ATENTIONβΌ New - CVE-2018-21239
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21238
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21237
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21236
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit Reader before 2.4.4. It has a NULL pointer dereference.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21235
π Read
via "National Vulnerability Database".
An issue was discovered in Foxit E-mail advertising system before September 2018. It allows authentication bypass and information disclosure, related to Interspire Email Marketer.π Read
via "National Vulnerability Database".
π΄ Malware Campaign Hides in Resumes and Medical Leave Forms π΄
π Read
via "Dark Reading: ".
The campaigns have been part of the overall increase in coronavirus-related malware activity.π Read
via "Dark Reading: ".
Dark Reading
Malware Campaign Hides in Resumes and Medical Leave Forms
The campaigns have been part of the overall increase in coronavirus-related malware activity.
π Food Companies Spar Over Stolen Trade Secrets Claim π
π Read
via "Subscriber Blog RSS Feed ".
In a new lawsuit, a candy bar company is alleging a former employee downloaded more than 6,000 files involving its trade secrets, strategies, and market insights, before leaving to join a competitor.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Food Companies Spar Over Stolen Trade Secrets Claim
In a new lawsuit, a candy bar company is alleging a former employee downloaded more than 6,000 files involving its trade secrets, strategies, and market insights, before leaving to join a competitor.
β Trump, Biden Campaign Staffers Targeted By APT Phishing Emails β
π Read
via "Threatpost".
Google TAG researchers warn that APTs are targeting campaign staffers for both Donald Trump and Joe Biden with phishing emails.π Read
via "Threatpost".
Threat Post
Trump, Biden Campaign Staffers Targeted By APT Phishing Emails
Google TAG researchers warn that APTs are targeting campaign staffers for both Donald Trump and Joe Biden with phishing emails.
β Tycoon Ransomware Banks on Unusual Image File Tactic β
π Read
via "Threatpost".
To fly under the radar, the newly discovered ransomware is compiled into a Java image file format that's rarely used by developers.π Read
via "Threatpost".
Threat Post
Tycoon Ransomware Banks on Unusual Image File Tactic
To fly under the radar, the newly discovered ransomware is compiled into a Java image file format that's rarely used by developers.
π1
π΄ New 'Tycoon' Ransomware Strain Targets Windows, Linux π΄
π Read
via "Dark Reading: ".
Researchers say Tycoon ransomware, which has targeted software and educational institutions, has a few traits they haven't seen before.π Read
via "Dark Reading: ".
Dark Reading
New 'Tycoon' Ransomware Strain Targets Windows, Linux
Researchers say Tycoon ransomware, which has targeted software and educational institutions, has a few traits they haven't seen before.
π΄ The Privacy & Security Outlook for Businesses Post-COVID-19 π΄
π Read
via "Dark Reading: ".
Long-term business needs -- and the ethical implications that result -- don't simply go away just because we're navigating a global health crisis.π Read
via "Dark Reading: ".
Dark Reading
The Privacy & Security Outlook for Businesses Post-COVID-19
Long-term business needs -- and the ethical implications that result -- don't simply go away just because we're navigating a global health crisis.
β Botnet blasts WordPress sites with configuration download attacks β
π Read
via "Naked Security".
A million sites attacked by 20,000 different computers.π Read
via "Naked Security".
Naked Security
Botnet blasts WordPress sites with configuration download attacks
A million sites attacked by 20,000 different computers.
β S2 Ep42: Apple auth attack, Octopus Scanner, Escobar escapades β Naked Security podcast β
π Read
via "Naked Security".
The latest Naked Security podcast is out now!π Read
via "Naked Security".
Naked Security
S2 Ep42: Apple auth attack, Octopus Scanner, Escobar escapades β Naked Security podcast
The latest Naked Security podcast is out now!
β WhatsApp Phone Numbers Pop Up in Google Search Results β But is it a Bug? β
π Read
via "Threatpost".
A researcher found that phone numbers tied to WhatsApp accounts are indexed publicly on Google Search creating what he claims is a βprivacy issueβ for users.π Read
via "Threatpost".
Threat Post
WhatsApp Phone Numbers Pop Up in Google Search Results β But is it a Bug?
A researcher found that phone numbers tied to WhatsApp accounts are indexed publicly on Google Search creating what he claims is a βprivacy issueβ for users.
π΄ Local, State Governments Face Cybersecurity Crisis π΄
π Read
via "Dark Reading: ".
Ransomware hit small government organizations hard in 2019. Now they have to deal with budget cuts, pandemic precautions, social unrest, and the coming election cycle.π Read
via "Dark Reading: ".
Dark Reading
Local, State Governments Face Cybersecurity Crisis
Ransomware hit small government organizations hard in 2019. Now they have to deal with budget cuts, pandemic precautions, social unrest, and the coming election cycle.
π΄ Name That Toon: Sign of the Tides π΄
π Read
via "Dark Reading: ".
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading: ".
Dark Reading
Name That Toon: Sign of the Tides
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
β News Wrap: Fake Minneapolis Police Breach, Zoom End-To-End Encryption Debate β
π Read
via "Threatpost".
Threatpost editors discuss debunked reports of a Minneapolis police department breach and Zoom announcing only paying users would get end-to-end encryption.π Read
via "Threatpost".
Threat Post
News Wrap: Fake Minneapolis Police Breach, Zoom End-To-End Encryption Debate
Threatpost editors discuss debunked reports of a Minneapolis police department breach and Zoom announcing only paying users would get end-to-end encryption.
β Electrolux, Others Conned Out of Big Money by BEC Scammer β
π Read
via "Threatpost".
Kenenty Hwan Kim has pleaded guilty to swindling the appliance giant and other companies in a set of elaborate schemes.π Read
via "Threatpost".
Threat Post
Electrolux, Others Conned Out of Big Money by BEC Scammer
Kenenty Hwan Kim has pleaded guilty to swindling the appliance giant and other companies in a set of elaborate schemes.
π Friday Five: 6/5 Edition π
π Read
via "Subscriber Blog RSS Feed ".
The city of Minneapolis hit with a DDoS attack, Zoom's new security policy causes social media uproar, and a wave of cyber-attacks target anti-racism sites - catch up on the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 6/5 Edition
The city of Minneapolis hit with a DDoS attack, Zoom's new security policy causes social media uproar, and a wave of cyber-attacks target anti-racism sites - catch up on the week's news with the Friday Five.
π Faraday 3.11.1 π
π Go!
via "Security Tool Files β Packet Storm".
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Faraday 3.11.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β FTC Slams Childrenβs App Developer for COPPA Violations β
π Read
via "Threatpost".
Children's app developer HyperBeard must pay $150,000 after the FTC claimed it violated privacy laws.π Read
via "Threatpost".
Threat Post
FTC Slams Childrenβs App Developer for COPPA Violations
Children's app developer HyperBeard must pay $150,000 after the FTC claimed it violated privacy laws.