β Citrix Warns of Critical Flaws in XenMobile Server β
π Read
via "Threatpost".
Citrix said that it anticipates malicious actors "will move quickly to exploit" two critical flaws in its mobile device management software.π Read
via "Threatpost".
Threat Post
Citrix Warns of Critical Flaws in XenMobile Server
Citrix said that it anticipates malicious actors "will move quickly to exploit" two critical flaws in its mobile device management software.
π΄ Name That Toon: 'Rise' and Shine π΄
π Read
via "Dark Reading: ".
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading: ".
Dark Reading
Name That Toon: 'Rise' and Shine
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
π΄ SANS Security Training Firm Hit with Data Breach π΄
π Read
via "Dark Reading: ".
A phishing email allowed an attacker to compromise a SANS employee's email environment, the organization reports.π Read
via "Dark Reading: ".
Darkreading
SANS Security Training Firm Hit with Data Breach
A phishing email allowed an attacker to compromise a SANS employee's email environment, the organization reports.
π SANS cybersecurity training firm suffers data breach due to phishing attack π
π Read
via "Security on TechRepublic".
The breach compromised 28,000 records, exposing such data as names, phone numbers, physical addresses, and email addresses.π Read
via "Security on TechRepublic".
TechRepublic
SANS cybersecurity training firm suffers data breach due to phishing attack
The breach compromised 28,000 records, exposing such data as names, phone numbers, physical addresses, and email addresses.
π΄ Using 'Data for Good' to Control the Pandemic π΄
π Read
via "Dark Reading: ".
The tech community should unite to develop and distribute a universal COVID-19 contact-tracing application. Here's why and how.π Read
via "Dark Reading: ".
Dark Reading
Using 'Data for Good' to Control the Pandemic
The tech community should unite to develop and distribute a universal COVID-19 contact-tracing application. Here's why and how.
π Zoom Hit With Lawsuit Over Encryption Claims π
π Read
via "Subscriber Blog RSS Feed ".
A consumer advocacy group filed a lawsuit against the web conferencing software company alleging it misrepresented the level of security it uses to protect communications.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Zoom Hit With Lawsuit Over Encryption Claims
A consumer advocacy group filed a lawsuit against the web conferencing software company alleging it misrepresented the level of security it uses to protect communications.
π Cybersecurity and remote support are top goals for CIOs in 2020 π
π Read
via "Security on TechRepublic".
Most IT leaders say their priorities have shifted since the coronavirus pandemic surfaced around the start of the year, says Hitachi ID.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity and remote support are top goals for CIOs in 2020
Most IT leaders say their priorities have shifted since the coronavirus pandemic surfaced around the start of the year, says Hitachi ID.
π΄ FireEye Announces New Bug-Bounty Program π΄
π Read
via "Dark Reading: ".
The program, administered by Bugcrowd, will pay bounties of up to $2,500 per vulnerability.π Read
via "Dark Reading: ".
Dark Reading
FireEye Announces New Bug-Bounty Program
The program, administered by Bugcrowd, will pay bounties of up to $2,500 per vulnerability.
π Abandoned apps like TikTok pose a security risk in a BYOD world π
π Read
via "Security on TechRepublic".
Social media apps put corporate networks at risk and provide raw material for deep fakes.π Read
via "Security on TechRepublic".
TechRepublic
Abandoned apps like TikTok pose a security risk in a BYOD world
Social media apps put corporate networks at risk and provide raw material for deep fakes.
ATENTIONβΌ New - CVE-2020-0555
π Read
via "National Vulnerability Database".
Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0554
π Read
via "National Vulnerability Database".
Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8.1 and 10 may allow an unprivileged user to potentially enable escalation of privilege via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0553
π Read
via "National Vulnerability Database".
Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially enable information disclosure via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0513
π Read
via "National Vulnerability Database".
Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0512
π Read
via "National Vulnerability Database".
Uncaught exception in the system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0510
π Read
via "National Vulnerability Database".
Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-14630
π Read
via "National Vulnerability Database".
Reliance on untrusted inputs in a security decision in some Intel(R) Thunderbolt(TM) controllers may allow unauthenticated user to potentially enable information disclosure via physical access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-14620
π Read
via "National Vulnerability Database".
Insufficient control flow management for some Intel(R) Wireless Bluetooth(R) products may allow an unprivileged user to potentially enable denial of service via adjacent access.π Read
via "National Vulnerability Database".
β Amazon Alexa βOne-Clickβ Attack Can Divulge Personal Data β
π Read
via "Threatpost".
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.π Read
via "Threatpost".
Threat Post
Amazon Fixes Alexa Glitch That Could Have Divulged Personal Data
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.
β High-Severity TinyMCE Cross-Site Scripting Flaw Fixed β
π Read
via "Threatpost".
The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.π Read
via "Threatpost".
Threat Post
High-Severity TinyMCE Cross-Site Scripting Flaw Fixed
The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.
β ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls β
π Read
via "Threatpost".
Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.π Read
via "Threatpost".
Threat Post
ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls
Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.
π΄ Emotet Return Brings New Tactics & Evasion Techniques π΄
π Read
via "Dark Reading: ".
Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.π Read
via "Dark Reading: ".
Dark Reading
Emotet Return Brings New Tactics & Evasion Techniques
Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.