ATENTIONβΌ New - CVE-2017-13655
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-13651
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.π Read
via "National Vulnerability Database".
π΄ Planning Ahead for a Secure SAP S/4HANA Migration π΄
π Read
via "Dark Reading: ".
Experts say that the pressure to move to SAP's next-gen platform can be a big opportunity to move the needle on ERP cybersecurity.π Read
via "Dark Reading: ".
Dark Reading
Planning Ahead for a Secure SAP S/4HANA Migration
Experts say that the pressure to move to SAP's next-gen platform can be a big opportunity to move the needle on ERP cybersecurity.
π New survey shows US adults split on COVID-19 cell phone tracking and data collection π
π Read
via "Security on TechRepublic".
Governments and organizations are unleashing new technologies to fight the spread of the coronavirus, adding to privacy and data collection concerns.π Read
via "Security on TechRepublic".
TechRepublic
New survey shows US adults split on COVID-19 cell phone tracking and data collection
Governments and organizations are unleashing new technologies to fight the spread of the coronavirus, adding to privacy and data collection concerns.
ATENTIONβΌ New - CVE-2018-5484
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-13654
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-13653
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.π Read
via "National Vulnerability Database".
π 5 things developers should know about data privacy and security π
π Read
via "Security on TechRepublic".
In a post-Cambridge Analytica world, developers are more important than ever to the data privacy and security of the software they build.π Read
via "Security on TechRepublic".
TechRepublic
5 things developers should know about data privacy and security
In a post-Cambridge Analytica world, developers are more important than ever to the data privacy and security of the software they build.
π Alarming number of pharma executive login credentials available on the Dark Web π
π Read
via "Security on TechRepublic".
A new report details major vulnerabilities among the executive suite at some of the largest pharmaceutical companies.π Read
via "Security on TechRepublic".
TechRepublic
Alarming number of pharma executive login credentials available on the Dark Web
A new report details major vulnerabilities among the executive suite at some of the largest pharmaceutical companies.
β Black Hat USA, DEF CON 28 Go Virtual β
π Read
via "Threatpost".
Due to the coronavirus pandemic, there will be no in-person Black Hat USA or DEF CON conferences this year.π Read
via "Threatpost".
Threat Post
Black Hat USA, DEF CON 28 Go Virtual
Due to the coronavirus pandemic, there will be no in-person Black Hat USA or DEF CON conferences this year.
π Phishing emails caught exploiting DocuSign and COVID-19 π
π Read
via "Security on TechRepublic".
A new attack discovered by Abnormal Security aims to steal account credentials from people who use the online document signing platform.π Read
via "Security on TechRepublic".
TechRepublic
Phishing emails caught exploiting DocuSign and COVID-19
A new attack discovered by Abnormal Security aims to steal account credentials from people who use the online document signing platform.
π Capstone 4.0.2 π
π Go!
via "Security Tool Files β Packet Storm".
Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Capstone 4.0.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Zeek 3.1.3 π
π Go!
via "Security Tool Files β Packet Storm".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Zeek 3.1.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π TestSSL 3.0.2 π
π Go!
via "Security Tool Files β Packet Storm".
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
TestSSL 3.0.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π nfstream 5.1.0 π
π Go!
via "Security Tool Files β Packet Storm".
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
nfstream 5.1.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Packet Fence 10.0.1 π
π Go!
via "Security Tool Files β Packet Storm".
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Packet Fence 10.0.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2018-20225
π Read
via "National Vulnerability Database".
An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number).π Read
via "National Vulnerability Database".
π΄ Companies Struggle for Effective Cybersecurity π΄
π Read
via "Dark Reading: ".
The money companies are spending on cybersecurity tools doesn't necessarily result in better security, a new survey shows.π Read
via "Dark Reading: ".
Dark Reading
Companies Struggle for Effective Cybersecurity
The money companies are spending on cybersecurity tools doesn't necessarily result in better security, a new survey shows.
π 5 things developers should know about data privacy and security π
π Read
via "Security on TechRepublic".
In a post-Cambridge Analytica world, developers are more important than ever to the data privacy and security of the software they build.π Read
via "Security on TechRepublic".
TechRepublic
5 things developers should know about data privacy and security
In a post-Cambridge Analytica world, developers are more important than ever to the data privacy and security of the software they build.
β Monday review β the hot 16 stories of the week β
π Read
via "Naked Security".
It's weekly roundup time!π Read
via "Naked Security".
Naked Security
Monday review β the hot 16 stories of the week
Itβs weekly roundup time!
β Microsoft opens IoT bug bounty program β
π Read
via "Naked Security".
Microsoft really wants to secure the Internet of Things (IoT), and it's enlisting citizen hackers' help to do it.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News