ATENTIONβΌ New - CVE-2019-14620
π Read
via "National Vulnerability Database".
Insufficient control flow management for some Intel(R) Wireless Bluetooth(R) products may allow an unprivileged user to potentially enable denial of service via adjacent access.π Read
via "National Vulnerability Database".
β Amazon Alexa βOne-Clickβ Attack Can Divulge Personal Data β
π Read
via "Threatpost".
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.π Read
via "Threatpost".
Threat Post
Amazon Fixes Alexa Glitch That Could Have Divulged Personal Data
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.
β High-Severity TinyMCE Cross-Site Scripting Flaw Fixed β
π Read
via "Threatpost".
The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.π Read
via "Threatpost".
Threat Post
High-Severity TinyMCE Cross-Site Scripting Flaw Fixed
The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.
β ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls β
π Read
via "Threatpost".
Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.π Read
via "Threatpost".
Threat Post
ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls
Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.
π΄ Emotet Return Brings New Tactics & Evasion Techniques π΄
π Read
via "Dark Reading: ".
Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.π Read
via "Dark Reading: ".
Dark Reading
Emotet Return Brings New Tactics & Evasion Techniques
Security researchers tracking Emotet report its reemergence brings new tricks, including new evasion techniques to bypass security tools.
π΄ Adaptive Shield Emerges From Stealth π΄
π Read
via "Dark Reading: ".
Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.π Read
via "Dark Reading: ".
Dark Reading
Adaptive Shield Emerges From Stealth
Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.
π Amazon Alexa flaws could have revealed home address and other personal data π
π Read
via "Security on TechRepublic".
The flaws could also have helped attackers obtain usernames, phone numbers, voice history, and installed skills, says Check Point Research.π Read
via "Security on TechRepublic".
TechRepublic
Amazon Alexa flaws could have revealed home address and other personal data
The flaws could also have helped attackers obtain usernames, phone numbers, voice history, and installed skills, says Check Point Research.
π΄ With iOS's Privacy Nutrition Label, Apple Upstages Regulators π΄
π Read
via "Dark Reading: ".
New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.π Read
via "Dark Reading: ".
Dark Reading
With iOS's Privacy Nutrition Label, Apple Upstages Regulators
New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.
π΄ Security Jobs With a Future -- And Ones on the Way Out π΄
π Read
via "Dark Reading: ".
Some titles are hot, while others are not, amid rapidly shifting business priorities.π Read
via "Dark Reading: ".
Dark Reading
Security Jobs With a Future -- And Ones on the Way Out
Some titles are hot, while others are not, amid rapidly shifting business priorities.
ATENTIONβΌ New - CVE-2019-4582
π Read
via "National Vulnerability Database".
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 167288.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-16374
π Read
via "National Vulnerability Database".
Pega Platform 8.2.1 allows LDAP injection because a username can contain a * character and can be of unlimited length. An attacker can specify four characters of a username, followed by the * character, to bypass access control.π Read
via "National Vulnerability Database".
β New Global Threat Landscape Report Reveals βUnprecedentedβ Cyberattacks β
π Read
via "Threatpost".
Fortinet's recently released Global Threat Landscape Report shows how the perimeter is extending to the home in the first half of 2020 - and what that means for cybercrime.π Read
via "Threatpost".
Threat Post
New Global Threat Landscape Report Reveals βUnprecedentedβ Cyberattacks
Fortinet's recently released Global Threat Landscape Report shows how the perimeter is extending to the home in the first half of 2020 - and what that means for cybercrime.
π΄ Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity π΄
π Read
via "Dark Reading: ".
Infosec practitioners face a variety of mental struggles in areas such as awareness training, problem solving, or general mental health. Several sessions at Black Hat USA 2020 highlighted these challenges and how to overcome them.π Read
via "Dark Reading: ".
Dark Reading
Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity
Infosec practitioners face a variety of mental struggles in areas such as awareness training, problem solving, or general mental health. Several sessions at Black Hat USA 2020 highlighted these challenges and how to overcome them.
π How hospitals can better protect themselves against data breaches π
π Read
via "Security on TechRepublic".
Healthcare data breaches have fallen this year but could surge over the next few months as hospital records remain a top target, says CI Security.π Read
via "Security on TechRepublic".
TechRepublic
How hospitals can better protect themselves against data breaches
Healthcare data breaches have fallen this year but could surge over the next few months as hospital records remain a top target, says CI Security.
π How to hide files from any file manager on the Linux desktop π
π Read
via "Security on TechRepublic".
Want to hide files and folders from your Linux desktop file manager? Jack Wallen shows you one handy method.π Read
via "Security on TechRepublic".
TechRepublic
How to hide files from any file manager on the Linux desktop
Want to hide files and folders from your Linux desktop file manager? Jack Wallen shows you one handy method.
π Report: Unskilled hackers can breach about 3 out of 4 companies π
π Read
via "Security on TechRepublic".
Positive Technologies found in a recent study that criminals with few skills can hack a company in less than 30 minutes.π Read
via "Security on TechRepublic".
TechRepublic
Report: Unskilled hackers can breach about 3 out of 4 companies
Positive Technologies found in a recent study that criminals with few skills can hack a company in less than 30 minutes.
β Zoom Faces More Legal Challenges Over End-to-End Encryption β
π Read
via "Threatpost".
The video-conferencing specialist has yet to roll out full encryption, but it says it's working on it.π Read
via "Threatpost".
Threat Post
Zoom Faces More Legal Challenges Over End-to-End Encryption
The video-conferencing specialist has yet to roll out full encryption, but it says it's working on it.
β Tor and anonymous browsing β just how safe is it? β
π Read
via "Naked Security".
How to stay safe when you're using Tor, even if the network is littered with rogues.π Read
via "Naked Security".
Naked Security
Tor and anonymous browsing β just how safe is it?
How to stay safe when youβre using Tor, even if the network is littered with rogues.
π΄ NSA & FBI Disclose New Russian Cyberespionage Malware π΄
π Read
via "Dark Reading: ".
APT 28, aka Fancy Bear, is deploying the Drovorub malware designed for Linux systems as part of cyber-espionage operations.π Read
via "Dark Reading: ".
Dark Reading
NSA & FBI Disclose New Russian Cyberespionage Malware
APT 28, aka Fancy Bear, is deploying the Drovorub malware designed for Linux systems as part of cyber-espionage operations.
π Weak and infrequent cyber-crisis training is leaving companies vulnerable, new research says π
π Read
via "Security on TechRepublic".
Companies are too reliant on dated software, the most essential-to-crises staff aren't required attendance at cybersecurity training, and the pandemic exacerbated problems, according to a new report.π Read
via "Security on TechRepublic".
TechRepublic
Weak and infrequent cyber-crisis training is leaving companies vulnerable, new research says
Companies are too reliant on dated software, the most essential-to-crises staff aren't required attendance at cybersecurity training, and the pandemic exacerbated problems, according to a new report.
π US and UK workers still logging 2 extra hours every day, according to VPN data π
π Read
via "Security on TechRepublic".
People in Europe and Canada have gone back to the hours they were working before the coronavirus shutdown.π Read
via "Security on TechRepublic".
TechRepublic
US and UK workers still logging 2 extra hours every day, according to VPN data
People in Europe and Canada have gone back to the hours they were working before the coronavirus shutdown.