β Fetish app put usersβ identities at risk with plain-text passwords β
π Read
via "Naked Security".
Whiplr, a naughty, naughty little app, has now secured passwords with "one-way encryption" and is "adding more security measures".π Read
via "Naked Security".
Naked Security
Fetish app put usersβ identities at risk with plain-text passwords
Whiplr, a naughty, naughty little app, has now secured passwords with βone-way encryptionβ and is βadding more security measuresβ.
β’ 'Father of Zeus' Kronos malware exploits Office bug to hijack your bank account β’
π Read
via "Latest topics for ZDNet in Security".
The $7000 malware shows there is serious money to be made in the banking Trojan market.π Read
via "Latest topics for ZDNet in Security".
ZDNet
'Father of Zeus' Kronos malware exploits Office bug to hijack your bank account | ZDNet
The $7000 malware shows there is serious money to be made in the banking Trojan market.
β Magecart Group Pinned in Recent British Airways Breach β
π Read
via "The first stop for security news | Threatpost ".
The Magecart Group has been blamed for the British Airways breach that compromised 380k payment cards.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Magecart Group Pinned in Recent British Airways Breach
The Magecart Group has been blamed for the British Airways breach that compromised 380k payment cards.
β Airbnb launches investigation after man finds hidden camera in clock β
π Read
via "Naked Security".
Trust your gut: if staring at that common object in your rental gives you the heebie jeebies, it might be because it's staring back at you.π Read
via "Naked Security".
Naked Security
Airbnb launches investigation after man finds hidden camera in clock
Trust your gut: if staring at that common object in your rental gives you the heebie jeebies, it might be because itβs staring back at you.
β The rise of targeted ransomware β
π Read
via "Naked Security".
Ransomware hasn't gone away, but it is getting quieter and more targeted.π Read
via "Naked Security".
Naked Security
The rise of targeted ransomware
Ransomware hasnβt gone away, but it is getting quieter and more targeted.
π These industries will soon be impacted by biometric security π
π Read
via "Security on TechRepublic".
BioCatch's VP Frances Zelazny explains why companies are dropping passwords in favor of biometric security like fingerprint and iris scanners.π Read
via "Security on TechRepublic".
TechRepublic
These industries will soon be impacted by biometric security
BioCatch's VP Frances Zelazny explains why companies are dropping passwords in favor of biometric security like fingerprint and iris scanners.
ATENTIONβΌ New - CVE-2016-7068
π Read
via "National Vulnerability Database".
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if the system becomes overloaded. This issue is based on the fact that the PowerDNS server parses all records present in a query regardless of whether they are needed or even legitimate. A specially crafted query containing a large number of records can be used to take advantage of that behaviour.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-7047
π Read
via "National Vulnerability Database".
A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. A user with permissions to use the MiqReportResults capability within the API could potentially view data from other tenants or groups to which they should not have access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-0750
π Read
via "National Vulnerability Database".
The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks.π Read
via "National Vulnerability Database".
π Why higher education is one of the worst industries at handling cyberattacks π
π Read
via "Security on TechRepublic".
Some 73% of institutions took three or more days to apply patches for cyberthreats, according to a recent EfficientIP report.π Read
via "Security on TechRepublic".
TechRepublic
Why higher education is one of the worst industries at handling cyberattacks
Some 73% of institutions took three or more days to apply patches for cyberthreats, according to a recent EfficientIP report.
β’ Online security 101: Tips for protecting your privacy from hackers and spies β’
π Read
via "Latest topics for ZDNet in Security".
This simple advice will help to protect you against hackers and government surveillance.π Read
via "Latest topics for ZDNet in Security".
ZDNet
Cybersecurity 101: Protect your privacy from hackers, spies, and the government | ZDNet
Simple steps can make the difference between losing your online accounts or maintaining what is now a precious commodity: Your privacy.
β Adobe Patches Six Critical Flaws in ColdFusion β
π Read
via "The first stop for security news | Threatpost ".
Adobe issued fixes for versions of its ColdFusion web development platform - including six critical flaws.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Adobe Patches Six Critical Flaws in ColdFusion
Adobe issued fixes for versions of its ColdFusion web development platform - including six critical flaws.
π΄ 4 Practical Measures to Improve Election Security Now π΄
π Read
via "Dark Reading: ".
It's more critical than ever for states to protect our democratic system and voting infrastructure from foreign cyber espionage.π Read
via "Dark Reading: ".
Darkreading
4 Practical Measures to Improve Election Security Now
It's more critical than ever for states to protect our democratic system and voting infrastructure from foreign cyber espionage.
β’ First IoT security bill reaches governor's desk in California β’
π Read
via "Latest topics for ZDNet in Security".
California IoT security bill criticized by security researcher. Expert says bill "is based upon an obviously superficial understanding of the problem."π Read
via "Latest topics for ZDNet in Security".
ZDNet
First IoT security bill reaches governor's desk in California | ZDNet
California IoT security bill criticized by security researcher. Expert says bill "is based upon an obviously superficial understanding of the problem."
π΄ British Airways Breach Linked to Ticketmaster Breach Attackers π΄
π Read
via "Dark Reading: ".
Magecart attackers hit airline with the same "digital skimmers" they used on the entertainment company in June, researchers say.π Read
via "Dark Reading: ".
Dark Reading
British Airways Breach Linked to Ticketmaster Breach Attackers
Magecart attackers hit airline with the same digital skimmers they used on the entertainment company in June, researchers say.
ATENTIONβΌ New - CVE-2016-7066
π Read
via "National Vulnerability Database".
It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitary operations.π Read
via "National Vulnerability Database".
β Drive away a Tesla today (even if it isnβt yours) β
π Read
via "Naked Security".
Raspberry Pi's processing power versus Tesla's Model X cryptography - victory for the little guy!π Read
via "Naked Security".
Naked Security
Drive away a Tesla today (even if it isnβt yours)
Raspberry Piβs processing power versus Teslaβs Model S cryptography β victory for the little guy!
ATENTIONβΌ New - CVE-2016-0715
π Read
via "National Vulnerability Database".
Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP Buildpack, Staticfile Buildpack and potentially other custom Buildpack applications vulnerable to remote information disclosure. Affected applications use automated buildpack detection, serve files directly from the root of the application and have a buildpack that matched after the Java Buildpack in the system buildpack priority when Java Buildpack versions 2.0 through 3.4 were present.π Read
via "National Vulnerability Database".
π΄ The Key to Stealing a Tesla Model S π΄
π Read
via "Dark Reading: ".
A team of hackers finds it's possible to steal a Tesla Model S by cloning the key fob.π Read
via "Dark Reading: ".
Dark Reading
The Key to Stealing a Tesla Model S
A team of hackers finds it's possible to steal a Tesla Model S by cloning the key fob.
β Millions of Records Exposed in Veeam Misconfigured Server β
π Read
via "The first stop for security news | Threatpost ".
Exposed data included names, emails addresses and IP addresses.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Millions of Records Exposed in Veeam Misconfigured Server
Exposed data included names, emails addresses and IP addresses.
β Bad Actors Sizing Up Systems Via Lightweight Recon Malware β
π Read
via "The first stop for security news | Threatpost ".
These stealthy downloaders initially infect systems and then only install additional malware on systems of interest.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Bad Actors Sizing Up Systems Via Lightweight Recon Malware
These stealthy downloaders initially infect systems and then only install additional malware on systems of interest.