π΄ Safeguard Your Remote Workforce π΄
π Read
via "Dark Reading: ".
DDoS attacks on VPN servers can not only bring remote work to a standstill but also cut off admins from accessing their systems. Here are three ways to stay safer.π Read
via "Dark Reading: ".
Dark Reading
Safeguard Your Remote Workforce
DDoS attacks on VPN servers can not only bring remote work to a standstill but also cut off admins from accessing their systems. Here are three ways to stay safer.
π How open source software vulnerabilities create risk for organizations π
π Read
via "Security on TechRepublic".
Security flaws in open source software have increased and can take a long time to be added to the National Vulnerability Database, says RiskSense.π Read
via "Security on TechRepublic".
TechRepublic
How open source software vulnerabilities create risk for organizations
Security flaws in open source software have increased and can take a long time to be added to the National Vulnerability Database, says RiskSense.
π Bing.com Hostname / IP Enumerator 1.0.3 π
π Go!
via "Security Tool Files β Packet Storm".
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Bing.com Hostname / IP Enumerator 1.0.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π UFONet 1.5 π
π Go!
via "Security Tool Files β Packet Storm".
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
UFONet 1.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π OpenStego Free Steganography Solution 0.7.4 π
π Go!
via "Security Tool Files β Packet Storm".
OpenStego is a tool implemented in Java for generic steganography, with support for password-based encryption of the data. It supports plugins for various steganographic algorithms (currently, only Least Significant Bit algorithm is supported for images).π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
OpenStego Free Steganography Solution 0.7.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Ransomware attack: Why a small business paid the $150,000 ransom π
π Read
via "Security on TechRepublic".
The CFO of a small company that was the victim of a ransomware attack and reveals why they paid the ransom (in Bitcoin) to gain back control of their systems.π Read
via "Security on TechRepublic".
TechRepublic
Ransomware attack: Why a small business paid the $150,000 ransom
The CFO of a small company that was the victim of a ransomware attack reveals why they paid the ransom (in Bitcoin) to gain back control of their systems.
β Phishing Attack Hits German Coronavirus Task Force β
π Read
via "Threatpost".
More than 100 executives at a multinational company that's part of a German task force for creating coronavirus protective gear, were targeted in an ongoing phishing attack.π Read
via "Threatpost".
Threat Post
Phishing Attack Hits German Coronavirus Task Force
More than 100 executives at a multinational company that's part of a German task force for creating PPE, were targeted in an ongoing phishing attack.
β SMBGhost RCE Exploit Threatens Corporate Networks β
π Read
via "Threatpost".
The release of a PoC for the Windows flaw known as "SMBGhost" could set off cyberattack waves, CISA warned.π Read
via "Threatpost".
Threat Post
SMBGhost RCE Exploit Threatens Corporate Networks
The release of a PoC could set off cyberattack waves, CISA warned.
π Ransomware attack: Why a small business paid the $150,000 ransom π
π Read
via "Security on TechRepublic".
The CFO of a small company that was the victim of a ransomware attack and reveals why they paid the ransom (in Bitcoin) to gain back control of their systems.π Read
via "Security on TechRepublic".
TechRepublic
Ransomware attack: Why a small business paid the $150,000 ransom
The CFO of a small company that was the victim of a ransomware attack reveals why they paid the ransom (in Bitcoin) to gain back control of their systems.
β Double-crossing ransomware decryptor scrambles your files again! β
π Read
via "Naked Security".
Just when you thought a bad thing could get no worse...π Read
via "Naked Security".
Naked Security
Double-crossing ransomware decryptor scrambles your files again!
Just when you thought a bad thing could get no worseβ¦
π΄ Flaws Found in Some Open Source Projects Exploited More Often π΄
π Read
via "Dark Reading: ".
A study of major open source projects finds that 3.3% of vulnerabilities are exploited, but the rate of exploitation varies significantly.π Read
via "Dark Reading: ".
