β Smartwatch Hack Could Trick Dementia Patients into Overdosing β
π Read
via "Threatpost".
Attackers could hack the smartwatch and send dementia patients alerts for taking their medication.π Read
via "Threatpost".
Threat Post
Smartwatch Hack Could Trick Dementia Patients into Overdosing
Attackers could hack the smartwatch and send dementia patients alerts for taking their medication.
ATENTIONβΌ New - CVE-2012-6474
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-6473
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.π Read
via "National Vulnerability Database".
π Friday Five: 7/10 Edition π
π Read
via "Subscriber Blog RSS Feed ".
Lebron James' legal files put up for auction, US Secret Service warns of increase in MSP hacks, and Andoid Apps stealing user data - catch up on all the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 7/10 Edition
Lebron James' legal files put up for auction, US Secret Service warns of increase in MSP hacks, and Android Apps stealing user data - catch up on all the week's news with the Friday Five.
β Google Bans Stalkerware Ads β With a Loophole β
π Read
via "Threatpost".
Starting in August Google is banning ads of products or services promoting stalkerware.π Read
via "Threatpost".
Threat Post
Google Bans Stalkerware Ads β With a Loophole
Starting in August Google is banning ads of products or services promoting stalkerware.
π΄ Biden Campaign Hires 2 Top Cybersecurity Executives π΄
π Read
via "Dark Reading: ".
The campaign has filled the positions of CISO and CTO in the runup to the 2020 presidential election.π Read
via "Dark Reading: ".
Dark Reading
Biden Campaign Hires 2 Top Cybersecurity Executives
The campaign has filled the positions of CISO and CTO in the runup to the 2020 presidential election.
π΄ Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers π΄
π Read
via "Dark Reading: ".
RSA data reveals a continued shift away from browser-based fraud as attackers target mobile apps.π Read
via "Dark Reading: ".
Dark Reading
Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers
RSA data reveals a continued shift away from browser-based fraud as attackers target mobile apps.
β Popular TP-Link Family of Kasa Security Cams Vulnerable to Attack β
π Read
via "Threatpost".
Researcher warns the highly-rated Kasa family of security cameras have bugs that gives hackers access to private video feeds and settings.π Read
via "Threatpost".
Threat Post
Popular TP-Link Family of Kasa Security Cams Vulnerable to Attack
Researcher warns the highly-rated Kasa family of security cameras have bugs that gives hackers access to private video feeds and settings.
π nfstream 5.1.6 π
π Go!
via "Security Tool Files β Packet Storm".
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
nfstream 5.1.6 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2019-20898
π Read
via "National Vulnerability Database".
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitive information without being authenticated in the Global permissions screen. The affected versions are before version 8.8.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20897
π Read
via "National Vulnerability Database".
The avatar upload feature in affected versions of Atlassian Jira Server and Data Center allows remote attackers to achieve Denial of Service via a crafted PNG file. The affected versions are before version 8.5.4, from version 8.6.0 before 8.6.2, and from version 8.7.0 before 8.7.1.π Read
via "National Vulnerability Database".
β Monday review β the hot stories of the week β
π Read
via "Naked Security".
Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.π Read
via "Naked Security".
Naked Security
Monday review β the hot stories of the week
Get yourself up to date with everything we've written in the last seven days β it's weekly roundup time.
β How CARTA Strategies for Web Applications are Met with Indusface AppTrana Solution β
π Read
via "Threatpost".
From an operational standpoint, the foundation of CARTA starts with an assessment and then building the zero-trust principles on top of that with an adaptive security model.π Read
via "Threatpost".
Threat Post
How CARTA Strategies for Web Applications are Met with Indusface AppTrana Solution
From an operational standpoint, the foundation of CARTA starts with an assessment and then building the zero-trust principles on top of that.
β A βNew Ageβ of Sophisticated Business Email Compromise is Coming β
π Read
via "Threatpost".
A new BEC threat group is heralding more sophisticated email scams that target organizations without DMARC and squeeze as much money out of victims as possible.π Read
via "Threatpost".
Threat Post
A βNew Ageβ of Sophisticated Business Email Compromise is Coming
A new BEC threat group is heralding more sophisticated email scams that target organizations without DMARC and squeeze as much money out of victims as possible.
π΄ Learn About the Latest Election Security Threats and Defenses at Black Hat USA π΄
π Read
via "Dark Reading: ".
Christopher Krebs, director of the CISA, will explain how the organization is leading the federal effort to support state and local officials in their mission to secure US elections this year.π Read
via "Dark Reading: ".
Dark Reading
Learn About the Latest Election Security Threats and Defenses at Black Hat USA
Christopher Krebs, director of the CISA, will explain how the organization is leading the federal effort to support state and local officials in their mission to secure US elections this year.
β The Enemy Within: How Insider Threats Are Changing β
π Read
via "Threatpost".
Insider-threat security experts unravel the new normal during this time of remote working, and explain how to protect sensitive data from this escalating risk.π Read
via "Threatpost".
Threat Post
The Enemy Within: How Insider Threats Are Changing
Insider-threat security experts unravel the new normal during this time of remote working, and explain how to protect sensitive data from this escalating risk.
π΄ Decoding the Verizon DBIR Report: An Insider's Look Beyond the Headlines π΄
π Read
via "Dark Reading: ".
To truly understand cybersecurity trends, we must look beyond the headlines and ask more of the data. What you learn might surprise you.π Read
via "Dark Reading: ".
Dark Reading
Decoding the Verizon DBIR Report: An Insider's Look Beyond the Headlines
To truly understand cybersecurity trends, we must look beyond the headlines and ask more of the data. What you learn might surprise you.
β Digicert revokes a raft of web security certificates β
π Read
via "Naked Security".
The good news is that this was a bureaucratic necessity rather than an actual cybersecurity attack.π Read
via "Naked Security".
Naked Security
Digicert revokes a raft of web security certificates
The good news is that this was a bureaucratic necessity rather than an actual cybersecurity attack.
β Secret Service Creates Cyber Fraud Task Forces β
π Read
via "Threatpost".
Traditional financial crime and cyberattacks are converging, requiring new skills and approaches to the problem, officials said.π Read
via "Threatpost".
Threat Post
Secret Service Creates Cyber Fraud Task Forces
Traditional financial crime and cyberattacks are converging, requiring new skills and approaches to the problem, officials said.
π΄ Experts Predict Rise of Data Theft in Ransomware Attacks π΄
π Read
via "Dark Reading: ".
The most attractive targets for data theft are businesses perceived as most likely to pay to prevent exposure of their information.π Read
via "Dark Reading: ".
Dark Reading
Experts Predict Rise of Data Theft in Ransomware Attacks
The most attractive targets for data theft are businesses perceived as most likely to pay to prevent exposure of their information.
ATENTIONβΌ New - CVE-2019-19338
π Read
via "National Vulnerability Database".
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability.π Read
via "National Vulnerability Database".