β Enterprise Data Security: Itβs Time to Flip the Established Approach β
π Read
via "Threatpost".
Companies should forget about auditing where data resides and who has access to it.π Read
via "Threatpost".
Threat Post
Enterprise Data Security: Itβs Time to Flip the Established Approach
Companies should forget about auditing where data resides and who has access to it.
π΄ Major Flaws Open the Edge to Attack π΄
π Read
via "Dark Reading: ".
Attackers are using critical exploits for flaws in VPN appliances, app-delivery services, and other network-edge hardware and software to punch through corporate perimeters. What can companies do?π Read
via "Dark Reading: ".
Dark Reading
Major Flaws Open the Edge to Attack
Attackers are using critical exploits for flaws in VPN appliances, app-delivery services, and other network-edge hardware and software to punch through corporate perimeters. What can companies do?
π΄ 8 Signs of a Smartphone Hack π΄
π Read
via "Dark Reading: ".
A rapidly dwindling battery life or sudden spike in data usage could indicate your iOS or Android device has been compromised.π Read
via "Dark Reading: ".
Dark Reading
8 Signs of a Smartphone Hack
A rapidly dwindling battery life or sudden spike in data usage could indicate your iOS or Android device has been compromised.
π CISOs discuss cybersecurity in the COVID-19 environment π
π Read
via "Security on TechRepublic".
A digital panel discussion sponsored by MIT's Sloan CIO Digital Learning Series covered a range of topics from protecting remote workers to phishing to how to manage risk.π Read
via "Security on TechRepublic".
TechRepublic
CISOs discuss cybersecurity in the COVID-19 environment
A digital panel discussion sponsored by MIT's Sloan CIO Digital Learning Series covered a range of topics from protecting remote workers to phishing to how to manage risk.
β Appleβs latest updates are out for iPhones and Macs β get them now! β
π Read
via "Naked Security".
None of Apple's bugs have nicknames like Microsoft's recent "SIGRed" - but there are nevertheless kernel-level code holes to be patched...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π How to install Malware Information Sharing Platform on Ubuntu Server 18.04 π
π Read
via "Security on TechRepublic".
If you're looking for a platform to help with the collection and sharing of cybersecurity events, you need not look any further than MISP. Jack Wallen shows you how to install this tool.π Read
via "Security on TechRepublic".
TechRepublic
How to install Malware Information Sharing Platform on Ubuntu Server 18.04
If you're looking for a platform to help with the collection and sharing of cybersecurity events, you need not look any further than MISP. Jack Wallen shows you how to install this tool.
β CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug β
π Read
via "Threatpost".
An emergency directive orders some federal agencies to apply Microsoftβs patch for a critical DNS vulnerability by Friday, July 17 at 2 p.m. (ET).π Read
via "Threatpost".
Threat Post
CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug
An emergency directive orders some federal agencies to apply Microsoftβs patch for a critical DNS vulnerability by Friday, July 17 at 2 p.m. ET.
π Phishing: Email fraudsters are impersonating colleagues, customers, and vendors, report says π
π Read
via "Security on TechRepublic".
Nearly a third of professionals said they have to remediate email-based attacks every day, GreatHorn found.π Read
via "Security on TechRepublic".
TechRepublic
Phishing: Email fraudsters are impersonating colleagues, customers, and vendors, report says
Nearly a third of professionals said they have to remediate email-based attacks every day, GreatHorn found.
β Twitter Hack Update: What We Know (and What We Donβt) β
π Read
via "Threatpost".
With limited confirmed information, a raft of theories and circumstantial evidence has come to light as to who was behind the attack and how they carried it out.π Read
via "Threatpost".
Threat Post
Twitter Hack Update: What We Know (and What We Donβt)
With limited confirmed information, a raft of theories and circumstantial evidence has come to light as to who was behind the attack and how they carried it out.
