β Four More Bugs Patched in Microsoftβs Azure Sphere IoT Platform β
π Read
via "Threatpost".
Researchers have unearthed more vulnerabilities in Microsoftβs IoT security solution.π Read
via "Threatpost".
Threat Post
Four More Bugs Patched in Microsoftβs Azure Sphere IoT Platform
Researchers have unearthed more vulnerabilities in Microsoftβs IoT security solution.
ATENTIONβΌ New - CVE-2019-14904
π Read
via "National Vulnerability Database".
A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.π Read
via "National Vulnerability Database".
β How to Write a Cybersecurity Playbook During a Pandemic β
π Read
via "Threatpost".
IT teams have had to learn to be dynamic as workforces continue to shift strategies while COVID-19 drags on.π Read
via "Threatpost".
Threat Post
How to Write a Cybersecurity Playbook During a Pandemic
IT teams have had to learn to be dynamic as workforces continue to shift strategies while COVID-19 drags on.
β Medical Data Leaked on GitHub Due to Developer Errors β
π Read
via "Threatpost".
Up to 200,000 patient records from Office 365 and Google G Suite exposed by hardcoded credentials and other improper access controls.π Read
via "Threatpost".
Threat Post
Medical Data Leaked on GitHub Due to Developer Errors
Up to 200,000 patient records from Office 365 and Google G Suite exposed by hardcoded credentials and other improper access controls.
π΄ Deep Fake: Setting the Stage for Next-Gen Social Engineering π΄
π Read
via "Dark Reading: ".
Humans are susceptible to normalcy bias, which may leave us vulnerable to disinformation that reinforces our beliefs.π Read
via "Dark Reading: ".
Dark Reading
Deep Fake: Setting the Stage for Next-Gen Social Engineering
Humans are susceptible to normalcy bias, which may leave us vulnerable to disinformation that reinforces our beliefs.
π What a year of penetration testing data can reveal about the state of cybersecurity π
π Read
via "Security on TechRepublic".
From web app flaws to a lack of 2FA, Rapid7 found lots of common soft targets in the networks it breached on behalf of clients.π Read
via "Security on TechRepublic".
TechRepublic
What a year of penetration testing data can reveal about the state of cybersecurity
From web app flaws to a lack of 2FA, Rapid7 found lots of common soft targets in the networks it breached on behalf of clients.
β Disinformation Spurs a Thriving Industry as U.S. Election Looms β
π Read
via "Threatpost".
Threat actors are becoming increasingly sophisticated in launching disinformation campaigns - and staying under the radar to avoid detection from Facebook, Twitter and other platforms.π Read
via "Threatpost".
Threat Post
Disinformation Spurs a Thriving Industry as U.S. Election Looms
Threat actors are becoming increasingly sophisticated in launching disinformation campaigns - and staying under the radar to avoid detection from Facebook, Twitter and other platforms.
π΄ With More Use of Cloud, Passwords Become Even Weaker Link π΄
π Read
via "Dark Reading: ".
Slow patching provides vulnerabilities to exploit. A lack of network segmentation allows unrestricted lateral movement. Yet a report surveying a year of penetration tests finds that passwords still top the list of what attackers use to compromise systems.π Read
via "Dark Reading: ".
Dark Reading
With More Use of Cloud, Passwords Become Even Weaker Link
Slow patching provides vulnerabilities to exploit. A lack of network segmentation allows unrestricted lateral movement. Yet a report surveying a year of penetration tests finds that passwords still top the list of what attackers use to compromise systems.
π Want to create loyal customers? Get on the bleeding edge of data security π
π Read
via "Security on TechRepublic".
The public is increasingly wary of the privacy of their data. Companies reliant on it should take this as a sign of the future of customer loyalty, says data privacy firm Privitar.π Read
via "Security on TechRepublic".
TechRepublic
Want to create loyal customers? Get on the bleeding edge of data security
The public is increasingly wary of the privacy of their data. Companies reliant on it should take this as a sign of the future of customer loyalty, says data privacy firm Privitar.
π Cybersecurity at a crossroads: Moving toward trust in our technologies π
π Read
via "Security on TechRepublic".
