ATENTIONβΌ New - CVE-2020-10982
π Read
via "National Vulnerability Database".
Gambio GX before 4.0.1.0 allows SQL Injection in admin/gv_mail.php.π Read
via "National Vulnerability Database".
π IBM finds cyberattacks costing companies nearly $4 million per breach π
π Read
via "Security on TechRepublic".
The study showed concrete financial benefits to having security systems and teams in place.π Read
via "Security on TechRepublic".
TechRepublic
IBM finds cyberattacks costing companies nearly $4 million per breach
The study showed concrete financial benefits to having security systems and teams in place.
π The future of encryption: Getting ready for the quantum computer attack π
π Read
via "Security on TechRepublic".
PQShield, a spin-out from the UK's Oxford University, is developing advanced cryptographic solutions for hardware, software and communications to protect businesses' data from the quantum threat.π Read
via "Security on TechRepublic".
TechRepublic
The future of encryption: Getting ready for the quantum computer attack
PQShield, a spin-out from the UK's Oxford University, is developing advanced cryptographic solutions for hardware, software and communications to protect businesses' data from the quantum threat.
β OkCupid Security Flaw Threatens Intimate Dater Details β
π Read
via "Threatpost".
Attackers could exploit various flaws in OkCupid's mobile app and webpage to steal victims' sensitive data and even send messages out from their profiles.π Read
via "Threatpost".
Threat Post
OkCupid Security Flaw Threatens Intimate Dater Details
Attackers could have exploited various flaws in OkCupid's mobile app and webpage to steal victims' sensitive data and even send messages out from their profiles.
β Facial-Recognition Flop: Face Masks Thwart Virus, Stump Security Systems β
π Read
via "Threatpost".
Algorithms clocked error rates of between 5% to 50% when comparing photos of people wearing digitally created masks with unmasked faces.π Read
via "Threatpost".
Threat Post
Facial-Recognition Flop: Face Masks Thwart Virus, Stump Security Systems
Algorithms clocked error rates of between 5% to 50% when comparing photos of people wearing digitally created masks with unmasked faces.
π 87% of Americans view data privacy as a human right, but most still use risky security practices π
π Read
via "Security on TechRepublic".
While 56% of Americans want more control over personal data, more than 40% said they reuse passwords, use public Wi-Fi, or save a credit card to an online store, KPMG found.π Read
via "Security on TechRepublic".
π΄ The Future's Biggest Cybercrime Threat May Already Be Here π΄
π Read
via "Dark Reading: ".
Current attacks will continue to be refined, and what may seem a weakness now could turn out to be a disaster.π Read
via "Dark Reading: ".
Dark Reading
The Future's Biggest Cybercrime Threat May Already Be Here
Current attacks will continue to be refined, and what may seem a weakness now could turn out to be a disaster.
π How to protect your website's database from hackers π
π Read
via "Security on TechRepublic".
A recent investigation by NordPass and a white hat hacker discovered more than 9,000 unsecured databases online with more than 10 billion individual entries.π Read
via "Security on TechRepublic".
TechRepublic
How to protect your website's database from hackers
A recent investigation by NordPass and a white hat hacker discovered more than 9,000 unsecured databases online with more than 10 billion individual entries.
π΄ How to Decipher InfoSec Job Titles' Mysteries π΄
π Read
via "Dark Reading: ".
Figuring out which cybersecurity job you want -- or are qualified for -- can be difficult when words have no consistent meaning in the industry.π Read
via "Dark Reading: ".
Dark Reading
How to Decipher InfoSec Job Titles' Mysteries
Figuring out which cybersecurity job you want -- or are qualified for -- can be difficult when words have no consistent meaning in the industry.
π How IT leaders were unprepared for the security challenges posed by COVID-19 π
π Read
via "Security on TechRepublic".
The top three challenges cited in a Tanium survey were identifying new computing devices, overwhelmed IT capacity due to VPN requirements, and increased risks from video conferencing.π Read
via "Security on TechRepublic".
TechRepublic
How IT leaders were unprepared for the security challenges posed by COVID-19
The top three challenges cited in a Tanium survey were identifying new computing devices, overwhelmed IT capacity due to VPN requirements, and increased risks from video conferencing.
π Most consumers do not trust big tech with their privacy π
π Read
via "Security on TechRepublic".
Social media and online shopping sites top the list of services consumers feel do not adequately protect their personal information.π Read
via "Security on TechRepublic".
TechRepublic
Most consumers do not trust big tech with their privacy
Social media and online shopping sites top the list of services consumers feel do not adequately protect their personal information.
π It's not OK, Cupid: Security flaws could expose user data and more π
π Read
via "Security on TechRepublic".
Researchers found a number of vulnerabilities that could give attackers access to a treasure trove of personally identifying information about members.π Read
via "Security on TechRepublic".
TechRepublic
It's not OK, Cupid: Security flaws could expose user data and more
Researchers found a number of vulnerabilities that could give attackers access to a treasure trove of personally identifying information about members.
β US tax service says, β2FA is a must!β β
π Read
via "Naked Security".
We know it's an old drum, but we're not tired of beating it yet: 2FA is your friend.π Read
via "Naked Security".
Naked Security
US tax service says, β2FA is a must!β
We know itβs an old drum, but weβre not tired of beating it yet: 2FA is your friend.
β Critical Security Flaw in WordPress Plugin Allows RCE β
π Read
via "Threatpost".
WordPress plugin Comments β wpDiscuz, which is installed on over 70,000 sites, has issued a patch.π Read
via "Threatpost".
Threat Post
Critical Security Flaw in WordPress Plugin Allows RCE
WordPress plugin Comments β wpDiscuz, which is installed on over 70,000 sites, has issued a patch.
β Critical Bugs in Utilities VPNs Could Cause Physical Damage β
π Read
via "Threatpost".
Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.π Read
via "Threatpost".
Threat Post
Critical Bugs in Utilities VPNs Could Cause Physical Damage
Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.
π΄ Technical Challenges of IoT Cybersecurity in a Post-COVID-19 World π΄
π Read
via "Dark Reading: ".
Effective management of vulnerabilities can be done only when information about supply chain dependencies is accurate and recent.π Read
via "Dark Reading: ".
Dark Reading
Technical Challenges of IoT Cybersecurity in a Post-COVID-19 World
Effective management of vulnerabilities can be done only when information about supply chain dependencies is accurate and recent.
π Sifter 9 π
π Go!
via "Security Tool Files β Packet Storm".
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Sifter 9 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Hydra Network Logon Cracker 9.1 π
π Go!
via "Security Tool Files β Packet Storm".
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Hydra Network Logon Cracker 9.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2020-11934
π Read
via "National Vulnerability Database".
It was discovered that snapctl user-open allowed altering the $XDG_DATA_DIRS environment variable when calling the system xdg-open. OpenURL() in usersession/userd/launcher.go would alter $XDG_DATA_DIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this to bypass intended access restrictions to control how the host system xdg-open script opens the URL and, for example, execute a script shipped with the snap without confinement. This issue did not affect Ubuntu Core systems. Fixed in snapd versions 2.45.1ubuntu0.2, 2.45.1+18.04.2 and 2.45.1+20.04.2.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-11933
π Read
via "National Vulnerability Database".
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659.π Read
via "National Vulnerability Database".
π΄ Dark Reading Video News Desk Returns to Black Hat π΄
π Read
via "Dark Reading: ".
Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!π Read
via "Dark Reading: ".
Dark Reading
Dark Reading Video News Desk Returns to Black Hat
Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!