β Shoring Up the 2020 Election: Secure Vote Tallies Arenβt the Problem β
π Read
via "Threatpost".
With many in the public sphere warning about a potential compromise of the integrity of the Presidential Election, security researchers instead flag online resources and influence campaigns as the biggest problem areas.π Read
via "Threatpost".
Threat Post
Shoring Up the 2020 Election: Secure Vote Tallies Arenβt the Problem
With many in the public sphere warning about a potential compromise of the integrity of the Presidential Election, security researchers instead flag online resources and influence campaigns as the biggest problem areas.
π IoT botnets: Smart homes ripe for a new type of cyberattack π
π Read
via "Security on TechRepublic".
The burgeoning smart home device market has given rise to digital intrusion and potential energy market manipulation on a massive scale.π Read
via "Security on TechRepublic".
TechRepublic
IoT botnets: Smart homes ripe for a new type of cyberattack
The burgeoning smart home device market has given rise to digital intrusion and potential energy market manipulation on a massive scale.
π΄ The Fatal Flaw in Data Security π΄
π Read
via "Dark Reading: ".
Simply stated: No matter how sophisticated your security software is, data cannot be simultaneously used and secured. But that may be changing soon.π Read
via "Dark Reading: ".
Dark Reading
The Fatal Flaw in Data Security
Simply stated: No matter how sophisticated your security software is, data cannot be simultaneously used and secured. But that may be changing soon.
β Lazarus Group Targets Cryptocurrency Firms Via LinkedIn Messages β
π Read
via "Threatpost".
The North Korean-linked APT's latest campaign shows that it is shifting focus to target the cryptocurrency and financial verticals.π Read
via "Threatpost".
Threat Post
Lazarus Group Targets Cryptocurrency Firms Via LinkedIn Messages
The North Korean-linked APT's latest campaign shows that it is shifting focus to target the cryptocurrency and financial verticals.
β Safari Bug Revealed After Apple Takes Nearly a Year to Patch β
π Read
via "Threatpost".
Polish security researcher unveiled the flaw in a cross-browser sharing API that could allow attackers to steal user files.π Read
via "Threatpost".
Threat Post
Safari Bug Revealed After Apple Takes Nearly a Year to Patch
Polish security researcher unveiled the flaw in a cross-browser sharing API that could allow attackers to steal user files.
π Sifter 9.5 π
π Go!
via "Security Tool Files β Packet Storm".
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Sifter 9.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Falco 0.25.0 π
π Go!
via "Security Tool Files β Packet Storm".
Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Falco 0.25.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Palo Alto Networks to Acquire The Crypsis Group for $265M π΄
π Read
via "Dark Reading: ".
This is the latest in a series of acquisitions that Palo Alto has made since 2018.π Read
via "Dark Reading: ".
Dark Reading
Palo Alto Networks to Acquire The Crypsis Group for $265M
This is the latest in a series of acquisitions that Palo Alto has made since 2018.
π΄ Three Easy Ways to Avoid Meow-like Database Attacks π΄
π Read
via "Dark Reading: ".
The largest problem facing database security today is the disconnect between security teams and DBAs beginning from the moment of configuration and continuing throughout the database lifecycle.π Read
via "Dark Reading: ".
Dark Reading
Three Easy Ways to Avoid Meow-like Database Attacks
The largest problem facing database security today is the disconnect between security teams and DBAs beginning from the moment of configuration and continuing throughout the database lifecycle.
π DOJ Discusses China's Efforts to Steal US IP π
π Read
via "Subscriber Blog RSS Feed ".
John Demers, the Justice Department's top national security official, said that 80% of state-connected espionage cases relate to China.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
DOJ Discusses China's Efforts to Steal US IP
John Demers, the Justice Department's top national security official, said that 80% of state-connected espionage cases relate to China.
π΄ Online Business Fraud Down, Consumer Fraud Up π΄
π Read
via "Dark Reading: ".
Criminals are changing tactics to match changing business conditions in the coronavirus pandemic, according to a new report.π Read
via "Dark Reading: ".
