🛡 Cybersecurity & Privacy 🛡 - News

ATENTION‼ New - CVE-2018-17766

Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.

📖 Read

via "National Vulnerability Database".

142 views20:55

ATENTION‼ New - CVE-2018-17765

Ingenico Telium 2 POS terminals have undeclared TRACE protocol commands. This is fixed in Telium 2 SDK v9.32.03 patch N.

📖 Read

via "National Vulnerability Database".

144 views20:55

❌ Google Squashes Critical Android Media Framework Bug ❌

The September Android security bulletin addressed critical- and high-severity flaws tied to 53 CVEs overall.

📖 Read

via "Threatpost".

Google Squashes Critical Android Media Framework Bug

The September Android security bulletin addressed critical- and high-severity flaws tied to 53 CVEs overall.

159 views21:09

❌ Zeppelin Ransomware Returns with New Trojan on Board ❌

The malware has popped up in a targeted campaign and a new infection routine.

📖 Read

via "Threatpost".

Zeppelin Ransomware Returns with New Trojan on Board

The malware has popped up in a targeted campaign and a new infection routine.

165 views21:09

🕴 Inova Suffers Third-Party Data Breach 🕴

The breach occurred as part of a ransomware attack against service provider Blackbaud.

📖 Read

via "Dark Reading: ".

Inova Suffers Third-Party Data Breach

The breach occurred as part of a ransomware attack against service provider Blackbaud.

162 views21:34

🕴 Chart: Does Lack of Diversity Impact the Skills Shortage? 🕴

Yes, according to 21% of security pros who participated in the 2020 Black Hat Attendee Survey.

📖 Read

via "Dark Reading: ".

Chart: Does Lack of Diversity Impact the Skills Shortage?

Yes, according to 21% of security pros who participated in the 2020 Black Hat Attendee Survey.

170 views21:34

🕴 Meet the Middlemen Who Connect Cybercriminals With Victims 🕴

An analysis of initial access brokers explains how they break into vulnerable organizations and sell their access for up to $10,000.

📖 Read

via "Dark Reading: ".

Meet the Middlemen Who Connect Cybercriminals With Victims

An analysis of initial access brokers explains how they break into vulnerable organizations and sell their access for up to $10,000.

179 views21:34

🕴 Legality of Security Research to be Decided in US Supreme Court Case 🕴

A ruling that a police officer's personal use of a law enforcement database is "hacking" has security researchers worried for the future.

📖 Read

via "Dark Reading: ".

Legality of Security Research to be Decided in US Supreme Court Case

A ruling that a police officer's personal use of a law enforcement database is hacking has security researchers worried for the future.

223 views21:34

🕴 Ransomware Attacks Disrupt School Reopenings 🕴

A flurry of recent attacks is complicating attempts to deliver classes online at some schools in different parts of the country.

📖 Read

via "Dark Reading: ".

Ransomware Attacks Disrupt School Reopenings

A flurry of recent attacks is complicating attempts to deliver classes online at some schools in different parts of the country.

241 views23:34

❌ CDRThief Malware Targets VoIP Gear in Carrier Networks ❌

The Linux-targeted code can steal phone-call metadata, likely in spy campaigns or for use in VoIP fraud.

📖 Read

via "Threatpost".

CDRThief Malware Targets VoIP Gear in Carrier Networks

The Linux-targeted code can steal phone-call metadata, likely in spy campaigns or for use in VoIP fraud.

228 views10:09

Linux servers and workstations are hackers' next target, security researchers warn

🔐 Linux servers and workstations are hackers' next target, security researchers warn 🔐

Sophisticated hackers and crooks are developing more tools to target Linux-based systems used by government and big business.

📖 Read

via "Security on TechRepublic".

TechRepublic

Sophisticated hackers and crooks are developing more tools to target Linux-based systems used by government and big business.

225 views12:49

❌ Product Overview: Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine ❌

The Cynet 360 platform is built on three pillars; Extended Detection and Response (XDR), Response Automation, and Managed Detection and Response (MDR).

📖 Read

via "Threatpost".

Product Overview: Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine

The Cynet 360 platform is built on three pillars; Extended Detection and Response (XDR), Response Automation, and Managed Detection and Response (MDR).

190 views13:09

❌ Govt.-Backed Contact-Tracing Apps Raise Privacy Hackles ❌

New opt-in COVID-19 Exposure Notifications Express systems baked into Apple’s iOS and available on Android need privacy guardrails, say privacy advocates.

📖 Read

via "Threatpost".

Govt.-Backed Contact-Tracing Apps Raise Privacy Hackles

New opt-in COVID-19 Exposure Notifications Express systems baked into Apple’s iOS and available on Android need privacy guardrails, say privacy advocates.

191 views14:09

🕴 Ripple20 Malware Highlights Industrial Security Challenges 🕴

Poor security practices allowed software vulnerabilities to propagate throughout industrial and IoT products for more than 20 years.

📖 Read

via "Dark Reading: ".

Ripple20 Malware Highlights Industrial Security Challenges

Poor security practices allowed software vulnerabilities to propagate throughout industrial and IoT products for more than 20 years.

193 views14:34

❌ Ransomware And Zoom-Bombing: Cyberattacks Disrupt Back-to-School Plans ❌

Cyberattacks have caused several school systems to delay students' first day back - and experts warn that new COVID-related delays could be the new "snow days."

📖 Read

via "Threatpost".

Ransomware And Zoom-Bombing: Cyberattacks Disrupt Back-to-School Plans

Cyberattacks have caused several school systems to delay students' first day back - and experts warn that new COVID-related delays could be the new "snow days."

207 views15:09

Zeek 3.2.1 ≈ Packet Storm

🛠 Zeek 3.2.1 🛠

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.

📖 Go!

via "Security Tool Files ≈ Packet Storm".

Packetstormsecurity

Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

207 views15:53

❌ Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks ❌

The "BLURtooth" flaw allows attackers within wireless range to bypass authentication keys and snoop on devices utilizing implementations of Bluetooth 4.0 through 5.0.

📖 Read

via "Threatpost".

Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks

The BLURtooth flaw allows attackers within wireless range to bypass authentication keys and snoop on devices utilizing implementations of Bluetooth 4.0 through 5.0.

210 views17:09

How ransomware attacks are growing in severity

🔐 How ransomware attacks are growing in severity 🔐

Demands are sharply higher, and the complexity and costs of addressing an attack are increasing, according to cyber insurance provider Coalition.

📖 Read

via "Security on TechRepublic".

TechRepublic

Demands are sharply higher, and the complexity and costs of addressing an attack are increasing, according to cyber insurance provider Coalition.

189 views17:49

🕴 Managed IT Providers: The Cyber-Threat Actors' Gateway to SMBs 🕴

Criminals have made MSPs a big target of their attacks. That should concern small and midsize businesses a great deal.

📖 Read

via "Dark Reading: ".