π΄ When Your Biggest Security and Privacy Threats Come From the Ones You Love π΄
π Read
via "Dark Reading: ".
Research examines the risks and design challenges of accounting for privacy threats in intimate relationships.π Read
via "Dark Reading: ".
Dark Reading
When Your Biggest Security and Privacy Threats Come From the Ones You Love
Research examines the risks and design challenges of accounting for privacy threats in intimate relationships.
β Microsoft squishes 129 bugs with Patch Tuesday updates β
π Read
via "Naked Security".
Patch Tuesday was this week and software giant Microsoft released patches to fix 129 CVEs, 11 of which are rated critical.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Bitcoin scammers take YouTube channels for a SpaceX ride β
π Read
via "Naked Security".
Multiple hijacked YouTube accounts impersonated Elon Musk's Space X channel in a Bitcoin scheme that ripped off a total of more than $163,000.π Read
via "Naked Security".
Naked Security
Bitcoin scammers take YouTube channels for a SpaceX ride
Multiple hijacked YouTube accounts impersonated Elon Muskβs Space X channel in a Bitcoin scheme that ripped off nearly $150,000.
π Report: Working from home is the new normal, but cybersecurity isn't keeping up π
π Read
via "Security on TechRepublic".
COVID-19 has completely changed the work world, but many organizations have seemingly failed to realize that security risks are changing as well, a new report finds.π Read
via "Security on TechRepublic".
TechRepublic
Report: Working from home is the new normal, but cybersecurity isn't keeping up
COVID-19 has completely changed the work world, but many organizations have seemingly failed to realize that security risks are changing as well, a new report finds.
π How Google is combatting coronavirus-related cyberthreats π
π Read
via "Security on TechRepublic".
The search giant is relying on artificial intelligence as threats that exploit COVID-19 increase in the UK, India, and Brazil.π Read
via "Security on TechRepublic".
TechRepublic
How Google is combatting coronavirus-related cyberthreats
The search giant is relying on artificial intelligence as threats that exploit COVID-19 increase in the UK, India, and Brazil.
π΄ What COVID-19 Teaches Us About Social Engineering π΄
π Read
via "Dark Reading: ".
Unless we do something proactively, social engineering's impact is expected to keep getting worse as people's reliance on technology increases and as more of us are forced to work from home.π Read
via "Dark Reading: ".
Dark Reading
What COVID-19 Teaches Us About Social Engineering
Unless we do something proactively, social engineering's impact is expected to keep getting worse as people's reliance on technology increases and as more of us
π΄ Attack Surface Area Larger Than Most Businesses Believe π΄
π Read
via "Dark Reading: ".
Workers are not the only outside-the-perimeter security risk. Companies have a variety of vulnerable Internet-facing resources exposing their business to risk, study finds.π Read
via "Dark Reading: ".
Dark Reading
Attack Surface Area Larger Than Most Businesses Believe
Workers are not the only outside-the-perimeter security risk. Companies have a variety of vulnerable Internet-facing resources exposing their business to risk, study finds.
π Apple's Face ID: Cheat sheet π
π Read
via "Security on TechRepublic".
If you're using an Apple mobile device manufactured since 2017, it has likely ditched Touch ID in favor of Face ID. Here's what you need to know about the latest Apple biometric security product.π Read
via "Security on TechRepublic".
TechRepublic
Appleβs Face ID Cheat Sheet: What It Is and How to Use It
Apple's Face ID is a secure and convenient facial recognition feature that utilizes TrueDepth cameras for fast, reliable and secure access.
π΄ 'Highly Active' APT Group Targeting Microsoft Office, Outlook π΄
π Read
via "Dark Reading: ".
The Gamaredon group has ramped up activity in recent months and makes no effort to stay under the radar, researchers report.π Read
via "Dark Reading: ".
Darkreading
'Highly Active' APT Group Targeting Microsoft Office, Outlook
The Gamaredon group has ramped up activity in recent months and makes no effort to stay under the radar, researchers report.
π Why coronavirus contact tracing apps face privacy and security challenges π
π Read
via "Security on TechRepublic".
The apps have to balance the goal of greater accuracy vs. respecting the privacy of their users, according to Check Point Research.π Read
via "Security on TechRepublic".
TechRepublic
Why coronavirus contact tracing apps face privacy and security challenges
The apps have to balance the goal of greater accuracy vs. respecting the privacy of their users, according to Check Point Research.
ATENTIONβΌ New - CVE-2020-0136
π Read
via "National Vulnerability Database".
In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-120078455π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0135
π Read
via "National Vulnerability Database".
In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150949837π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0134
π Read
via "National Vulnerability Database".
In BnDrm::onTransact of IDrm.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146052771π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0133
π Read
via "National Vulnerability Database".
In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145136060π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0132
π Read
via "National Vulnerability Database".
In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139473816π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0131
π Read
via "National Vulnerability Database".
In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-151159638π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0129
π Read
via "National Vulnerability Database".
In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123292010π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0128
π Read
via "National Vulnerability Database".
In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123940919π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0127
π Read
via "National Vulnerability Database".
In AudioStream::decode of AudioGroup.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the phone process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140054506π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0126
π Read
via "National Vulnerability Database".
In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local code execution with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137878930π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0124
π Read
via "National Vulnerability Database".
In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140237592π Read
via "National Vulnerability Database".