic
Ransomware attack on Colorado hospital highlights fears of more healthcare hostage situations
Cybercriminals are making millions by holding the data of healthcare institutions hostage until they get paid.
π sshprank 1.1.1 π
π Go!
via "Security Tool Files β Packet Storm".
sshprank is a fast SSH mass-scanner, login cracker, and banner grabber tool using the python-masscan and shodan modules.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
sshprank 1.1.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π SQLMAP - Automatic SQL Injection Tool 1.4.5 π
π Go!
via "Security Tool Files β Packet Storm".
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
SQLMAP - Automatic SQL Injection Tool 1.4.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2017-18771
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by stored XSS. This affects R9000 before 1.0.2.40, R6100 before 1.0.1.1, 6R7500 before 1.0.0.110, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, WNDR4300v2 before 1.0.0.48, and WNR2000v5 before 1.0.0.58.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18760
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18753
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects: D6220, running firmware versions prior to 1.0.0.40 D8500, running firmware versions prior to 1.0.3.39 EX3700, running firmware versions prior to 1.0.0.70 EX3800, running firmware versions prior to 1.0.0.70 EX6000, running firmware versions prior to 1.0.0.30 EX6100, running firmware versions prior to 1.0.2.22 EX6120, running firmware versions prior to 1.0.0.40 EX6130, running firmware versions prior to 1.0.0.22 EX6150v1, running firmware versions prior to 1.0.0.42 EX6200, running firmware versions prior to 1.0.3.88 EX7000, running firmware versions prior to 1.0.0.66 R6300v2, running firmware versions prior to 1.0.4.18 R6400, running firmware versions prior to 1.0.1.24 R6400v2, running firmware versions prior to 1.0.2.32 R6700, running firmware versions prior to 1.0.1.22 R6700v3, running firmware versions prior to 1.0.2.32 R6900, running firmware versions prior to 1.0.1.22 R7000, running firmware versions prior to 1.0.9.6 R6900P, running firmware versions prior to 1.0.0.56 R7000P, running firmware versions prior to 1.0.0.56 R7100LG, running firmware versions prior to 1.0.0.42 R7300DST, running firmware versions prior to 1.0.0.54 R7900, running firmware versions prior to 1.0.1.26 R8300, running firmware versions prior to 1.0.2.106 R8500, running firmware versions prior to 1.0.2.106 WN2500RPv2, running firmware versions prior to 1.0.1.54 WNR3500Lv2, running firmware versions prior to 1.2.0.46π Read
via "National Vulnerability Database".
π Nearly 2,000 malicious COVID-19-themed domains created every day π
π Read
via "Security on TechRepublic".
More than 86,600 new domains related to the pandemic are considered "risky" or "malicious," according to a new report.π Read
via "Security on TechRepublic".
TechRepublic
Nearly 2,000 malicious COVID-19-themed domains created every day
More than 86,600 new domains related to the pandemic are considered "risky" or "malicious," according to a new report.
β Hackers Exploit Critical Flaw in Ghost Platform with Cryptojacking Attack β
π Read
via "Threatpost".
Hackers targeted Ghost on Sunday, in a cryptocurrency mining attack that caused widespread outages.π Read
via "Threatpost".
Threat Post
Hackers Exploit Critical Flaw in Ghost Platform with Cryptojacking Attack
Hackers targeted Ghost on Sunday, in a cryptocurrency mining attack that caused widespread outages.
π΄ Attackers Exploit SaltStack Flaws to Compromise Open Source OS & Blogging Platform π΄
π Read
via "Dark Reading: ".
Intruders gained access to core systems at the Android-based LineageOS project and the Ghost platform.π Read
via "Dark Reading: ".
Dark Reading
Attackers Exploit SaltStack Flaws to Compromise Open Source OS & Blogging Platform
Intruders gained access to core systems at the Android-based LineageOS project and the Ghost platform.
π COVID-19: How universities made the pivot to e-learning π
π Read
via "Security on TechRepublic".
One Rhode Island university has transitioned nearly seamlessly into remote learning. Here's how they did it safely and effectively.π Read
via "Security on TechRepublic".
TechRepublic
COVID-19: How universities made the pivot to e-learning
One Rhode Island university has transitioned nearly seamlessly into remote learning. Here's how they did it safely and effectively.
π΄ How InfoSec Pros Can Help Healthcare During the Coronavirus Pandemic π΄
π Read
via "Dark Reading: ".
Security pros are banding together to ensure healthcare facilities can focus on saving lives instead of defending against cyber attacks. Here are a few places you can volunteer your services.π Read
via "Dark Reading: ".
Dark Reading
How InfoSec Pros Can Help Healthcare During the Coronavirus Pandemic
Security pros are banding together to ensure healthcare facilities can focus on saving lives instead of defending against cyber attacks. Here are a few places you can volunteer your services.
π΄ SMB Security Catches Up to Large Companies, Data Shows π΄
π Read
via "Dark Reading: ".
Small and midsize businesses face issues similar to those of large organizations and have updated security practices to respond with threat hunting, patch management, and dedicated personnel.π Read
via "Dark Reading: ".
Dark Reading
SMB Security Catches Up to Large Companies, Data Shows
Small and midsize businesses face issues similar to those of large organizations and have updated security practices to respond with threat hunting, patch management, and dedicated personnel.
π΄ Stay-at-Home Students Offered Lessons to Boost Cybersecurity π΄
π Read
via "Dark Reading: ".
Stuck at home with a primary- or secondary-school student? Organizations from professional training groups to national governments are teaming up to offer virtual cybersecurity training for teens -- in some cases, for free.π Read
via "Dark Reading: ".
Dark Reading
Stay-at-Home Students Offered Lessons to Boost Cybersecurity
Stuck at home with a primary- or secondary-school student? Organizations from professional training groups to national governments are teaming up to offer virtual cybersecurity training for teens -- in some cases, for free.
β Airplane Hack Exposes Weaknesses of Alert and Avoidance Systems β
π Read
via "Threatpost".
Researchers warn commercial airplane systems can be spoofed impacting flight safety of nearby aircraft.π Read
via "Threatpost".
Threat Post
Airplane Hack Exposes Weaknesses of Alert and Avoidance Systems
Researchers warn commercial airplane systems can be spoofed impacting flight safety of nearby aircraft.
β Reveal the identities of alleged pirates, court tells ISP β
π Read
via "Naked Security".
It's not the first ISP to be held accountable for alleged piracy: Cox is looking at a $1b damage order.π Read
via "Naked Security".
Naked Security
Reveal the identities of alleged pirates, court tells ISP
Itβs not the first ISP to be held accountable for alleged piracy: Cox is looking at a $1b damage order.