π΄ Cybercriminals Targeted Streaming Services to Provide Pandemic Entertainment π΄
π Read
via "Dark Reading: ".
Prior to 2020, about 1 in 5 credential attacks targeted video services, but that's nothing compared to the first quarter of 2020, according to newly published data.π Read
via "Dark Reading: ".
Dark Reading
Cybercriminals Targeted Streaming Services to Provide Pandemic Entertainment
Prior to 2020, about 1 in 5 credential attacks targeted video services, but that's nothing compared to the first quarter of 2020, according to newly published data.
π΄ Election Security: Recovering from 2016, Looking Toward 2020 π΄
π Read
via "Dark Reading: ".
Researchers publish the results of a four-year investigation and discuss whether the US is ready to secure its largest elections.π Read
via "Dark Reading: ".
Dark Reading
Election Security: Recovering from 2016, Looking Toward 2020
Researchers publish the results of a four-year investigation and discuss whether the US is ready to secure its largest elections.
π Friday Five: 7/17 Edition π
π Read
via "Subscriber Blog RSS Feed ".
US Secret Service forms a cyber fraud task force, Twitter deals with the hacking of high-profile Twitter accounts, and more - catch up on all the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 7/17 Edition
US Secret Service forms a cyber fraud task force, Twitter deals with the hacking of high-profile Twitter accounts, and more - catch up on all the week's news with the Friday Five.
π Sifter 8.5 π
π Go!
via "Security Tool Files β Packet Storm".
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Sifter 8.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π SMB12 Information Gathering π
π Go!
via "Security Tool Files β Packet Storm".
SMB12 Information Gathering is a data gathering python script that inspects SMB1 and SMB2 endpoints. It will extract various attributes from the remote server such as OS version (only supported by SMB1 as per protocol definition), DNS computer name, DNS domain name, NetBIOS computer name and NetBIOS domain name (SMB1 and SMB2).π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
SMB12 Information Gathering β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover β
π Read
via "Threatpost".
Less than 500 machines have been patched since U.S. Cyber Command issued an alert to patch a critical bug that's under active exploit.π Read
via "Threatpost".
Threat Post
Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover
Less than 500 machines have been patched since U.S. Cyber Command issued an alert to patch a critical bug that's under active exploit.
π΄ Emotet Lives! π΄
π Read
via "Dark Reading: ".
Emotet malware has back to action after a four-month hiatus that allowed cybersecurity experts to worry about other things.π Read
via "Dark Reading: ".
Dark Reading
Emotet Lives!
Emotet malware has back to action after a four-month hiatus that allowed cybersecurity experts to worry about other things.
ATENTIONβΌ New - CVE-2019-4090
π Read
via "National Vulnerability Database".
"HCL Campaign is vulnerable to cross-site scripting when a user provides XSS scripts in Campaign Description field."π Read
via "National Vulnerability Database".
π This new open source project could be key to securing database applications π
π Read
via "Security on TechRepublic".
Commentary: Cyral has been on a roll with two open source projects designed to make security a natural part of the development workflow.π Read
via "Security on TechRepublic".
TechRepublic
This new open source project could be key to securing database applications
Commentary: Cyral has been on a roll with two open source projects designed to make security a natural part of the development workflow.
ATENTIONβΌ New - CVE-2019-12000
π Read
via "National Vulnerability Database".
HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging Gateway Configuration and Operations Guide.π Read
via "National Vulnerability Database".
β Monday review β the hot stories of the week β
π Read
via "Naked Security".
Catch up on the past week's stories, and watch our latest Naked Security Live video.π Read
via "Naked Security".
Naked Security
Monday review β the hot stories of the week
Catch up on the past weekβs stories, and watch our latest Naked Security Live video.
π Microsoft Defender ATP for Android: This security software can help protect your devices and data π
π Read
via "Security on TechRepublic".
Microsoft recently announced its first Android security tooling. But what is it for, and should you deploy it to your users?π Read
via "Security on TechRepublic".