π Packet Fence 10.0.1 π
π Go!
via "Security Tool Files β Packet Storm".
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Packet Fence 10.0.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2018-20225
π Read
via "National Vulnerability Database".
An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number).π Read
via "National Vulnerability Database".
π΄ Companies Struggle for Effective Cybersecurity π΄
π Read
via "Dark Reading: ".
The money companies are spending on cybersecurity tools doesn't necessarily result in better security, a new survey shows.π Read
via "Dark Reading: ".
Dark Reading
Companies Struggle for Effective Cybersecurity
The money companies are spending on cybersecurity tools doesn't necessarily result in better security, a new survey shows.
π 5 things developers should know about data privacy and security π
π Read
via "Security on TechRepublic".
In a post-Cambridge Analytica world, developers are more important than ever to the data privacy and security of the software they build.π Read
via "Security on TechRepublic".
TechRepublic
5 things developers should know about data privacy and security
In a post-Cambridge Analytica world, developers are more important than ever to the data privacy and security of the software they build.
β Monday review β the hot 16 stories of the week β
π Read
via "Naked Security".
It's weekly roundup time!π Read
via "Naked Security".
Naked Security
Monday review β the hot 16 stories of the week
Itβs weekly roundup time!
β Microsoft opens IoT bug bounty program β
π Read
via "Naked Security".
Microsoft really wants to secure the Internet of Things (IoT), and it's enlisting citizen hackers' help to do it.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Clearview AI wonβt sell vast faceprint collection to private companies β
π Read
via "Naked Security".
β¦ nor to anybody, even law enforcement, in the place where privacy-oblivious biometrics companies are forced to their knees: Illinois.π Read
via "Naked Security".
Naked Security
Clearview AI wonβt sell vast faceprint collection to private companies
β¦ nor to anybody, even law enforcement, in the place where privacy-oblivious biometrics companies are forced to their knees: Illinois.
π Cybercriminals exploiting the coronavirus to deploy infostealers π
π Read
via "Security on TechRepublic".
These threats are designed to capture usernames, passwords, bank details, network information, and other sensitive data, says security provider Lastline.π Read
via "Security on TechRepublic".
TechRepublic
Cybercriminals exploiting the coronavirus to deploy infostealers
These threats are designed to capture usernames, passwords, bank details, network information, and other sensitive data, says security provider Lastline.
π How to use the new Vivaldi tracking feature π
π Read
via "Security on TechRepublic".
The latest release of the Vivaldi web browser includes one of the easiest to use tracker blockers on the market.π Read
via "Security on TechRepublic".
TechRepublic
How to use the new Vivaldi tracking feature
The latest release of the Vivaldi web browser includes one of the easiest to use tracker blockers on the market.
π΄ Rule of Thumb: USB Killers Pose Real Threat π΄
π Read
via "Dark Reading: ".
They look just like a USB thumb drive, but instead of storing data, they can be used to destroy it and the device the data is saved on.π Read
via "Dark Reading: ".
Dark Reading
Rule of Thumb: USB Killers Pose Real Threat
They look just like a USB thumb drive, but instead of storing data, they can be used to destroy it and the device the data is saved on.
β Celebrity personal data taken in ransomware attack β
π Read
via "Naked Security".
Ransomware crooks are apparently threatening to dump personal data for a long of celebs including Lady Gaga, Madonna, Nicki Minaj and more.π Read
via "Naked Security".
Naked Security
Celebrity personal data taken in ransomware attack
Ransomware crooks are apparently threatening to dump personal data for a long list of celebs including Lady Gaga, Madonna, Nicki Minaj and more.
β Sphinx Malware Returns to Riddle U.S. Targets β
π Read
via "Threatpost".
The banking trojan has upgraded and is seeing a resurgence on the back of coronavirus stimulus payment themes.π Read
via "Threatpost".
Threat Post
Sphinx Malware Returns to Riddle U.S. Targets
The banking trojan has upgraded and is seeing a resurgence on the back of coronavirus stimulus payment themes.
