π΄ Honda Pauses Production Due to Cyberattack π΄
π Read
via "Dark Reading: ".
The attack reportedly infected internal servers and forced Honda to halt production at plants around the world on Monday.π Read
via "Dark Reading: ".
Dark Reading
Honda Pauses Production Due to Cyberattack
The attack reportedly infected internal servers and forced Honda to halt production at plants around the world on Monday.
β Adobe Warns of Critical Flaws in Flash Player, Framemaker β
π Read
via "Threatpost".
Critical Adobe Flash Player and Framemaker flaws could enable arbitrary code execution.π Read
via "Threatpost".
Threat Post
Adobe Warns of Critical Flaws in Flash Player, Framemaker
Critical Adobe Flash Player and Framemaker flaws could enable arbitrary code execution.
β Facebook labels βstate-controlledβ Russian, Chinese, Iranian media β
π Read
via "Naked Security".
Facebook users will see notices labeling "state-controlled media", based on criteria such as funding, editorial independence, ownership structure and more.π Read
via "Naked Security".
Naked Security
Facebook labels βstate-controlledβ Russian, Chinese, Iranian media
Facebook users will see notices labeling βstate-controlled mediaβ, based on criteria such as funding, editorial independence, ownership structure and more.
π Haveged 1.9.9 π
π Go!
via "Security Tool Files β Packet Storm".
haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Haveged 1.9.9 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Hack-for-Hire Firm Connected to Attacks on Nonprofits, Journalists π΄
π Read
via "Dark Reading: ".
The Dark Basin group behind thousands of phishing and malware attacks is likely an India-based "ethical hacking" firm that works on behalf of commercial clients.π Read
via "Dark Reading: ".
Dark Reading
Hack-for-Hire Firm Connected to Attacks on Nonprofits, Journalists
The Dark Basin group behind thousands of phishing and malware attacks is likely an India-based ethical hacking firm that works on behalf of commercial clients.
β Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool β
π Read
via "Threatpost".
The FlowCloud modular remote-access trojan (RAT) has overlaps with the LookBack malware.π Read
via "Threatpost".
Threat Post
Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool
The FlowCloud RAT has overlaps with the LookBack malware and possibly China-linked APT10.
π΄ Will Vote-by-App Ever Be Safe? π΄
π Read
via "Dark Reading: ".
Even with strong security measures, Internet voting is still vulnerable to abuse from state-sponsored actors and malicious insiders.π Read
via "Dark Reading: ".
Dark Reading
Will Vote-by-App Ever Be Safe?
Even with strong security measures, Internet voting is still vulnerable to abuse from state-sponsored actors and malicious insiders.
β Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update β
π Read
via "Threatpost".
The June Patch Tuesday update included CVEs for 11 critical remote code-execution vulnerabilities and concerning SMB bugs.π Read
via "Threatpost".
Threat Post
Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update
The June Patch Tuesday update included CVEs for 11 critical remote code-execution vulnerabilities and concerning SMB bugs.
π Macyβs to Settle 2018 Data Breach Class Action Suit π
π Read
via "Subscriber Blog RSS Feed ".
Two years after it happened, the popular department store is electing to settle a class action data breach lawsuit that alleged the company failed to properly secure customer data online.π Read
via "Subscriber Blog RSS Feed ".
π΄ DHS Warns on New Exploit of Windows 10 Vulnerability π΄
π Read
via "Dark Reading: ".
The vulnerability was patched in March, but a new proof of concept raises the stakes for organizations that haven't yet updated their software.π Read
via "Dark Reading: ".
Dark Reading
DHS Warns on New Exploit of Windows 10 Vulnerability
The vulnerability was patched in March, but a new proof of concept raises the stakes for organizations that haven't yet updated their software.
π΄ Vulnerability in Plug-and-Play Protocol Puts Billions of Devices at Risk π΄
π Read
via "Dark Reading: ".
"CallStranger" flaw in UPnP allows attackers to launch DDoS attacks and scan internal ports, security researcher says.π Read
via "Dark Reading: ".
Dark Reading
Vulnerability in Plug-and-Play Protocol Puts Billions of Devices at Risk
CallStranger flaw in UPnP allows attackers to launch DDoS attacks and scan internal ports, security researcher says.
π How to install sudo 1.9 and use the new policy tool π
π Read
via "Security on TechRepublic".
The sudo system is about to undergo some radical changes. Find out how to begin working with the new policy system, to make sudo even more powerful.π Read
via "Security on TechRepublic".
TechRepublic
How to install sudo 1.9 and use the new policy tool
The sudo system is about to undergo some radical changes. Find out how to begin working with the new policy system, to make sudo even more powerful.
π΄ Microsoft Fixes 129 Bugs in Largest Patch Tuesday Release π΄
π Read
via "Dark Reading: ".
The June release of security updates addresses several remote code execution vulnerabilities in SharePoint, Excel, Windows OLE, and other services.π Read
via "Dark Reading: ".
Darkreading
Microsoft Fixes 129 Bugs in Largest Patch Tuesday Release
The June release of security updates addresses several remote code execution vulnerabilities in SharePoint, Excel, Windows OLE, and other services.
ATENTIONβΌ New - CVE-2019-3617
π Read
via "National Vulnerability Database".
Privilege escalation vulnerability in McAfee Total Protection (ToPS) for Mac OS prior to 4.6 allows local users to gain root privileges via incorrect protection of temporary files.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-3613
π Read
via "National Vulnerability Database".
DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder.π Read
via "National Vulnerability Database".
β Billions of devices affected by UPnP vulnerability β
π Read
via "Naked Security".
Stop us if youβve heard this before but a researcher has uncovered a new security vulnerability affecting many devices running the Universal Plug and Play (UPnP) protocol.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Babylon mobile health app mixes up patient consultation videos β
π Read
via "Naked Security".
A heatlh care app user found 50 "consultation replay" videos in his personal profile - but they weren't his.π Read
via "Naked Security".
Naked Security
Babylon mobile health app mixes up patient consultation videos
A heatlh care app user found 50 βconsultation replayβ videos in his personal profile β but they werenβt his.
β βBot or Not?β β a game to train us to spot chatbots faking it as humans β
π Read
via "Naked Security".
Can you tell whether you're talking to a human or AI?π Read
via "Naked Security".
Naked Security
βBot or Not?β β a game to train us to spot chatbots faking it as humans
Can you tell whether youβre talking to a human or AI?
π Honda hit by cyberattack that impacted its global operations π
π Read
via "Security on TechRepublic".
The automaker's customer service and financial services are unavailable as it deals with an attack that experts believe is ransomware.π Read
via "Security on TechRepublic".
TechRepublic
Honda hit by cyberattack that impacted its global operations
The automaker's customer service and financial services are unavailable as it deals with an attack that experts believe is ransomware.
π 92% of SMBs think they can recover from a disaster, but many don't have plans in place π
π Read
via "Security on TechRepublic".
New research shows that the vast majority of small and midsize leaders believe they expect, and can handle, the unexpectedβbut 16% don't even know their recovery time objective.π Read
via "Security on TechRepublic".
TechRepublic
92% of SMBs think they can recover from a disaster, but many don't have plans in place
New research shows that the vast majority of small and midsize leaders believe they expect, and can handle, the unexpectedβbut 16% don't even know their recovery time objective.
π How DNS attacks threaten organizations π
π Read
via "Security on TechRepublic".
Application downtime was the most significant side effect of a DNS attack, according to EfficientIP.π Read
via "Security on TechRepublic".
TechRepublic
How DNS attacks threaten organizations
Application downtime was the most significant side effect of a DNS attack, according to EfficientIP and IDC.