β Podcast: Why Identity Access Management is the New Perimeter β
π Read
via "Threatpost".
DivvyCloud discusses the changing nature of identity access management (IAM) - and what kind of challenges and opportunities that is creating for businesses.π Read
via "Threatpost".
Threat Post
Podcast: Why Identity Access Management is the New Perimeter
DivvyCloud discusses the changing nature of identity access management (IAM) - and what kind of challenges and opportunities that is creating for businesses.
β Apple Jailbreak Zero-Day Gets a Patch β
π Read
via "Threatpost".
The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the "Uncover" jailbreak tool released last week.π Read
via "Threatpost".
Threat Post
Apple Jailbreak Zero-Day Gets a Patch
The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the "Uncover" jailbreak tool released last week.
π΄ Banking on Data Security in a Time of Insecurity π΄
π Read
via "Dark Reading: ".
How banks can maintain security and data integrity in the middle of a pandemic.π Read
via "Dark Reading: ".
Dark Reading
Banking on Data Security in a Time of Insecurity
How banks can maintain security and data integrity in the middle of a pandemic.
π How to protect your organization against Business Email Compromise attacks π
π Read
via "Security on TechRepublic".
BEC scams accounted for half of all cybercrime losses in the US in 2019, according to Check Point Research.π Read
via "Security on TechRepublic".
TechRepublic
How to protect your organization against Business Email Compromise attacks
BEC scams accounted for half of all cybercrime losses in the US in 2019, according to Check Point Research.
π΄ Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic π΄
π Read
via "Dark Reading: ".
For now, security teams face freezes in projects and hiring - and budget cuts, security industry analysts say.π Read
via "Dark Reading: ".
Dark Reading
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
For now, security teams face freezes in projects and hiring - and budget cuts, security industry analysts say.
β Octopus Scanner Sinks Tentacles into GitHub Repositories β
π Read
via "Threatpost".
At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain.π Read
via "Threatpost".
Threat Post
Octopus Scanner Sinks Tentacles into GitHub Repositories
At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain.
π΄ Thycotic Buys Onion ID to Extend PAM Portfolio π΄
π Read
via "Dark Reading: ".
The acquisition brings three new products into Thycotic's privileged access management lineup.π Read
via "Dark Reading: ".
Dark Reading
Thycotic Buys Onion ID to Extend PAM Portfolio
The acquisition brings three new products into Thycotic's privileged access management lineup.
π Cybercriminals garnered $1.4B from cryptocurrency crimes in spring 2020 π
π Read
via "Security on TechRepublic".
This year could see the second-highest value in cryptocurrency crimes recorded, with coronavirus-themed attacks contributing to growth, CipherTrace found.π Read
via "Security on TechRepublic".
TechRepublic
Cybercriminals garnered $1.4B from cryptocurrency crimes in spring 2020
This year could see the second-highest value in cryptocurrency crimes recorded, with coronavirus-themed attacks contributing to growth, CipherTrace found.
β Severe Cisco DoS Flaw Can Cripple Nexus Switches β
π Read
via "Threatpost".
Cisco has patched a high-severity flaw that could lead to denial-of-service attacks on its Nexus switch lineup.π Read
via "Threatpost".
Threat Post
Severe Cisco DoS Flaw Can Cripple Nexus Switches
Cisco has patched a high-severity flaw that could lead to denial-of-service attacks on its Nexus switch lineup.
β The mystery of the expiring Sectigo web certificate β
π Read
via "Naked Security".
If you're getting TLS connection errors that suddenly started this weekend, a tired old encryption library might be the problem.π Read
via "Naked Security".
Naked Security
The mystery of the expiring Sectigo web certificate
If youβre getting TLS connection errors that suddenly started this weekend, a tired old encryption library might be the problem.
β Two Critical Android Bugs Open Door to RCE β
π Read
via "Threatpost".
Google and Qualcomm both addressed significant vulnerabilities in their June updates.π Read
via "Threatpost".
Threat Post
Two Critical Android Bugs Open Door to RCE
Google and Qualcomm both addressed significant vulnerabilities in their June updates.
π΄ Risk Assessment & the Human Condition π΄
π Read
via "Dark Reading: ".
Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.π Read
via "Dark Reading: ".
Dark Reading
Risk Assessment & the Human Condition
Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.
π COVID-19 emergence leads to 37% jump in mobile phishing attacks in 2020 π
π Read
via "Security on TechRepublic".
A Lookout study found that organizations could lose millions through the growing number of unmitigated mobile phishing attacks.π Read
via "Security on TechRepublic".
TechRepublic
COVID-19 emergence leads to 37% jump in mobile phishing attacks in 2020
A Lookout study found that organizations could lose millions through the growing number of unmitigated mobile phishing attacks.
ATENTIONβΌ New - CVE-2019-11843
π Read
via "National Vulnerability Database".
The MailPoet plugin before 3.23.2 for WordPress allows remote attackers to inject arbitrary web script or HTML using extra parameters in the URL (Reflective Server-Side XSS).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-18625
π Read
via "National Vulnerability Database".
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-18624
π Read
via "National Vulnerability Database".
Grafana 5.3.1 has XSS via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-18623
π Read
via "National Vulnerability Database".
Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.π Read
via "National Vulnerability Database".
π NSA Warns of Exim Flaw Being Exploited by Russian Actors π
π Read
via "Subscriber Blog RSS Feed ".
In an advisory last week, the NSA warned that a flaw in the Exim mail transfer agent (MTA) has been exploited by Russian cyber military actors since last August.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
NSA Warns of Exim Flaw Being Exploited by Russian Actors
In an advisory last week, the NSA warned that a flaw in the Exim mail transfer agent (MTA) has been exploited by Russian cyber military actors since last August.
π΄ Amtrak Breach Rolls Over Frequent Travelers π΄
π Read
via "Dark Reading: ".
The breach exposed usernames and passwords of an undisclosed number of program members.π Read
via "Dark Reading: ".
Dark Reading
Amtrak Breach Rolls Over Frequent Travelers
The breach exposed usernames and passwords of an undisclosed number of program members.
π΄ Companies Fall Short on Mandatory Reporting of Cybercrimes π΄
π Read
via "Dark Reading: ".
Understaffed and under fire, companies fail to report cybercrimes even when they are legally obligated to notify authorities, results of a new survey show.π Read
via "Dark Reading: ".
Dark Reading
Companies Fall Short on Mandatory Reporting of Cybercrimes
Understaffed and under fire, companies fail to report cybercrimes even when they are legally obligated to notify authorities, results of a new survey show.
π΄ Mobile Phishing Attacks Increase Sharply π΄
π Read
via "Dark Reading: ".
Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.π Read
via "Dark Reading: ".
Dark Reading
Mobile Phishing Attacks Increase Sharply
Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.