π SANS cybersecurity training firm suffers data breach due to phishing attack π
π Read
via "Security on TechRepublic".
The breach compromised 28,000 records, exposing such data as names, phone numbers, physical addresses, and email addresses.π Read
via "Security on TechRepublic".
TechRepublic
SANS cybersecurity training firm suffers data breach due to phishing attack
The breach compromised 28,000 records, exposing such data as names, phone numbers, physical addresses, and email addresses.
π΄ Using 'Data for Good' to Control the Pandemic π΄
π Read
via "Dark Reading: ".
The tech community should unite to develop and distribute a universal COVID-19 contact-tracing application. Here's why and how.π Read
via "Dark Reading: ".
Dark Reading
Using 'Data for Good' to Control the Pandemic
The tech community should unite to develop and distribute a universal COVID-19 contact-tracing application. Here's why and how.
π Zoom Hit With Lawsuit Over Encryption Claims π
π Read
via "Subscriber Blog RSS Feed ".
A consumer advocacy group filed a lawsuit against the web conferencing software company alleging it misrepresented the level of security it uses to protect communications.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Zoom Hit With Lawsuit Over Encryption Claims
A consumer advocacy group filed a lawsuit against the web conferencing software company alleging it misrepresented the level of security it uses to protect communications.
π Cybersecurity and remote support are top goals for CIOs in 2020 π
π Read
via "Security on TechRepublic".
Most IT leaders say their priorities have shifted since the coronavirus pandemic surfaced around the start of the year, says Hitachi ID.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity and remote support are top goals for CIOs in 2020
Most IT leaders say their priorities have shifted since the coronavirus pandemic surfaced around the start of the year, says Hitachi ID.
π΄ FireEye Announces New Bug-Bounty Program π΄
π Read
via "Dark Reading: ".
The program, administered by Bugcrowd, will pay bounties of up to $2,500 per vulnerability.π Read
via "Dark Reading: ".
Dark Reading
FireEye Announces New Bug-Bounty Program
The program, administered by Bugcrowd, will pay bounties of up to $2,500 per vulnerability.
π Abandoned apps like TikTok pose a security risk in a BYOD world π
π Read
via "Security on TechRepublic".
Social media apps put corporate networks at risk and provide raw material for deep fakes.π Read
via "Security on TechRepublic".
TechRepublic
Abandoned apps like TikTok pose a security risk in a BYOD world
Social media apps put corporate networks at risk and provide raw material for deep fakes.
ATENTIONβΌ New - CVE-2020-0555
π Read
via "National Vulnerability Database".
Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0554
π Read
via "National Vulnerability Database".
Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8.1 and 10 may allow an unprivileged user to potentially enable escalation of privilege via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0553
π Read
via "National Vulnerability Database".
Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially enable information disclosure via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0513
π Read
via "National Vulnerability Database".
Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0512
π Read
via "National Vulnerability Database".
Uncaught exception in the system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0510
π Read
via "National Vulnerability Database".
Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-14630
π Read
via "National Vulnerability Database".
Reliance on untrusted inputs in a security decision in some Intel(R) Thunderbolt(TM) controllers may allow unauthenticated user to potentially enable information disclosure via physical access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-14620
π Read
via "National Vulnerability Database".
Insufficient control flow management for some Intel(R) Wireless Bluetooth(R) products may allow an unprivileged user to potentially enable denial of service via adjacent access.π Read
via "National Vulnerability Database".
β Amazon Alexa βOne-Clickβ Attack Can Divulge Personal Data β
π Read
via "Threatpost".
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.π Read
via "Threatpost".
Threat Post
Amazon Fixes Alexa Glitch That Could Have Divulged Personal Data
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.
β High-Severity TinyMCE Cross-Site Scripting Flaw Fixed β
π Read
via "Threatpost".
The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.π Read
via "Threatpost".
Threat Post
High-Severity TinyMCE Cross-Site Scripting Flaw Fixed
The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.
β ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls β
π Read
via "Threatpost".
Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.π Read
via "Threatpost".
Threat Post
ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls
Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.
π΄ Emotet Return Brings New Tactics & Evasion Techniques π΄
π Read
via "Dark Reading: ".
Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.π Read
via "Dark Reading: ".
Dark Reading
Emotet Return Brings New Tactics & Evasion Techniques
Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.
π΄ Adaptive Shield Emerges From Stealth π΄
π Read
via "Dark Reading: ".
Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.π Read
via "Dark Reading: ".
Dark Reading
Adaptive Shield Emerges From Stealth
Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.
π Amazon Alexa flaws could have revealed home address and other personal data π
π Read
via "Security on TechRepublic".
The flaws could also have helped attackers obtain usernames, phone numbers, voice history, and installed skills, says Check Point Research.π Read
via "Security on TechRepublic".
TechRepublic
Amazon Alexa flaws could have revealed home address and other personal data
The flaws could also have helped attackers obtain usernames, phone numbers, voice history, and installed skills, says Check Point Research.
π΄ With iOS's Privacy Nutrition Label, Apple Upstages Regulators π΄
π Read
via "Dark Reading: ".
New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.π Read
via "Dark Reading: ".
Dark Reading
With iOS's Privacy Nutrition Label, Apple Upstages Regulators
New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.