β Ransomware Attack Takes Down Toll Group Systems, Again β
π Read
via "Threatpost".
Australian transportation company Toll Group has been hit by the Nefilim ransomware, causing customers to experience delays.π Read
via "Threatpost".
Threat Post
Ransomware Attack Takes Down Toll Group Systems, Again
Australian transportation company Toll Group has been hit by a ransomware attack for the second time in three months, causing customers to experience delays.
ATENTIONβΌ New - CVE-2019-19169
π Read
via "National Vulnerability Database".
Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-19168
π Read
via "National Vulnerability Database".
Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution.π Read
via "National Vulnerability Database".
β Firefox 76.0 released with critical security patches β update now β
π Read
via "Naked Security".
Firefox's latest version is out, with new password management features and a raft of security fixes.π Read
via "Naked Security".
Naked Security
Firefox 76.0 released with critical security patches β update now
Firefoxβs latest version is out, with new password management features and a raft of security fixes.
ATENTIONβΌ New - CVE-2019-19167
π Read
via "National Vulnerability Database".
Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method supported by Nexacro14 ActiveX Control. It allows attacker to cause remote code execution.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-19166
π Read
via "National Vulnerability Database".
Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files. It allows attacker to cause remote code execution.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-4266
π Read
via "National Vulnerability Database".
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does not have device jailbreak detection which could result in an attacker gaining sensitive information about the device. IBM X-Force ID: 160199.π Read
via "National Vulnerability Database".
β Microsoft Shells Out $100K for IoT Security β
π Read
via "Threatpost".
A three-month Azure Sphere bug-bounty challenge will offer top rewards for compromising Pluton or Secure World within Microsoft's IoT security suite.π Read
via "Threatpost".
Threat Post
Microsoft Shells Out $100K for IoT Security
A three-month bug-bounty challenge will offer top rewards for compromising Pluton or Secure World within the Azure Sphere IoT security suite.
π Healthcare organizations targeted with password spraying attacks π
π Read
via "Security on TechRepublic".
Malicious campaigns are using password spraying as a type of brute-force attack to find weak passwords at healthcare and medical facilities.π Read
via "Security on TechRepublic".
TechRepublic
Healthcare organizations targeted with password spraying attacks
Malicious campaigns are using password spraying as a type of brute-force attack to find weak passwords at healthcare and medical facilities.
π Survey: Over half of employees admit to watching adult content on work devices π
π Read
via "Security on TechRepublic".
A study from Kaspersky also reveals significant changes in the ways people work since COVID-19.π Read
via "Security on TechRepublic".
TechRepublic
Survey: Over half of employees admit to watching adult content on work devices
A study from Kaspersky also reveals significant changes in the ways people work since COVID-19.
π΄ When Achieving Deadpool Status Is a Good Thing π΄
π Read
via "Dark Reading: ".
It means attackers have been met with sufficient resistance that it's no longer worth their trouble and have moved onπ Read
via "Dark Reading: ".
Dark Reading
When Achieving Deadpool Status Is a Good Thing
It means attackers have been met with sufficient resistance that it's no longer worth their trouble and have moved on
π Coronavirus-themed spam surged 14,000% in two weeks says IBM π
π Read
via "Security on TechRepublic".
Since February, spam exploiting the novel coronavirus has jumped by 4,300% and 14,000% in the past 14 days, according to IBM X-Force, IBM's threat intelligence group.π Read
via "Security on TechRepublic".
TechRepublic
Coronavirus-themed spam surged 14,000% in two weeks says IBM
Since February, spam exploiting the novel coronavirus has jumped by 4,300% and 14,000% in the past 14 days, according to IBM X-Force, IBM's threat intelligence group.
π Zoom 5.0: How to better secure meetings with the latest features π
π Read
via "Security on TechRepublic".
With the new 5.0 version of Zoom, the app has added features to help you protect your virtual meetings from Zoombombing and other unwanted intrusion.π Read
via "Security on TechRepublic".
TechRepublic
Zoom 5.0: How to better secure meetings with the latest features
With the new 5.0 version of Zoom, the app has added features to help you protect your virtual meetings from Zoombombing and other unwanted intrusion.
π΄ The Price of Fame? Celebrities Face Unique Hacking Threats π΄
π Read
via "Dark Reading: ".
Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.π Read
via "Dark Reading: ".
Dark Reading
The Price of Fame? Celebrities Face Unique Hacking Threats
Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
π CPRA β a.k.a. CCPA 2.0 β Qualifies for 2020 Ballot π
π Read
via "Subscriber Blog RSS Feed ".
The California Privacy Rights Act, a new data privacy effort introduced to narrow the scope of the California Consumer Privacy Act, now has enough support to make it onto the November 2020 ballot.π Read
via "Subscriber Blog RSS Feed ".
π How to protect yourself from coronavirus-related SMS spam π
π Read
via "Security on TechRepublic".
Spammers are sending text messages with deceptive links designed to exploit interest and fear around COVID-19, says AdaptiveMobile Security.π Read
via "Security on TechRepublic".
TechRepublic
How to protect yourself from coronavirus-related SMS spam
Spammers are sending text messages with deceptive links designed to exploit interest and fear around COVID-19, says AdaptiveMobile Security.
β InfinityBlack Dismantled After Selling Millions of Credentials β
π Read
via "Threatpost".
In the Europol-led takedown, police shut down databases with more than 170 million entries.π Read
via "Threatpost".
Threat Post
InfinityBlack Dismantled After Selling Millions of Credentials
In the Europol-led takedown, police shut down databases with more than 170 million entries.
ATENTIONβΌ New - CVE-2018-8956
π Read
via "National Vulnerability Database".
ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker.π Read
via "National Vulnerability Database".
π΄ Microsoft Reportedly in Talks to Acquire CyberX π΄
π Read
via "Dark Reading: ".
CyberX was founded in 2013 and has raised $48 million to build its cybersecurity platform for IoT and industrial control systems.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π΄ Half of Companies Have Suffered a Cybersecurity Issue Amid COVID-19 Crisis π΄
π Read
via "Dark Reading: ".
Survey shows 49% expect to experience a data breach or cybersecurity incident in the next month.π Read
via "Dark Reading: ".
Dark Reading
Half of Companies Have Suffered a Cybersecurity Issue Amid COVID-19 Crisis
Survey shows 49% expect to experience a data breach or cybersecurity incident in the next month.
π΄ Financial Phishing Attacks Take Off, Malware Declines π΄
π Read
via "Dark Reading: ".
In the past year, the number of digital threats increased by nearly half as phishing swamped malware to become the most dominant attack technique.π Read
via "Dark Reading: ".
Dark Reading
Financial Phishing Attacks Take Off, Malware Declines
In the past year, the number of digital threats increased by nearly half as phishing swamped malware to become the most dominant attack technique.