β Microsoft Revamps Windows Insider Preview Bug Bounty Program β
π Read
via "Threatpost".
Researchers can earn up to $100,000 for finding vulnerabilities in Microsoft's revamped Windows Insider Preview bug bounty program.π Read
via "Threatpost".
Threat Post
Microsoft Revamps Windows Insider Preview Bug Bounty Program
Researchers can earn up to $100,000 for finding vulnerabilities in Microsoft's revamped Windows Insider Preview bug bounty program.
π΄ Ratings for Open Source Projects Aim to Make Software More Secure π΄
π Read
via "Dark Reading: ".
Two companies have teamed up to rate open source projects, but can adopting repository ratings help developers make better decisions regarding open source?π Read
via "Dark Reading: ".
Dark Reading
Ratings for Open Source Projects Aim to Make Software More Secure
Two companies have teamed up to rate open source projects, but can adopting repository ratings help developers make better decisions regarding open source?
π΄ ShinyHunters Offers Stolen Data on Dark Web π΄
π Read
via "Dark Reading: ".
The threat actor offers more than 26 million records from a series of data breaches.π Read
via "Dark Reading: ".
Dark Reading
ShinyHunters Offers Stolen Data on Dark Web
The threat actor offers more than 26 million records from a series of data breaches.
ATENTIONβΌ New - CVE-2020-12460
π Read
via "National Vulnerability Database".
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 has improper null termination in the function opendmarc_xml_parse that can result in a one-byte heap overflow in opendmarc_xml when parsing a specially crafted DMARC aggregate report. This can cause remote memory corruption when a '\0' byte overwrites the heap metadata of the next chunk and its PREV_INUSE flag.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10643
π Read
via "National Vulnerability Database".
An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component.π Read
via "National Vulnerability Database".
π Why security professionals are facing more work stress π
π Read
via "Security on TechRepublic".
A lack of time and a lack of executive support are two of the top causes of stress, according to a LogRhythm report.π Read
via "Security on TechRepublic".
TechRepublic
Why security professionals are facing more work stress
A lack of time and a lack of executive support are two of the top causes of stress, according to a LogRhythm report.
π Distance learning makes universities more vulnerable to cyberattack π
π Read
via "Security on TechRepublic".
Expert suggests universities take extra care to prevent attacks while students are learning from home.π Read
via "Security on TechRepublic".
TechRepublic
Distance learning makes universities more vulnerable to cyberattack
Expert suggests universities take extra care to prevent attacks while students are learning from home.
π Distance learning makes universities more vulnerable to cyberattack π
π Read
via "Security on TechRepublic".
Expert suggests universities take extra care to prevent attacks while students are learning from home.π Read
via "Security on TechRepublic".
TechRepublic
Distance learning makes universities more vulnerable to cyberattack
Expert suggests universities take extra care to prevent attacks while students are learning from home.
β Researchers Warn of High-Severity Dell PowerEdge Server Flaw β
π Read
via "Threatpost".
A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over control of server operations.π Read
via "Threatpost".
Threat Post
Researchers Warn of High-Severity Dell PowerEdge Server Flaw
A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over control of server operations.
β Podcast: Security Lessons Learned In Times of Uncertainty β
π Read
via "Threatpost".
Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2020.π Read
via "Threatpost".
Threat Post
Podcast: Security Lessons Learned In Times of Uncertainty
Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2020.
π΄ As Businesses Move to the Cloud, Cybercriminals Follow Close Behind π΄
π Read
via "Dark Reading: ".
In the wake of COVID-19, data theft is by far the top tactic, followed by cryptomining and ransomware.π Read
via "Dark Reading: ".
Dark Reading
As Businesses Move to the Cloud, Cybercriminals Follow Close Behind
In the wake of COVID-19, data theft is by far the top tactic, followed by cryptomining and ransomware.
π Zeek 3.1.5 π
π Go!
via "Security Tool Files β Packet Storm".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Zeek 3.1.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2019-4731
π Read
via "National Vulnerability Database".
IBM MQ Appliance 9.1.4.CD could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 172616.π Read
via "National Vulnerability Database".
π Box announces added security to Box Shield solution with automation classification π
π Read
via "Security on TechRepublic".
Using machine learning, Shield automatically scans files and classifies them based on content, detecting and securing sensitive information.π Read
via "Security on TechRepublic".
TechRepublic
Box announces added security to Box Shield solution with automation classification
Using machine learning, Shield automatically scans files and classifies them based on content, detecting and securing sensitive information.
ATENTIONβΌ New - CVE-2020-13915
π Read
via "National Vulnerability Database".
Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-13914
π Read
via "National Vulnerability Database".
webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-13913
π Read
via "National Vulnerability Database".
An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices.π Read
via "National Vulnerability Database".
β Firefox 79 is out β itβs a double-update month so patch now! β
π Read
via "Naked Security".
It's a Blue Moon month for Firefox - the second full update in July!π Read
via "Naked Security".
Naked Security
Firefox 79 is out β itβs a double-update month so patch now!
Itβs a Blue Moon month for Firefox β the second full update in July!
π Experts: Devastating ransomware attack on Garmin highlights danger of haphazard breach responses π
π Read
via "Security on TechRepublic".
The GPS maker scrambled to contain the aftermath of an attack as employees took to social media to describe what was happening.π Read
via "Security on TechRepublic".
TechRepublic
Experts: Devastating ransomware attack on Garmin highlights danger of haphazard breach responses
The GPS maker scrambled to contain the aftermath of an attack as employees took to social media to describe what was happening.
π΄ Autonomous IT: Less Reacting, More Securing π΄
π Read
via "Dark Reading: ".
Keeping data secure requires a range of skills and perfect execution. AI makes that possible.π Read
via "Dark Reading: ".
Dark Reading
Autonomous IT: Less Reacting, More Securing
Keeping data secure requires a range of skills and perfect execution. AI makes that possible.
π΄ 7.5M Banking Customers Affected in Dave Security Breach π΄
π Read
via "Dark Reading: ".
The financial services app confirms user data was compromised in a data breach at its former third-party provider, WayDev.π Read
via "Dark Reading: ".
Dark Reading
7.5M Banking Customers Affected in Dave Security Breach
The financial services app confirms user data was compromised in a data breach at its former third-party provider, WayDev.