Cloud computing changed the technology landscape forever. Here's hoping that trust will be the next frontier of computing.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity at a crossroads: Moving toward trust in our technologies
Cloud computing changed the technology landscape forever. Here's hoping that trust will be the next frontier of computing.
ATENTIONβΌ New - CVE-2019-18847
π Read
via "National Vulnerability Database".
Enterprise Access Client Auto-Updater allows for Remote Code Execution prior to version 2.0.1.π Read
via "National Vulnerability Database".
β Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack β
π Read
via "Threatpost".
The popular Autodesk software was exploited in a recent cyberespionage campaign against an international architectural company.π Read
via "Threatpost".
Threat Post
Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack
The popular Autodesk software was exploited in a recent cyberespionage campaign against an international architectural company.
β βChrome considered harmfulβ β the Law of Unintended Consequences β
π Read
via "Naked Security".
A well-written article on the APNIC blog has provoked a thoughtful response from the Chromium coders - and we can all learn from it!π Read
via "Naked Security".
Naked Security
βChrome considered harmfulβ β the Law of Unintended Consequences
A well-written article on the APNIC blog has provoked a thoughtful response from the Chromium coders β and we can all learn from it!
π΄ Russian National Arrested for Conspiracy to Hack Nevada Company π΄
π Read
via "Dark Reading: ".
The defendant allegedly planned to pay an employee $1 million to infect the company network with malware.π Read
via "Dark Reading: ".
Dark Reading
Russian National Arrested for Conspiracy to Hack Nevada Company
The defendant allegedly planned to pay an employee $1 million to infect the company network with malware.
π΄ The 'Shared Responsibility' Misnomer: Why the Cloud Continues to Confound π΄
π Read
via "Dark Reading: ".
Under the "shared responsibility model," the security management of cloud offerings is split equally between the vendor and the customer. Easy enough, right?π Read
via "Dark Reading: ".
Dark Reading
The 'Shared Responsibility' Misnomer: Why the Cloud Continues to Confound
Under the shared responsibility model, the security management of cloud offerings is split equally between the vendor and the customer. Easy enough, right?
π΄ 6 Signs Your Supply Chain Risk Just Shot Up π΄
π Read
via "Dark Reading: ".
Risk levels are not steady states. Here are six indications that the danger posed by your supply chain is headed in the wrong direction.π Read
via "Dark Reading: ".
Dark Reading
6 Signs Your Supply Chain Risk Just Shot Up
Risk levels are not steady states. Here are six indications that the danger posed by your supply chain is headed in the wrong direction.
β Cisco Patches βHigh-Severityβ Bugs Impacting Switches, Fibre Storage β
π Read
via "Threatpost".
Nine bugs were patched, eight of which are rated βhighβ severity.π Read
via "Threatpost".
Threat Post
Cisco Patches βHigh-Severityβ Bugs Impacting Switches, Fibre Storage
Nine bugs were patched, eight of which are rated βhighβ severity.
π΄ 6 Signs Your Supply Chain Risk Just Shot Up π΄
π Read
via "Dark Reading: ".
Risk levels are not steady states. Here are six indications that the danger posed by your supply chain is headed in the wrong direction.π Read
via "Dark Reading: ".
Dark Reading
6 Signs Your Supply Chain Risk Just Shot Up
Risk levels are not steady states. Here are six indications that the danger posed by your supply chain is headed in the wrong direction.
π Office 365 Can Now Open Attachments in a Sandbox π
π Read
via "Subscriber Blog RSS Feed ".
Microsoft has released a new feature update - Application Guard - that opens suspicious looking attachments in a sandbox to prevent malicious activity.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Office 365 Can Now Open Attachments in a Sandbox
Microsoft has released a new feature update - Application Guard - that opens suspicious looking attachments in a sandbox to prevent malicious activity.
ATENTIONβΌ New - CVE-2019-4692
π Read
via "National Vulnerability Database".
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 171829.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-4691
π Read
via "National Vulnerability Database".
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171828.π Read
via "National Vulnerability Database".