π How to make your PC passwordless in the Windows 10 May 2020 Update π
π Read
via "Security on TechRepublic".
You don't need an account password to sign into Windows 10 version 2004.π Read
via "Security on TechRepublic".
TechRepublic
How to make your PC passwordless in the Windows 10 May 2020 Update
You don't need an account password to sign into Windows 10 version 2004.
ATENTIONβΌ New - CVE-2020-11584
π Read
via "National Vulnerability Database".
A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-11583
π Read
via "National Vulnerability Database".
A GET-based XSS reflected vulnerability in Plesk Obsidian 18.0.17 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter.π Read
via "National Vulnerability Database".
π΄ 11 Hot Startups to Watch at Black Hat USA π΄
π Read
via "Dark Reading: ".
A sneak peek at the up-and-coming organizations to check out on the Black Hat USA virtual show floor.π Read
via "Dark Reading: ".
Dark Reading
Slideshows - Dark Reading
Dark Reading: Connecting The Information Security Community. Explore our slideshows.
π΄ 11 Hot Startups to Watch at Black Hat USA π΄
π Read
via "Dark Reading: ".
A sneak peek at the up-and-coming organizations to check out on the Black Hat USA virtual show floor.π Read
via "Dark Reading: ".
Dark Reading
11 Hot Startups to Watch at Black Hat USA
A sneak peek at the up-and-coming organizations to check out on the Black Hat USA virtual show floor.
π VMware Carbon Black Threat Report finds hackers using more aggressive and destructive tactics π
π Read
via "Security on TechRepublic".
Security firm recommends digital distancing for devices and more collaboration between IT and security teams to harden the attack surface.π Read
via "Security on TechRepublic".
TechRepublic
VMware Carbon Black Threat Report finds hackers using more aggressive and destructive tactics
Security firm recommends digital distancing for devices and more collaboration between IT and security teams to harden the attack surface.
β GandCrab ransomware hacker arrested in Belarus β
π Read
via "Naked Security".
Suspect is alleged to have extorted more than 1000 people, mostly in India, US, Ukraine, UK, Germany, France, Italy and Russia.π Read
via "Naked Security".
Naked Security
GandCrab ransomware hacker arrested in Belarus
Suspect is alleged to have extorted more than 1000 people, mostly in India, US, Ukraine, UK, Germany, France, Italy and Russia.
β Podcast: Learning to βSpeak the Languageβ of OT Security Teams β
π Read
via "Threatpost".
Andrew Ginter, VP Industrial Security at Waterfall Security Solutions, talks about the differing priorities between IT and OT security teams as industrial control systems become connected.π Read
via "Threatpost".
Threat Post
Podcast: Learning to βSpeak the Languageβ of OT Security Teams
Andrew Ginter, VP Industrial Security at Waterfall Security Solutions, talks about the differing priorities between IT and OT security teams as industrial control systems become connected.
β Apple Knocked Off Perch as Most Imitated Brand for Phishing Attacks β
π Read
via "Threatpost".
COVID-19 pandemic spurs spoofing preference changes, plus a surge in email-based attacks.π Read
via "Threatpost".
Threat Post
Apple Knocked Off Perch as Most Imitated Brand for Phishing Attacks
COVID-19 pandemic spurs spoofing preference changes, plus a surge in email-based attacks.
π How poor security practices from remote employees are wasting the time of IT staff π
π Read
via "Security on TechRepublic".
Along with the independence remote work affords employees comes the use of shadow IT and poor password practices, according to a new survey by 1Password.π Read
via "Security on TechRepublic".
TechRepublic
How poor security practices from remote employees are wasting the time of IT staff
Along with the independence remote work affords employees comes the use of shadow IT and poor password practices, according to a new survey by 1Password.
π Study finds misconfigured cloud storage services in 93% of cloud deployments analyzed π
π Read
via "Security on TechRepublic".
An Accurics study said cloud breaches will likely increase in velocity and scale as more enterprises move to the cloud.π Read
via "Security on TechRepublic".
TechRepublic
Study finds misconfigured cloud storage services in 93% of cloud deployments analyzed
An Accurics study said cloud breaches will likely increase in velocity and scale as more enterprises move to the cloud.
π΄ Securing IoT as a Remote Workforce Strategy π΄
π Read
via "Dark Reading: ".
Digital transformation with Internet of Things devices offers organizations a way forward in the era of COVID-19. Optimizing this approach for the future will need to start with security.π Read
via "Dark Reading: ".
Dark Reading
Securing IoT as a Remote Workforce Strategy
Digital transformation with Internet of Things devices offers organizations a way forward in the era of COVID-19. Optimizing this approach for the future will need to start with security.
ATENTIONβΌ New - CVE-2019-20001
π Read
via "National Vulnerability Database".
An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges.π Read
via "National Vulnerability Database".
β Twitter Could Face $250M FTC Fine Over Improper Data Use β
π Read
via "Threatpost".
The potential FTC fine comes after Twitter last year acknowledged that user emails and phone numbers were being used for targeted advertising.π Read
via "Threatpost".
Threat Post
Twitter Could Face $250M FTC Fine Over Improper Data Use
The potential FTC fine comes after Twitter last year acknowledged that user emails and phone numbers were being used for targeted advertising.
π Sifter 9.2 π
π Go!
via "Security Tool Files β Packet Storm".
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Sifter 9.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π SQLMAP - Automatic SQL Injection Tool 1.4.8 π
π Go!
via "Security Tool Files β Packet Storm".
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
SQLMAP - Automatic SQL Injection Tool 1.4.8 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Google & Amazon Replace Apple as Phishers' Favorite Brands π΄
π Read
via "Dark Reading: ".
Google and Amazon were the most imitated brands in the second quarter, knocking out Apple.π Read
via "Dark Reading: ".
Dark Reading
Google & Amazon Replace Apple as Phishers' Favorite Brands
Google and Amazon were the most imitated brands in the second quarter, knocking out Apple.
π Google and Amazon most impersonated brands in phishing attacks π
π Read
via "Security on TechRepublic".
WhatsApp, Facebook, and Microsoft rounded out the top five as the most spoofed brands last quarter, says Check Point Research.π Read
via "Security on TechRepublic".
π΄ Retooling the SOC for a Post-COVID World π΄
π Read
via "Dark Reading: ".
Residual work-from-home policies will require changes to security policies, procedures, and technologies.π Read
via "Dark Reading: ".
Dark Reading
Retooling the SOC for a Post-COVID World
Residual work-from-home policies will require changes to security policies, procedures, and technologies.