π΄ Twitter Attack Raises Concerns Over its Internal Controls π΄
π Read
via "Dark Reading: ".
Attackers temporarily gained control of the accounts of Joe Biden, Barack Obama, Bill Gates, and others, to tweet a bitcoin scam.π Read
via "Dark Reading: ".
Dark Reading
Twitter Attack Raises Concerns Over its Internal Controls
Attackers temporarily gained control of the accounts of Joe Biden, Barack Obama, Bill Gates, and others, to tweet a bitcoin scam.
π Falco 0.24.0 π
π Go!
via "Security Tool Files β Packet Storm".
Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Falco 0.24.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ EU Court Ruling Means New Global Protections for EU Customer Data π΄
π Read
via "Dark Reading: ".
The ruling in a case involving Facebook means that international companies must provide EU-level privacy controls for EU-generated data no matter where it's stored or transferred.π Read
via "Dark Reading: ".
Dark Reading
EU Court Ruling Means New Global Protections for EU Customer Data
The ruling in a case involving Facebook means that international companies must provide EU-level privacy controls for EU-generated data no matter where it's stored or transferred.
ATENTIONβΌ New - CVE-2019-20915
π Read
via "National Vulnerability Database".
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20914
π Read
via "National Vulnerability Database".
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20913
π Read
via "National Vulnerability Database".
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20912
π Read
via "National Vulnerability Database".
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20911
π Read
via "National Vulnerability Database".
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20910
π Read
via "National Vulnerability Database".
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-20909
π Read
via "National Vulnerability Database".
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec.π Read
via "National Vulnerability Database".
β Enterprise Data Security: Itβs Time to Flip the Established Approach β
π Read
via "Threatpost".
Companies should forget about auditing where data resides and who has access to it.π Read
via "Threatpost".
Threat Post
Enterprise Data Security: Itβs Time to Flip the Established Approach
Companies should forget about auditing where data resides and who has access to it.
π΄ Major Flaws Open the Edge to Attack π΄
π Read
via "Dark Reading: ".
Attackers are using critical exploits for flaws in VPN appliances, app-delivery services, and other network-edge hardware and software to punch through corporate perimeters. What can companies do?π Read
via "Dark Reading: ".
Dark Reading
Major Flaws Open the Edge to Attack
Attackers are using critical exploits for flaws in VPN appliances, app-delivery services, and other network-edge hardware and software to punch through corporate perimeters. What can companies do?
π΄ 8 Signs of a Smartphone Hack π΄
π Read
via "Dark Reading: ".
A rapidly dwindling battery life or sudden spike in data usage could indicate your iOS or Android device has been compromised.π Read
via "Dark Reading: ".
Dark Reading
8 Signs of a Smartphone Hack
A rapidly dwindling battery life or sudden spike in data usage could indicate your iOS or Android device has been compromised.
π CISOs discuss cybersecurity in the COVID-19 environment π
π Read
via "Security on TechRepublic".
A digital panel discussion sponsored by MIT's Sloan CIO Digital Learning Series covered a range of topics from protecting remote workers to phishing to how to manage risk.π Read
via "Security on TechRepublic".
TechRepublic
CISOs discuss cybersecurity in the COVID-19 environment
A digital panel discussion sponsored by MIT's Sloan CIO Digital Learning Series covered a range of topics from protecting remote workers to phishing to how to manage risk.
β Appleβs latest updates are out for iPhones and Macs β get them now! β
π Read
via "Naked Security".
None of Apple's bugs have nicknames like Microsoft's recent "SIGRed" - but there are nevertheless kernel-level code holes to be patched...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π How to install Malware Information Sharing Platform on Ubuntu Server 18.04 π
π Read
via "Security on TechRepublic".
If you're looking for a platform to help with the collection and sharing of cybersecurity events, you need not look any further than MISP. Jack Wallen shows you how to install this tool.π Read
via "Security on TechRepublic".
TechRepublic
How to install Malware Information Sharing Platform on Ubuntu Server 18.04
If you're looking for a platform to help with the collection and sharing of cybersecurity events, you need not look any further than MISP. Jack Wallen shows you how to install this tool.
β CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug β
π Read
via "Threatpost".
An emergency directive orders some federal agencies to apply Microsoftβs patch for a critical DNS vulnerability by Friday, July 17 at 2 p.m. (ET).π Read
via "Threatpost".
Threat Post
CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug
An emergency directive orders some federal agencies to apply Microsoftβs patch for a critical DNS vulnerability by Friday, July 17 at 2 p.m. ET.
π Phishing: Email fraudsters are impersonating colleagues, customers, and vendors, report says π
π Read
via "Security on TechRepublic".
Nearly a third of professionals said they have to remediate email-based attacks every day, GreatHorn found.π Read
via "Security on TechRepublic".
TechRepublic
Phishing: Email fraudsters are impersonating colleagues, customers, and vendors, report says
Nearly a third of professionals said they have to remediate email-based attacks every day, GreatHorn found.
β Twitter Hack Update: What We Know (and What We Donβt) β
π Read
via "Threatpost".
With limited confirmed information, a raft of theories and circumstantial evidence has come to light as to who was behind the attack and how they carried it out.π Read
via "Threatpost".
Threat Post
Twitter Hack Update: What We Know (and What We Donβt)
With limited confirmed information, a raft of theories and circumstantial evidence has come to light as to who was behind the attack and how they carried it out.
π΄ Cybercriminals Targeted Streaming Services to Provide Pandemic Entertainment π΄
π Read
via "Dark Reading: ".
Prior to 2020, about 1 in 5 credential attacks targeted video services, but that's nothing compared to the first quarter of 2020, according to newly published data.π Read
via "Dark Reading: ".
Dark Reading
Cybercriminals Targeted Streaming Services to Provide Pandemic Entertainment
Prior to 2020, about 1 in 5 credential attacks targeted video services, but that's nothing compared to the first quarter of 2020, according to newly published data.
π΄ Election Security: Recovering from 2016, Looking Toward 2020 π΄
π Read
via "Dark Reading: ".
Researchers publish the results of a four-year investigation and discuss whether the US is ready to secure its largest elections.π Read
via "Dark Reading: ".
Dark Reading
Election Security: Recovering from 2016, Looking Toward 2020
Researchers publish the results of a four-year investigation and discuss whether the US is ready to secure its largest elections.