🛡 Cybersecurity & Privacy 🛡 - News

Octopus Scanner Sinks Tentacles into GitHub Repositories

At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain.

154 views16:09

🕴 Thycotic Buys Onion ID to Extend PAM Portfolio 🕴

The acquisition brings three new products into Thycotic's privileged access management lineup.

📖 Read

via "Dark Reading: ".

Thycotic Buys Onion ID to Extend PAM Portfolio

The acquisition brings three new products into Thycotic's privileged access management lineup.

149 views16:34

🔐 Cybercriminals garnered $1.4B from cryptocurrency crimes in spring 2020 🔐

This year could see the second-highest value in cryptocurrency crimes recorded, with coronavirus-themed attacks contributing to growth, CipherTrace found.

📖 Read

via "Security on TechRepublic".

Cybercriminals garnered $1.4B from cryptocurrency crimes in spring 2020

This year could see the second-highest value in cryptocurrency crimes recorded, with coronavirus-themed attacks contributing to growth, CipherTrace found.

156 views16:49

❌ Severe Cisco DoS Flaw Can Cripple Nexus Switches ❌

Cisco has patched a high-severity flaw that could lead to denial-of-service attacks on its Nexus switch lineup.

📖 Read

via "Threatpost".

Severe Cisco DoS Flaw Can Cripple Nexus Switches

Cisco has patched a high-severity flaw that could lead to denial-of-service attacks on its Nexus switch lineup.

156 views17:09

The mystery of the expiring Sectigo web certificate

⚠ The mystery of the expiring Sectigo web certificate ⚠

If you're getting TLS connection errors that suddenly started this weekend, a tired old encryption library might be the problem.

📖 Read

via "Naked Security".

Naked Security

If you’re getting TLS connection errors that suddenly started this weekend, a tired old encryption library might be the problem.

161 views17:33

❌ Two Critical Android Bugs Open Door to RCE ❌

Google and Qualcomm both addressed significant vulnerabilities in their June updates.

📖 Read

via "Threatpost".

Two Critical Android Bugs Open Door to RCE

Google and Qualcomm both addressed significant vulnerabilities in their June updates.

151 views18:09

🕴 Risk Assessment & the Human Condition 🕴

Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.

📖 Read

via "Dark Reading: ".

Risk Assessment & the Human Condition

Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.

135 views18:34

🔐 COVID-19 emergence leads to 37% jump in mobile phishing attacks in 2020 🔐

A Lookout study found that organizations could lose millions through the growing number of unmitigated mobile phishing attacks.

📖 Read

via "Security on TechRepublic".

COVID-19 emergence leads to 37% jump in mobile phishing attacks in 2020

A Lookout study found that organizations could lose millions through the growing number of unmitigated mobile phishing attacks.

134 views18:49

ATENTION‼ New - CVE-2019-11843

The MailPoet plugin before 3.23.2 for WordPress allows remote attackers to inject arbitrary web script or HTML using extra parameters in the URL (Reflective Server-Side XSS).

📖 Read

via "National Vulnerability Database".

128 views18:55

ATENTION‼ New - CVE-2018-18625

Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.

📖 Read

via "National Vulnerability Database".

131 views18:55

ATENTION‼ New - CVE-2018-18624

Grafana 5.3.1 has XSS via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.

📖 Read

via "National Vulnerability Database".

132 views18:55

ATENTION‼ New - CVE-2018-18623

Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.

📖 Read

via "National Vulnerability Database".

136 views18:55

NSA Warns of Exim Flaw Being Exploited by Russian Actors

🔏 NSA Warns of Exim Flaw Being Exploited by Russian Actors 🔏

In an advisory last week, the NSA warned that a flaw in the Exim mail transfer agent (MTA) has been exploited by Russian cyber military actors since last August.

📖 Read

via "Subscriber Blog RSS Feed ".

Digital Guardian

In an advisory last week, the NSA warned that a flaw in the Exim mail transfer agent (MTA) has been exploited by Russian cyber military actors since last August.

150 views19:47

🕴 Amtrak Breach Rolls Over Frequent Travelers 🕴

The breach exposed usernames and passwords of an undisclosed number of program members.

📖 Read

via "Dark Reading: ".

Amtrak Breach Rolls Over Frequent Travelers

The breach exposed usernames and passwords of an undisclosed number of program members.

166 views20:34

🕴 Companies Fall Short on Mandatory Reporting of Cybercrimes 🕴

Understaffed and under fire, companies fail to report cybercrimes even when they are legally obligated to notify authorities, results of a new survey show.

📖 Read

via "Dark Reading: ".

Companies Fall Short on Mandatory Reporting of Cybercrimes

Understaffed and under fire, companies fail to report cybercrimes even when they are legally obligated to notify authorities, results of a new survey show.

169 views20:34

🕴 Mobile Phishing Attacks Increase Sharply 🕴

Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.

📖 Read

via "Dark Reading: ".

Mobile Phishing Attacks Increase Sharply

Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.

174 views22:34

🕴 10 Tips for Maintaining Information Security During Layoffs 🕴

Insider cyber threats are always an issue during layoffs -- but with record numbers of home office workers heading for the unemployment line, it's never been harder to maintain cybersecurity during offboarding.

📖 Read

via "Dark Reading: ".

10 Tips for Maintaining Information Security During Layoffs

Insider cyber threats are always an issue during layoffs -- but with record numbers of home office workers heading for the unemployment line, it's never been harder to maintain cybersecurity during offboarding.

191 views22:34

❌ Joomla Resources Directory Users Exposed in Leaky AWS Bucket ❌

Full backup copies of website, including all user data, was exposed for 2,700 JRD users.

📖 Read

via "Threatpost".

Joomla Resources Directory Users Exposed in Leaky AWS Bucket

Full backup copies of website, including all user data, was exposed for 2,700 JRD users.

188 views05:09

We won! Naked Security scoops “Legends of security” award

⚠ We won! Naked Security scoops “Legends of security” award ⚠

We're absolutely delighted - delighted and proud! - to report that we won not one but two awards at last night's European Security Blogger Awards 2020.

📖 Read

via "Naked Security".

Naked Security

We’re absolutely delighted – delighted and proud! – to report that we won not one but two awards at last night’s European Security Blogger Awards 2020.

184 views08:33

🔐 Return to work: Three tech jobs that companies will be trying to fill 🔐

Cybersecurity, remote IT troubleshooting and cloud support will be the most sought-after skills for businesses in the months following the COVID-19 pandemic, according to a survey of CIOs and tech executives.

📖 Read

via "Security on TechRepublic".

Return to work: Three tech jobs that companies will be trying to fill

Cybersecurity, remote IT troubleshooting and cloud support will be the most sought-after skills for businesses in the months following the COVID-19 pandemic, according to a survey of CIOs and tech executives.

182 views09:49

🔐 Report: Working from home jeopardizes network security 🔐

Here's how employees in the US, UK, France and Germany are putting systems at risk, according to CyberArk.

📖 Read

via "Security on TechRepublic".