β Scammers target COVID-19 CARES Act relief scheme β
π Read
via "Naked Security".
US states are being flooded by fraudulent unemployment applications in a scam run by a sophisticated cybergang.π Read
via "Naked Security".
Naked Security
Scammers target COVID-19 CARES Act relief scheme
US states are being flooded by fraudulent unemployment applications in a scam run by a sophisticated cybergang.
π΄ Most Bluetooth Devices Vulnerable to Impersonation Attacks π΄
π Read
via "Dark Reading: ".
Vulnerabilities in the Bluetooth authentication process give attackers a way to insert rogue devices between two securely paired devices, academic researchers find.π Read
via "Dark Reading: ".
Dark Reading
Most Bluetooth Devices Vulnerable to Impersonation Attacks
Vulnerabilities in the Bluetooth authentication process give attackers a way to insert rogue devices between two securely paired devices, academic researchers find.
β Adobe βout of bandβ critical patch β get your update now! β
π Read
via "Naked Security".
Looks as though at least one of these patches was supposed to come out a week ago but ended up delayed until now...π Read
via "Naked Security".
Naked Security
Adobe βout of bandβ critical patch β get your update now!
Looks as though at least one of these patches was supposed to come out a week ago but ended up delayed until nowβ¦
β S2 Ep 40: Demonic printers, a sleazy stalker and 10 reasons to patch β Naked Security Podcast β
π Read
via "Naked Security".
This week we discuss a customer who went to Subway for a sandwich and left with a stalker, demon printers and the things you should patch now. I host the show this week with Sophos experts Mark Stockley, Paul Ducklin and Greg Iddon. Listen now! LISTEN NOW Click-and-drag on the soundwaves below to skip to [β¦]π Read
via "Naked Security".
Naked Security
S2 Ep 40: Demonic printers, a sleazy stalker and 10 reasons to patch β Naked Security Podcast
This week we discuss a customer who went to Subway for a sandwich and left with a stalker, demon printers and the things you should patch now. I host the show this week with Sophos experts Mark Stoβ¦
π΄ The Need for Compliance in a Post-COVID-19 World π΄
π Read
via "Dark Reading: ".
With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That's a big mistake.π Read
via "Dark Reading: ".
Dark Reading
The Need for Compliance in a Post-COVID-19 World
With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That's a big mistake.
β Silent Night Banking Trojan Charges Top Dollar on the Underground β
π Read
via "Threatpost".
The malware-as-a-service is advanced, obfuscated and modular -- and built for mass campaigns.π Read
via "Threatpost".
Threat Post
Silent Night Banking Trojan Charges Top Dollar on the Underground
The malware-as-a-service is advanced, obfuscated and modular β and built for mass campaigns.
β Critical Cisco Bug in Unified CCX Allows Remote Code Execution β
π Read
via "Threatpost".
Cisco has fixed a critical remote code-execution flaw in its popular customer interaction management solution.π Read
via "Threatpost".
Threat Post
Critical Cisco Bug in Unified CCX Allows Remote Code Execution
Cisco has fixed a critical remote code execution flaw in its popular customer interaction management solution.
π How Home Chef's sensitive customer data was compromised by a cyberattack π
π Read
via "Security on TechRepublic".
Stolen in a recent breach, the names, email addresses, encrypted passwords, and other data of Home Chef customers are being sold on the Dark Web.π Read
via "Security on TechRepublic".
TechRepublic
How Home Chef's sensitive customer data was compromised by a cyberattack
Stolen in a recent breach, the names, email addresses, encrypted passwords, and other data of Home Chef customers are being sold on the Dark Web.
π Cybersecurity and remote work: How workers are handling the shift π
π Read
via "Security on TechRepublic".
Working remotely presents key security challenges, but employees may actually be following security rules more carefully when working from home, says 1Password.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity and remote work: How workers are handling the shift
Working remotely presents key security challenges, but employees may actually be following security rules more carefully when working from home, says 1Password.
π Virtual Cybersecurity Events in 2020 π
π Read
via "Subscriber Blog RSS Feed ".
Many infosec conferences are going virtual in 2020 due to the COVID-19 pandemic. Is your favorite conference going virtual? Check out our list of events and update your calendar!π Read
via "Subscriber Blog RSS Feed ".
π΄ How an Industry Consortium Can Reinvent Security Solution Testing π΄
π Read
via "Dark Reading: ".
By committing to independent testing to determine value, vendors will ensure that their products do what they say they do.π Read
via "Dark Reading: ".
Dark Reading
How an Industry Consortium Can Reinvent Security Solution Testing
By committing to independent testing to determine value, vendors will ensure that their products do what they say they do.
ATENTIONβΌ New - CVE-2020-10738
π Read
via "National Vulnerability Database".
A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remote code execution.π Read
via "National Vulnerability Database".
β Long Tail Analysis: A New Hope in the Cybercrime Battle β
π Read
via "Threatpost".
Looking for niche anomalies in an automated way with AI and machine learning is the future.π Read
via "Threatpost".
Threat Post
Long Tail Analysis: A New Hope in the Cybercrime Battle
Looking for niche anomalies in an automated way with AI and machine learning is the future.
π1
π΄ Telcos Become Richer Hacking Targets π΄
π Read
via "Dark Reading: ".
The shift of moving telecommunications networks toward more commercial networking equipment and systems also expanded their attack surface.π Read
via "Dark Reading: ".
Dark Reading
Telcos Become Richer Hacking Targets
The shift of moving telecommunications networks toward more commercial networking equipment and systems also expanded their attack surface.
π΄ Hackers Serve Up Stolen Credentials from Home Chef π΄
π Read
via "Dark Reading: ".
Some 8 million of the meal delivery company's customer records have been offered for sale on the Dark Web.π Read
via "Dark Reading: ".
Dark Reading
Hackers Serve Up Stolen Credentials from Home Chef
Some 8 million of the meal delivery company's customer records have been offered for sale on the Dark Web.
π΄ Web Scrapers Have Bigger-Than-Perceived Impact on Digital Businesses π΄
π Read
via "Dark Reading: ".
The economic impact of bot traffic can be unexpectedly substantial, a PerimeterX-commissioned study finds.π Read
via "Dark Reading: ".
Dark Reading
Web Scrapers Have Bigger-Than-Perceived Impact on Digital Businesses
The economic impact of bot traffic can be unexpectedly substantial, a PerimeterX-commissioned study finds.
π΄ Security 101: Cross-Site Scripting π΄
π Read
via "Dark Reading: ".
Cross-site scripting has been around longer than most security professionals have been on the job. Why is it still such an issue when we've known about it for so long?π Read
via "Dark Reading: ".
Dark Reading
Security 101: Cross-Site Scripting
Cross-site scripting has been around longer than most security professionals have been on the job. Why is it still such an issue when we've known about it for so long?
ATENTIONβΌ New - CVE-2017-18868
π Read
via "National Vulnerability Database".
Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-1037
π Read
via "National Vulnerability Database".
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-1035
π Read
via "National Vulnerability Database".
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1058, CVE-2020-1060, CVE-2020-1093.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-1028
π Read
via "National Vulnerability Database".
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1126, CVE-2020-1136, CVE-2020-1150.π Read
via "National Vulnerability Database".