β Millions of Thunderbolt-Equipped Devices Open to βThunderSpyβ Attack β
π Read
via "Threatpost".
If an attacker can get his hands on a Thunderbolt-equipped device for five minutes, he can launch a new data-stealing attack called "Thunderspy."π Read
via "Threatpost".
Threat Post
Millions of Thunderbolt-Equipped Devices Open to βThunderSpyβ Attack
If an attacker can get his hands on a Thunderbolt-equipped device for five minutes, he can launch a new data-stealing attack called "Thunderspy."
π CISOs forced to adapt to pandemic and other geopolitical risks π
π Read
via "Security on TechRepublic".
A new report finds cyber resilience, security culture, and cloud security are hot topics for chief information security officers.π Read
via "Security on TechRepublic".
TechRepublic
CISOs forced to adapt to pandemic and other geopolitical risks
A new report finds cyber resilience, security culture, and cloud security are hot topics for chief information security officers.
π Phishing campaign caught spoofing Zoom π
π Read
via "Security on TechRepublic".
The campaign impersonates Zoom emails, but steals the Microsoft account credentials of its victims, says security firm Abnormal Security.π Read
via "Security on TechRepublic".
TechRepublic
Phishing campaign caught spoofing Zoom
The campaign impersonates Zoom emails, but steals the Microsoft account credentials of its victims, says security firm Abnormal Security.
π Survey: Teams supported by mature DevOps practices more likely to integrate automated security π
π Read
via "Security on TechRepublic".
Adding security into DevOps hasn't been as easy as automating all the things. Sonatype's survey shows the state of the industryβand what you might want to work on next.π Read
via "Security on TechRepublic".
TechRepublic
Survey: Teams supported by mature DevOps practices more likely to integrate automated security
Adding security into DevOps hasn't been as easy as automating all the things. Sonatype's survey shows the state of the industryβand what you might want to work on next.
π Time for a new job? Check out 16 cybersecurity courses on the basics, SOC skills, and new privacy rules π
π Read
via "Security on TechRepublic".
Online training classes for newbies, managers, and privacy officers are on sale this week.π Read
via "Security on TechRepublic".
TechRepublic
Time for a new job? Check out 16 cybersecurity courses on the basics, SOC skills, and new privacy rules
Online training classes for newbies, managers, and privacy officers are on sale this week.
π Kaspersky: 73% of workers have received no cybersecurity guidance π
π Read
via "Security on TechRepublic".
Millions of employees working remotely have gotten no information about how to keep their devices and home networks safe.π Read
via "Security on TechRepublic".
TechRepublic
Kaspersky: 73% of workers have received no cybersecurity guidance
Millions of employees working remotely have gotten no information about how to keep their devices and home networks safe.
ATENTIONβΌ New - CVE-2018-1285
π Read
via "National Vulnerability Database".
Apache log4net before 2.0.8 does not disable XML external entities when parsing log4net configuration files. This could allow for XXE-based attacks in applications that accept arbitrary configuration files from users.π Read
via "National Vulnerability Database".
π FTC To Review Healthcare Data Breach Notification Rule π
π Read
via "Subscriber Blog RSS Feed ".
The FTC is seeking comment on whether or not it should make changes to its Health Breach Notification Rule, a rule that compels orgs to disclose when health records are breached.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
FTC To Review Healthcare Data Breach Notification Rule
The FTC is seeking comment on whether or not it should make changes to its Health Breach Notification Rule, a rule that compels orgs to disclose when health records are breached.
π΄ Researchers Analyze Oracle WebLogic Flaw Under Attack π΄
π Read
via "Dark Reading: ".
Trend Micro researchers explain how attackers bypassed the patch for a deserialization vulnerability in the Oracle WebLogic Server.π Read
via "Dark Reading: ".
Dark Reading
Researchers Analyze Oracle WebLogic Flaw Under Attack
Trend Micro researchers explain how attackers bypassed the patch for a deserialization vulnerability in the Oracle WebLogic Server.