π΄ How to Pay a Ransom: A Step-By-Step Guide for Something You'd Never Do π΄
π Read
via "Dark Reading: ".
Even prior to the COVID-19 pandemic, ransomware attacks were on the rise and becoming more expensive. Now your, um, friend's organization has fallen victim and is going to pay. Here's how they should handle it.π Read
via "Dark Reading: ".
Dark Reading
How to Pay a Ransom: A Step-By-Step Guide for Something You'd Never Do
Even prior to the COVID-19 pandemic, ransomware attacks were on the rise and becoming more expensive. Now your, um, friend's organization has fallen victim and is going to pay. Here's how they should handle it.
π COVID-19 Forcing Countries to Reshuffle Data Protection Regulations π
π Read
via "Subscriber Blog RSS Feed ".
The COVID-19 pandemic has forced some countries to consider delaying data protection law implementation.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
COVID-19 Forcing Countries to Reshuffle Data Protection Regulations
The COVID-19 pandemic has forced some countries to consider delaying data protection law implementation.
β Apple sends out 11 security alerts β get your fixes now! β
π Read
via "Naked Security".
Apple's current round of updates have been officially anounced in the company's latest Security Advisory emails.π Read
via "Naked Security".
Naked Security
Apple sends out 11 security alerts β get your fixes now!
Appleβs current round of updates have been officially anounced in the companyβs latest Security Advisory emails.
π΄ Microsoft Shares PonyFinal Threat Data, Warns of Delivery Tactics π΄
π Read
via "Dark Reading: ".
PonyFinal is deployed in human-operated ransomware attacks, in which adversaries tailor their techniques based on knowledge of a target system.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π OpenSSH 8.3p1 π
π Go!
via "Security Tool Files β Packet Storm".
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
OpenSSH 8.3p1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Chameleon Mini Smartcard Emulator Iceman Fork Gray GUI 1.3 π
π Go!
via "Security Tool Files β Packet Storm".
Firmware for the ChameleonMini RevE rebooted device. It compiles without errors or warnings and gives you more or less the same functionality as the stock firmware. This version compiles and gives you the same functionality (and more) as the original Chameleon Mini rebooted GUI.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Chameleon Mini Smartcard Emulator Iceman Fork Gray GUI 1.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2020-13253
π Read
via "National Vulnerability Database".
sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.π Read
via "National Vulnerability Database".
β β[F]Unicornβ Ransomware Impersonates Legit COVID-19 Contact-Tracing App β
π Read
via "Threatpost".
The new malware family was seen pretending to be an official Italian app, called Immuni.π Read
via "Threatpost".
Threat Post
β[F]Unicornβ Ransomware Impersonates Legit COVID-19 Contact-Tracing App
The new malware family was seen pretending to be an official Italian app, called Immuni.
π΄ GDPR Enforcement Loosens Amid Pandemic π΄
π Read
via "Dark Reading: ".
The European Union has given some organizations more breathing room to remedy violations, yet no one should think regulators are planning to abandon the privacy legislation in the face of COVID-19.π Read
via "Dark Reading: ".
Dark Reading
GDPR Enforcement Loosens Amid Pandemic
The European Union has given some organizations more breathing room to remedy violations, yet no one should think regulators are planning to abandon the privacy legislation in the face of COVID-19.
π΄ Standing Privilege: The Attacker's Advantage π΄
π Read
via "Dark Reading: ".
The credential is a commodity and will continue to be breached. As a result, focus and spending must shift toward the access that the credentials provide.π Read
via "Dark Reading: ".
Dark Reading
Standing Privilege: The Attacker's Advantage
The credential is a commodity and will continue to be breached. As a result, focus and spending must shift toward the access that the credentials provide.
π Why developed countries are more vulnerable to cybercrime π
π Read
via "Security on TechRepublic".
Developed nations have higher incomes, technology, urbanization, and digitalization, which are all factors for greater cyber risk, says VPN provider NordVPN.π Read
via "Security on TechRepublic".
TechRepublic
Why developed countries are more vulnerable to cybercrime
Developed nations have higher incomes, technology, urbanization, and digitalization, which are all factors for greater cyber risk, says VPN provider NordVPN.
ATENTIONβΌ New - CVE-2020-10946
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10945
π Read
via "National Vulnerability Database".
Centreon before 19.10.7 exposes Session IDs in server responses.π Read
via "National Vulnerability Database".
π Majority of COVID phishing attacks coming from US IP addresses, report finds π
π Read
via "Security on TechRepublic".
An anti-phishing firm discovered that most of the malicious coronavirus emails were coming from the United States.π Read
via "Security on TechRepublic".
TechRepublic
Majority of COVID phishing attacks coming from US IP addresses, report finds
An anti-phishing firm discovered that most of the malicious coronavirus emails were coming from the United States.
π΄ HackerOne Bounties Hit $100M Milestone π΄
π Read
via "Dark Reading: ".
The bug-hunting platform has now paid more than $100 million in bounties since October 2013.π Read
via "Dark Reading: ".
Dark Reading
HackerOne Bounties Hit $100M Milestone
The bug-hunting platform has now paid more than $100 million in bounties since October 2013.
π΄ Security 101: SQL Injection π΄
π Read
via "Dark Reading: ".
A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat.π Read
via "Dark Reading: ".
Dark Reading
Security 101: SQL Injection
A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat.
π΄ Cloud Security Architect Proves Hardest Infosec Role to Fill π΄
π Read
via "Dark Reading: ".
Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.π Read
via "Dark Reading: ".
Dark Reading
Cloud Security Architect Proves Hardest Infosec Role to Fill
Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.
π Insider Behind $1 Billion Trade Secret Theft Case Sentenced π
π Read
via "Subscriber Blog RSS Feed ".
The FBI on Wednesday shared details around a recent $1 billion trade secret theft case and reminded companies to report suspected crimes like trade secret theft.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Insider Behind $1 Billion Trade Secret Theft Case Sentenced
The FBI on Wednesday shared details around a recent $1 billion trade secret theft case and reminded companies to report suspected crimes like trade secret theft.
ATENTIONβΌ New - CVE-2020-10936
π Read
via "National Vulnerability Database".
Sympa before 6.2.56 allows privilege escalation.π Read
via "National Vulnerability Database".
β DoubleGun Group Builds Massive Botnet Using Cloud Services β
π Read
via "Threatpost".
The latest campaign spread malware via pirate gaming portals.π Read
via "Threatpost".
Threat Post
DoubleGun Group Builds Massive Botnet Using Cloud Services
The latest campaign spread malware via pirate gaming portals.
π΄ Stay-at-Home Orders Coincide With Massive DNS Surge π΄
π Read
via "Dark Reading: ".
A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.π Read
via "Dark Reading: ".
Dark Reading
Stay-at-Home Orders Coincide With Massive DNS Surge
A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.