Dark Reading
Flaws Found in Some Open Source Projects Exploited More Often
A study of major open source projects finds that 3.3% of vulnerabilities are exploited, but the rate of exploitation varies significantly.
π Final Regulations For CCPA Sent For Review π
π Read
via "Subscriber Blog RSS Feed ".
With CCPA enforcement on track for less than four weeks from now, Californiaβs AG sent his final proposed regulations for the law to be reviewed.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Final Regulations For CCPA Sent For Review
With CCPA enforcement on track for less than four weeks from now, Californiaβs AG sent his final proposed regulations for the law to be reviewed.
π Cyber incidents at NASA spiked 366% in 2019 π
π Read
via "Security on TechRepublic".
While the agency experienced 1,468 incidents, its budget was decreased last year, according to a report by Atlas VPN.π Read
via "Security on TechRepublic".
TechRepublic
Cyber incidents at NASA spiked 366% in 2019
While the agency experienced 1,468 incidents, its budget was decreased last year, according to a report by Atlas VPN.
π΄ Canada's Fitness Depot Alerts Customers to Data Breach π΄
π Read
via "Dark Reading: ".
The retailer reports cybercriminals infected its online store and used a fraudulent form to steal shoppers' information.π Read
via "Dark Reading: ".
Dark Reading
Canada's Fitness Depot Alerts Customers to Data Breach
The retailer reports cybercriminals infected its online store and used a fraudulent form to steal shoppers' information.
ATENTIONβΌ New - CVE-2019-19412
π Read
via "National Vulnerability Database".
Some Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. The affected products and versions are: ALP-AL00B Versions earlier than 9.0.0.181(C00E87R2P20T8) ALP-L09 Versions earlier than 9.0.0.201(C432E4R1P9) ALP-L29 Versions earlier than 9.0.0.177(C185E2R1P12T8), Versions earlier than 9.0.0.195(C636E2R1P12) Anne-AL00 Versions earlier than 8.0.0.168(C00) BLA-AL00B Versions earlier than 9.0.0.181(C00E88R2P15T8) BLA-L09C Versions earlier than 9.0.0.177(C185E2R1P13T8), Versions earlier than 9.0.0.206(C432E4R1P11) BLA-L29C Versions earlier than 9.0.0.179(C576E2R1P7T8), Versions earlier than 9.0.0.194(C185E2R1P13), Versions earlier than 9.0.0.206(C432E4R1P11), Versions earlier than 9.0.0.210(C635E4R1P13) Berkeley-AL20 Versions earlier than 9.0.0.156(C00E156R2P14T8) Berkeley-L09 Versions earlier than 8.0.0.172(C432), Versions earlier than 8.0.0.173(C636) Emily-L29C Versions earlier than 9.0.0.159(C185E2R1P12T8), Versions earlier than 9.0.0.159(C461E2R1P11T8), Versions earlier than 9.0.0.160(C432E7R1P11T8), Versions earlier than 9.0.0.165(C605E2R1P12), Versions earlier than 9.0.0.168(C636E7R1P13T8), Versions earlier than 9.0.0.168(C782E3R1P11T8), Versions earlier than 9.0.0.196(C635E2R1P11T8) Figo-L03 Versions earlier than 9.1.0.130(C605E6R1P5T8) Figo-L21 Versions earlier than 9.1.0.130(C185E6R1P5T8), Versions earlier than 9.1.0.130(C635E6R1P5T8) Figo-L23 Versions earlier than 9.1.0.130(C605E6R1P5T8) Figo-L31 Versions earlier than 9.1.0.130(C432E8R1P5T8) Florida-L03 Versions earlier than 9.1.0.121(C605E5R1P1T8) Florida-L21 Versions earlier than 8.0.0.129(C605), Versions earlier than 8.0.0.131(C432), Versions earlier than 8.0.0.132(C185) Florida-L22 Versions earlier than 8.0.0.132(C636) Florida-L23 Versions earlier than 8.0.0.144(C605) HUAWEI P smart Versions earlier than 9.1.0.130(C185E6R1P5T8), Versions earlier than 9.1.0.130(C605E6R1P5T8) HUAWEI P smart, HUAWEI Y7s Versions earlier than 9.1.0.124(C636E6R1P5T8) HUAWEI P20 lite Versions earlier than 8.0.0.148(C635), Versions earlier than 8.0.0.155(C185), Versions earlier than 8.0.0.155(C605), Versions earlier than 