π New Java-based ransomware targets Windows and Linux servers π
π Read
via "Security on TechRepublic".
Aimed at SMBs, educational facilities, and software companies, the ransomware leverages Java to encrypt server-based files, according to BlackBerry and KPMG.π Read
via "Security on TechRepublic".
TechRepublic
This new ransomware targets Windows and Linux in surprising ways
Aimed at SMBs, educational facilities, and software companies, the ransomware leverages Java to encrypt server-based files, according to BlackBerry and KPMG.
π΄ Microsoft Office Files Most Popular for Exploit Tests π΄
π Read
via "Dark Reading: ".
A new report examines attacker methodologies to better understand how exploit testing is conducted in the wild.π Read
via "Dark Reading: ".
Darkreading
Microsoft Office Files Most Popular for Exploit Tests
A new report examines attacker methodologies to better understand how exploit testing is conducted in the wild.
π Unauthorized drone detection is getting easier with software from Blackberry π
π Read
via "Security on TechRepublic".
A new partnership with Dedrone has led to a platform that can instantly detect and notify security personnel of drones in sensitive airspace.π Read
via "Security on TechRepublic".
TechRepublic
Unauthorized drone detection is getting easier with software from BlackBerry
A new partnership with Dedrone has led to a platform that can instantly detect and notify security personnel of drones in sensitive airspace.
β U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked β
π Read
via "Threatpost".
Westech International provides maintenance for the Minuteman III nuclear-missile program and runs programs for multiple branches of the military.π Read
via "Threatpost".
Threat Post
U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked
Westech International provides maintenance for the Minuteman III nuclear-missile program and runs programs for multiple branches of the military.
β Zoom Restricts End-to-End Encryption to Paid Users β
π Read
via "Threatpost".
The end-to-end encryption feature will not be offered to free users, Zoom's CEO said, in case Zoom needed to comply with federal and local law enforcement.π Read
via "Threatpost".
Threat Post
Zoom Restricts End-to-End Encryption to Paid Users
The end-to-end encryption feature will not be offered to free users, Zoom's CEO said, in case Zoom needed to comply with federal and local law enforcement.
β You DID change your password after that data breach, didnβt you? β
π Read
via "Naked Security".
Apparently, some people consider their passwords "invincible", even after a data breach. Don't be those people.π Read
via "Naked Security".
Naked Security
You DID change your password after that data breach, didnβt you?
Apparently, some people consider their passwords βinvincibleβ, even after a data breach. Donβt be those people.
β Understanding the Payload-Less Email Attacks Evading Your Security Team β
π Read
via "Threatpost".
Business email compromise (BEC) attacks represent a small percentage of email attacks, but disproportionately represent the greatest financial risk.π Read
via "Threatpost".
Threat Post
Understanding the Payload-Less Email Attacks Evading Your Security Team
cvcvcvc
π΄ Strengthening Secure Information Sharing Through Technology & Standards π΄
π Read
via "Dark Reading: ".
How data sharing, innovation, and regulatory standardization can make it easier for organizations to both contribute and consume critical threat intelligence.π Read
via "Dark Reading: ".
Dark Reading
Strengthening Secure Information Sharing Through Technology & Standards
How data sharing, innovation, and regulatory standardization can make it easier for organizations to both contribute and consume critical threat intelligence.
ATENTIONβΌ New - CVE-2018-21244
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21243
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21242
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21241
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit PhantomPDF before 8.3.6. It has an untrusted search path that allows a DLL to execute remote code.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21240
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21239
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21238
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21237
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21236
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit Reader before 2.4.4. It has a NULL pointer dereference.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21235
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit E-mail advertising system before September 2018. It allows authentication bypass and information disclosure, related to Interspire Email Marketer.π Read
via "National Vulnerability Database".
π΄ Malware Campaign Hides in Resumes and Medical Leave Forms π΄
π Read
via "Dark Reading: ".
The campaigns have been part of the overall increase in coronavirus-related malware activity.π Read
via "Dark Reading: ".
Dark Reading
Malware Campaign Hides in Resumes and Medical Leave Forms
The campaigns have been part of the overall increase in coronavirus-related malware activity.
π Food Companies Spar Over Stolen Trade Secrets Claim π
π Read
via "Subscriber Blog RSS Feed ".
In a new lawsuit, a candy bar company is alleging a former employee downloaded more than 6,000 files involving its trade secrets, strategies, and market insights, before leaving to join a competitor.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Food Companies Spar Over Stolen Trade Secrets Claim
In a new lawsuit, a candy bar company is alleging a former employee downloaded more than 6,000 files involving its trade secrets, strategies, and market insights, before leaving to join a competitor.
β Trump, Biden Campaign Staffers Targeted By APT Phishing Emails β
π Read
via "Threatpost".
Google TAG researchers warn that APTs are targeting campaign staffers for both Donald Trump and Joe Biden with phishing emails.π Read
via "Threatpost".
Threat Post
Trump, Biden Campaign Staffers Targeted By APT Phishing Emails
Google TAG researchers warn that APTs are targeting campaign staffers for both Donald Trump and Joe Biden with phishing emails.