Dark Reading
Online Business Fraud Down, Consumer Fraud Up
Criminals are changing tactics to match changing business conditions in the coronavirus pandemic, according to a new report.
π How phishing attacks have exploited Amazon Web Services accounts π
π Read
via "Security on TechRepublic".
Phishing campaigns could compromise business data and use Amazon's cloud platform to launch further attacks, says KnowBe4.π Read
via "Security on TechRepublic".
TechRepublic
How phishing attacks have exploited Amazon Web Services accounts
Phishing campaigns could compromise business data and use Amazon's cloud platform to launch further attacks, says KnowBe4.
π΄ Phishing Attack Used Box to Land in Victim Inboxes π΄
π Read
via "Dark Reading: ".
A phishing attack targeting government and security organizations used a legitimate Box page with Microsoft 365 branding to trick victims.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π΄ Election Security's Sticky Problem: Attackers Who Don't Attack Votes π΄
π Read
via "Dark Reading: ".
If election defenders are protecting votes, and adversaries are attacking something else entirely, both sides might claim success, "Operation BlackOut" simulation shows.π Read
via "Dark Reading: ".
Dark Reading
Election Security's Sticky Problem: Attackers Who Don't Attack Votes
If election defenders are protecting votes, and adversaries are attacking something else entirely, both sides might claim success, Operation BlackOut simulation shows.
β Four More Bugs Patched in Microsoftβs Azure Sphere IoT Platform β
π Read
via "Threatpost".
Researchers have unearthed more vulnerabilities in Microsoftβs IoT security solution.π Read
via "Threatpost".
Threat Post
Four More Bugs Patched in Microsoftβs Azure Sphere IoT Platform
Researchers have unearthed more vulnerabilities in Microsoftβs IoT security solution.
ATENTIONβΌ New - CVE-2019-14904
π Read
via "National Vulnerability Database".
A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.π Read
via "National Vulnerability Database".
β How to Write a Cybersecurity Playbook During a Pandemic β
π Read
via "Threatpost".
IT teams have had to learn to be dynamic as workforces continue to shift strategies while COVID-19 drags on.π Read
via "Threatpost".
Threat Post
How to Write a Cybersecurity Playbook During a Pandemic
IT teams have had to learn to be dynamic as workforces continue to shift strategies while COVID-19 drags on.
β Medical Data Leaked on GitHub Due to Developer Errors β
π Read
via "Threatpost".
Up to 200,000 patient records from Office 365 and Google G Suite exposed by hardcoded credentials and other improper access controls.π Read
via "Threatpost".
Threat Post
Medical Data Leaked on GitHub Due to Developer Errors
Up to 200,000 patient records from Office 365 and Google G Suite exposed by hardcoded credentials and other improper access controls.
π΄ Deep Fake: Setting the Stage for Next-Gen Social Engineering π΄
π Read
via "Dark Reading: ".
Humans are susceptible to normalcy bias, which may leave us vulnerable to disinformation that reinforces our beliefs.π Read
via "Dark Reading: ".
Dark Reading
Deep Fake: Setting the Stage for Next-Gen Social Engineering
Humans are susceptible to normalcy bias, which may leave us vulnerable to disinformation that reinforces our beliefs.
π What a year of penetration testing data can reveal about the state of cybersecurity π
π Read
via "Security on TechRepublic".
From web app flaws to a lack of 2FA, Rapid7 found lots of common soft targets in the networks it breached on behalf of clients.π Read
via "Security on TechRepublic".
TechRepublic
What a year of penetration testing data can reveal about the state of cybersecurity
From web app flaws to a lack of 2FA, Rapid7 found lots of common soft targets in the networks it breached on behalf of clients.
β Disinformation Spurs a Thriving Industry as U.S. Election Looms β
π Read
via "Threatpost".
Threat actors are becoming increasingly sophisticated in launching disinformation campaigns - and staying under the radar to avoid detection from Facebook, Twitter and other platforms.π Read
via "Threatpost".
Threat Post
Disinformation Spurs a Thriving Industry as U.S. Election Looms
Threat actors are becoming increasingly sophisticated in launching disinformation campaigns - and staying under the radar to avoid detection from Facebook, Twitter and other platforms.