β Ripple20 bugs set off wave of security problems in millions of devices β
π Read
via "Naked Security".
Security researchers have discovered a handful of game-changing vulnerabilities that spell trouble for dozens of connected device vendors and their customers.π Read
via "Naked Security".
Naked Security
Ripple20 bugs set off wave of security problems in millions of devices
Security researchers have discovered a handful of game-changing vulnerabilities that spell trouble for dozens of connected device vendors and their customers.
π Friday Five: 6/19 Edition π
π Read
via "Subscriber Blog RSS Feed ".
Possible beer shortage caused by ransomware, dating apps expose 845 GB of sensitive data, and Zoom reverses controversial security decision - catch up on the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 6/19 Edition
Possible beer shortage caused by ransomware, dating apps expose 845 GB of sensitive data, and Zoom reverses controversial security decision - catch up on the week's news with the Friday Five.
β FBI uses T-shirt, tattoo and Vimeo clips to track down alleged arsonist β
π Read
via "Naked Security".
Amazing what online search, social media profiles, a DMV database and cameras everywhere can turn up about us.π Read
via "Naked Security".
Naked Security
FBI uses T-shirt, tattoo and Vimeo clips to track down alleged arsonist
Amazing what online search, social media profiles, a DMV database and cameras everywhere can turn up about us.
β Netgear Zero-Day Allows Full Takeover of Dozens of Router Models β
π Read
via "Threatpost".
An unpatched vulnerability in the web server of device firmware gives attackers root privileges, researchers said.π Read
via "Threatpost".
Threat Post
Netgear Zero-Day Allows Full Takeover of Dozens of Router Models
An unpatched vulnerability in the web server of device firmware gives attackers root privileges, researchers said.
β IBM Maximo Asset Management servers patched against attacks β
π Read
via "Naked Security".
As the name suggests, IBM Maximo is typically used by really big companies to track really huge numbers of assets...π Read
via "Naked Security".
Naked Security
IBM Maximo Asset Management servers patched against attacks
As the name suggests, IBM Maximo is typically used by really big companies to track really huge numbers of assetsβ¦
π΄ 'New Normal' Caption Contest Winners π΄
π Read
via "Dark Reading: ".
Competitors submitted lots of clever virus puns, and the prizes go to ...π Read
via "Dark Reading: ".
Dark Reading
'New Normal' Caption Contest Winners
Competitors submitted lots of clever virus puns, and the prizes go to ...
π΄ How to Secure Machine Learning π΄
π Read
via "Dark Reading: ".
Part two of a series on avoiding potential security risks with ML.π Read
via "Dark Reading: ".
Dark Reading
How to Secure Machine Learning
Part two of a series on avoiding potential security risks with ML.
π How to use the Whonix advanced security and privacy distribution π
π Read
via "Security on TechRepublic".
Whonix is a Linux desktop dedicated to absolute security and privacy. Find out how to use this unique take on the desktop operating system.π Read
via "Security on TechRepublic".
TechRepublic
How to use the Whonix advanced security and privacy distribution
Whonix is a Linux desktop dedicated to absolute security and privacy. Find out how to use this unique take on the desktop operating system.
π΄ What Will Cybersecurity's 'New Normal' Look Like? π΄
π Read
via "Dark Reading: ".
The coronavirus pandemic has forced changes for much of the business world, cybersecurity included. What can we expect going forward?π Read
via "Dark Reading: ".
Dark Reading
What Will Cybersecurity's 'New Normal' Look Like?
The coronavirus pandemic has forced changes for much of the business world, cybersecurity included. What can we expect going forward?
ATENTIONβΌ New - CVE-2019-20847
π Read
via "National Vulnerability Database".
An issue was discovered in Mattermost Server before 5.18.0. An attacker can send a user_typing WebSocket event to any channel.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20846
π Read
via "National Vulnerability Database".
An issue was discovered in Mattermost Server before 5.18.0. It has weak permissions for server-local file storage.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20845
π Read
via "National Vulnerability Database".
An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of service (memory consumption) via a large Slack import.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20844
π Read
via "National Vulnerability Database".
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-message channel by changing the type of a channel.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20843
π Read
via "National Vulnerability Database".
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20842
π Read
via "National Vulnerability Database".
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20841
π Read
via "National Vulnerability Database".
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. CSRF can sometimes occur via a crafted web site for account takeover attacks.π Read
via "National Vulnerability Database".
β News Wrap: Malicious Chrome Extensions Removed, CIA βWoefully Laxβ Security Policies Bashed β
π Read
via "Threatpost".
Insider threats, the CIA's bad security policies, and malicious Chrome extensions were the topics of discussion during this week's news wrap podcast.π Read
via "Threatpost".
Threat Post
News Wrap: Malicious Chrome Extensions Removed, CIA βWoefully Laxβ Security Policies Bashed
Insider threats, the CIA's bad security policies, and malicious Chrome extensions were the topics of discussion during this week's news wrap podcast.
π Many people using email to share files despite lack of security π
π Read
via "Security on TechRepublic".
Those polled by Nordlocker also use cloud services, messaging apps, and external drives to share files.π Read
via "Security on TechRepublic".
TechRepublic
Many people using email to share files despite lack of security
Those polled by Nordlocker also use cloud services, messaging apps, and external drives to share files.
π CCPA: How to prepare for California's new privacy law before enforcement starts July 1 π
π Read
via "Security on TechRepublic".
Companies need to look for PII across all corporate data silos and consider building an automated system to respond to requests from consumers, experts say.π Read
via "Security on TechRepublic".
TechRepublic
CCPA: How to prepare for California's new privacy law before enforcement starts July 1
Companies need to look for PII across all corporate data silos and consider building an automated system to respond to requests from consumers, experts say.
ATENTIONβΌ New - CVE-2018-21262
π Read
via "National Vulnerability Database".
An issue was discovered in Mattermost Server before 4.7.3. It allows attackers to cause a denial of service (application crash) via invalid LaTeX text.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21261
π Read
via "National Vulnerability Database".
An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. An e-mail invite accidentally included the team invite_id, which leads to unintended excessive invitation privileges.π Read
via "National Vulnerability Database".