8.0.0.156(C605), Versions earlier than 8.0.0.157(C432) HUAWEI nova 3e, HUAWEI P20 lite Versions earlier than 8.0.0.147(C461), Versions earlier than 8.0.0.148(ZAFC185), Versions earlier than 8.0.0.160(C185), Versions earlier than 8.0.0.160(C605), Versions earlier than 8.0.0.168(C432), Versions earlier than 8.0.0.172(C636) Honor View 10 Versions earlier than 9.0.0.202(C567E6R1P12T8) Leland-AL00A Versions earlier than 8.0.0.182(C00) Leland-L21A Versions earlier than 8.0.0.135(C185), Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L22A Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L22C Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L31A Versions earlier than 8.0.0.139(C432)π Read
via "National Vulnerability Database".
β Singaporeβs Contact Tracing Wearable Causes Privacy Backlash β
π Read
via "Threatpost".
Thousands have signed a petition that underscores data privacy issues with Singapore's newly announced contact-tracing wearable, in development.π Read
via "Threatpost".
Threat Post
Singaporeβs Contact Tracing Wearable Causes Privacy Backlash
Thousands have signed a petition that underscores data privacy issues with Singapore's newly announced contact-tracing wearable, in development.
π΄ Chinese and Iranian APT Groups Targeted US Presidential Campaigns π΄
π Read
via "Dark Reading: ".
Google analysts report advanced persistent threat groups linked to China and Iran launched phishing attacks against the Biden and Trump campaigns.π Read
via "Dark Reading: ".
Dark Reading
Chinese and Iranian APT Groups Targeted US Presidential Campaigns
Google analysts report advanced persistent threat groups linked to China and Iran launched phishing attacks against the Biden and Trump campaigns.
π΄ DARPA Launches Bug Bounty Program π΄
π Read
via "Dark Reading: ".
Unlike most crowdsourced vulnerability-hunting projects, this one is targeted at hardware defenses.π Read
via "Dark Reading: ".
Dark Reading
DARPA Launches Bug Bounty Program
Unlike most crowdsourced vulnerability-hunting projects, this one is targeted at hardware defenses.
π 10 takeaways from Mimecast's 2020 email security report π
π Read
via "Security on TechRepublic".
Phishing is on the rise, ransomware continues to be a threat, and email exploits are more popular than ever. Here are the email security risks, and what you can do about them, in 2020.π Read
via "Security on TechRepublic".
TechRepublic
10 takeaways from Mimecast's 2020 email security report
Phishing is on the rise, ransomware continues to be a threat, and email exploits are more popular than ever. Here are the email security risks, and what you can do about them, in 2020.
β Brave CEO apologises for adding affiliate links to URLs β
π Read
via "Naked Security".
The Brave browser has provoked unhappiness among some of its users after being caught redirecting searches to affiliate links that earned it commission.π Read
via "Naked Security".
Naked Security
Brave CEO apologises for adding affiliate links to URLs
The Brave browser has provoked unhappiness among some of its users after being caught redirecting searches to affiliate links that earned it commission.
π Security faux pas: 56% of employees use personal computers to WFH π
π Read
via "Security on TechRepublic".
Using nonwork authorized tech at home places company data at risk, especially since 23% of employees are unsure what security protocols exist on their devices, Morphisec found.π Read
via "Security on TechRepublic".
TechRepublic
Security faux pas: 56% of employees use personal computers to WFH
Using nonwork authorized tech at home places company data at risk, especially since 23% of employees are unsure what security protocols exist on their devices, Morphisec found.