β Edison Mail iOS Bug Exposes Emails to Strangers β
π Read
via "Threatpost".
A bug introduced in an iOS software update on the Edison Mail app allowed emails to be viewed by strangers.π Read
via "Threatpost".
Threat Post
Edison Mail iOS Bug Exposes Emails to Strangers
A bug introduced in an iOS software update on the Edison Mail app allowed emails to be viewed by strangers.
π nfstream 5.1.1 π
π Go!
via "Security Tool Files β Packet Storm".
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
nfstream 5.1.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β The RATicate gang β implanting malware in an industry near you β
π Read
via "Naked Security".
These days, "What does this malware do?" is the question that has dozens of possible answers... here's how and why.π Read
via "Naked Security".
Naked Security
The RATicate gang β implanting malware in an industry near you
These days, βWhat does this malware do?β is the question that has dozens of possible answersβ¦ hereβs how and why.
π How to password protect your mobile Nextcloud app π
π Read
via "Security on TechRepublic".
If you use the Nextcloud mobile app, you'll want to password protect it to ensure you don't leave your sensitive data open for anyone to see.π Read
via "Security on TechRepublic".
TechRepublic
How to password protect your mobile Nextcloud app
If you use the Nextcloud mobile app, you'll want to password protect it to ensure you don't leave your sensitive data open for anyone to see.
π΄ Private Equity Firm Stalls $1.9B Forescout Acquisition π΄
π Read
via "Dark Reading: ".
Officials say "there can be no assurance" Forescout and Advent International will reach an agreement, though talks are ongoing.π Read
via "Dark Reading: ".
Dark Reading
Private Equity Firm Stalls $1.9B Forescout Acquisition
Officials say there can be no assurance Forescout and Advent International will reach an agreement, though talks are ongoing.
ATENTIONβΌ New - CVE-2019-7247
π Read
via "National Vulnerability Database".
An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x81112ee0 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-7246
π Read
via "National Vulnerability Database".
An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0. The vulnerable driver exposes a wrmsr instruction and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-19456
π Read
via "National Vulnerability Database".
A Reflected XSS was found in the server selection box inside the login page at: enginemanager/loginfailed.html in Wowza Streaming Engine <= 4.x.x.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-19454
π Read
via "National Vulnerability Database".
An arbitrary file download was found in the "Download Log" functionality of Wowza Streaming Engine <= 4.x.xπ Read
via "National Vulnerability Database".
β ProLock Ransomware Teams Up With QakBot Trojan to Infect Victims β
π Read
via "Threatpost".
ProLock is relatively new, but already the ransomware is making waves by using QakBot infections to access networks, gain persistence and avoid detection.π Read
via "Threatpost".
Threat Post
ProLock Ransomware Teams Up With QakBot Trojan to Infect Victims
ProLock is relatively new, but already the ransomware is making waves by using QakBot infections to access networks, gain persistence and avoid detection.
π Irish Data Protection Commission Issues First Fine Against State Agency π
π Read
via "Subscriber Blog RSS Feed ".
Ireland's data protection commission confirmed last week it planned to fine a state agency β¬75,000 for violating the General Data Protection Regulation, or GDPR.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Irish Data Protection Commission Issues First Fine Against State Agency
Ireland's data protection commission confirmed last week it planned to fine a state agency β¬75,000 for violating the General Data Protection Regulation, or GDPR.
π Top 5 things to know about fleeceware π
π Read
via "Security on TechRepublic".
Fleeceware is an important cybersecurity threat to be aware of. Tom Merritt offers five things you should know fleeceware apps.π Read
via "Security on TechRepublic".
TechRepublic
Top 5 things to know about fleeceware
Fleeceware is an important cybersecurity threat to be aware of. Tom Merritt offers five things you should know fleeceware apps.
π Top 5 things to know about fleeceware π
π Read
via "Security on TechRepublic".
Fleeceware is an important cybersecurity threat to be aware of. Tom Merritt offers five things you should know fleeceware apps.π Read
via "Security on TechRepublic".
TechRepublic
Top 5 things to know about fleeceware
Fleeceware is an important cybersecurity threat to be aware of. Tom Merritt offers five things you should know fleeceware apps.
β Ransomware Gang Arrested for Spreading Locky to Hospitals β
π Read
via "Threatpost".
A group of four people calling themselves "Pentaguard" were arrested in house raids.π Read
via "Threatpost".
Threat Post
Ransomware Gang Arrested for Spreading Locky to Hospitals
A group of four people calling themselves "Pentaguard" were arrested in house raids.
ATENTIONβΌ New - CVE-2019-17066
π Read
via "National Vulnerability Database".
In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights.π Read
via "National Vulnerability Database".
β Verizon Data Breach Report: DoS Skyrockets, Espionage Dips β
π Read
via "Threatpost".
Denial of Service (DoS), ransomware, and financially-motivated data breaches were the winners in this year's Verizon DBIR.π Read
via "Threatpost".
Threat Post
Verizon Data Breach Report: DoS Skyrockets, Espionage Dips
Denial of Service (DoS), ransomware, and financially-motivated data breaches were the winners in this year's Verizon DBIR.
π 86% of data breaches are conducted for financial gain π
π Read
via "Security on TechRepublic".
Increases in hacking, phishing, and cloud-based attacks have been even more prevalent with the influx of remote work, Verizon found.π Read
via "Security on TechRepublic".
TechRepublic
86% of data breaches are conducted for financial gain
Increases in hacking, phishing, and cloud-based attacks have been even more prevalent with the influx of remote work, Verizon found.
π How the dark web is handling the coronavirus pandemic π
π Read
via "Security on TechRepublic".
Many on the dark web are expressing the same thoughts and fears about COVID-19 as everyone else, while others are looking for ways to profit from it, says Trustwave.π Read
via "Security on TechRepublic".
TechRepublic
How the dark web is handling the coronavirus pandemic
Many on the dark web are expressing the same thoughts and fears about COVID-19 as everyone else, while others are looking for ways to profit from it, says Trustwave.
β Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials β
π Read
via "Threatpost".
The attack discovered by Cofense can steal sensitive user data stored on the cloud as well as find other victims to target.π Read
via "Threatpost".
Threat Post
Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials
The attack discovered by Cofense can steal sensitive user data stored on the cloud as well as find other victims to target.
π΄ Hackers Hit Food Supply Company π΄
π Read
via "Dark Reading: ".
The attackers behind the REvil ransomware family has also threatened to release personal data on Madonna and other celebrities to the highest bidders.π Read
via "Dark Reading: ".
Dark Reading
Hackers Hit Food Supply Company
The attackers behind the REvil ransomware family has also threatened to release personal data on Madonna and other celebrities to the highest bidders.