β Google Squashes Critical Android Media Framework Bug β
π Read
via "Threatpost".
The September Android security bulletin addressed critical- and high-severity flaws tied to 53 CVEs overall.π Read
via "Threatpost".
Threat Post
Google Squashes Critical Android Media Framework Bug
The September Android security bulletin addressed critical- and high-severity flaws tied to 53 CVEs overall.
β Zeppelin Ransomware Returns with New Trojan on Board β
π Read
via "Threatpost".
The malware has popped up in a targeted campaign and a new infection routine.π Read
via "Threatpost".
Threat Post
Zeppelin Ransomware Returns with New Trojan on Board
The malware has popped up in a targeted campaign and a new infection routine.
π΄ Inova Suffers Third-Party Data Breach π΄
π Read
via "Dark Reading: ".
The breach occurred as part of a ransomware attack against service provider Blackbaud.π Read
via "Dark Reading: ".
Dark Reading
Inova Suffers Third-Party Data Breach
The breach occurred as part of a ransomware attack against service provider Blackbaud.
π΄ Chart: Does Lack of Diversity Impact the Skills Shortage? π΄
π Read
via "Dark Reading: ".
Yes, according to 21% of security pros who participated in the 2020 Black Hat Attendee Survey.π Read
via "Dark Reading: ".
Dark Reading
Chart: Does Lack of Diversity Impact the Skills Shortage?
Yes, according to 21% of security pros who participated in the 2020 Black Hat Attendee Survey.
π΄ Meet the Middlemen Who Connect Cybercriminals With Victims π΄
π Read
via "Dark Reading: ".
An analysis of initial access brokers explains how they break into vulnerable organizations and sell their access for up to $10,000.π Read
via "Dark Reading: ".
Dark Reading
Meet the Middlemen Who Connect Cybercriminals With Victims
An analysis of initial access brokers explains how they break into vulnerable organizations and sell their access for up to $10,000.
π΄ Legality of Security Research to be Decided in US Supreme Court Case π΄
π Read
via "Dark Reading: ".
A ruling that a police officer's personal use of a law enforcement database is "hacking" has security researchers worried for the future.π Read
via "Dark Reading: ".
Dark Reading
Legality of Security Research to be Decided in US Supreme Court Case
A ruling that a police officer's personal use of a law enforcement database is hacking has security researchers worried for the future.
π΄ Ransomware Attacks Disrupt School Reopenings π΄
π Read
via "Dark Reading: ".
A flurry of recent attacks is complicating attempts to deliver classes online at some schools in different parts of the country.π Read
via "Dark Reading: ".
Dark Reading
Ransomware Attacks Disrupt School Reopenings
A flurry of recent attacks is complicating attempts to deliver classes online at some schools in different parts of the country.
β CDRThief Malware Targets VoIP Gear in Carrier Networks β
π Read
via "Threatpost".
The Linux-targeted code can steal phone-call metadata, likely in spy campaigns or for use in VoIP fraud.π Read
via "Threatpost".
Threat Post
CDRThief Malware Targets VoIP Gear in Carrier Networks
The Linux-targeted code can steal phone-call metadata, likely in spy campaigns or for use in VoIP fraud.
π Linux servers and workstations are hackers' next target, security researchers warn π
π Read
via "Security on TechRepublic".
Sophisticated hackers and crooks are developing more tools to target Linux-based systems used by government and big business.π Read
via "Security on TechRepublic".
TechRepublic
Linux servers and workstations are hackers' next target, security researchers warn
Sophisticated hackers and crooks are developing more tools to target Linux-based systems used by government and big business.
β Product Overview: Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine β
π Read
via "Threatpost".
The Cynet 360 platform is built on three pillars; Extended Detection and Response (XDR), Response Automation, and Managed Detection and Response (MDR).π Read
via "Threatpost".
Threat Post
Product Overview: Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine
The Cynet 360 platform is built on three pillars; Extended Detection and Response (XDR), Response Automation, and Managed Detection and Response (MDR).
β Govt.-Backed Contact-Tracing Apps Raise Privacy Hackles β
π Read
via "Threatpost".
New opt-in COVID-19 Exposure Notifications Express systems baked into Appleβs iOS and available on Android need privacy guardrails, say privacy advocates.π Read
via "Threatpost".
Threat Post
Govt.-Backed Contact-Tracing Apps Raise Privacy Hackles
New opt-in COVID-19 Exposure Notifications Express systems baked into Appleβs iOS and available on Android need privacy guardrails, say privacy advocates.
π΄ Ripple20 Malware Highlights Industrial Security Challenges π΄
π Read
via "Dark Reading: ".
Poor security practices allowed software vulnerabilities to propagate throughout industrial and IoT products for more than 20 years.π Read
via "Dark Reading: ".
Dark Reading
Ripple20 Malware Highlights Industrial Security Challenges
Poor security practices allowed software vulnerabilities to propagate throughout industrial and IoT products for more than 20 years.
β Ransomware And Zoom-Bombing: Cyberattacks Disrupt Back-to-School Plans β
π Read
via "Threatpost".
Cyberattacks have caused several school systems to delay students' first day back - and experts warn that new COVID-related delays could be the new "snow days."π Read
via "Threatpost".
Threat Post
Ransomware And Zoom-Bombing: Cyberattacks Disrupt Back-to-School Plans
Cyberattacks have caused several school systems to delay students' first day back - and experts warn that new COVID-related delays could be the new "snow days."
π Zeek 3.2.1 π
π Go!
via "Security Tool Files β Packet Storm".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Zeek 3.2.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks β
π Read
via "Threatpost".
The "BLURtooth" flaw allows attackers within wireless range to bypass authentication keys and snoop on devices utilizing implementations of Bluetooth 4.0 through 5.0.π Read
via "Threatpost".
Threat Post
Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks
The BLURtooth flaw allows attackers within wireless range to bypass authentication keys and snoop on devices utilizing implementations of Bluetooth 4.0 through 5.0.
π How ransomware attacks are growing in severity π
π Read
via "Security on TechRepublic".
Demands are sharply higher, and the complexity and costs of addressing an attack are increasing, according to cyber insurance provider Coalition.π Read
via "Security on TechRepublic".
TechRepublic
How ransomware attacks are growing in severity
Demands are sharply higher, and the complexity and costs of addressing an attack are increasing, according to cyber insurance provider Coalition.
π΄ Managed IT Providers: The Cyber-Threat Actors' Gateway to SMBs π΄
π Read
via "Dark Reading: ".
Criminals have made MSPs a big target of their attacks. That should concern small and midsize businesses a great deal.π Read
via "Dark Reading: ".
Dark Reading
Managed IT Providers: The Cyber-Threat Actors' Gateway to SMBs
Criminals have made MSPs a big target of their attacks. That should concern small and midsize businesses a great deal.
π΄ Think You're Spending Enough on Security? π΄
π Read
via "Dark Reading: ".
While the amount will vary from organization to organization, here are four ways for everyone to evaluate whether they're allocating the right amount of money and resources.π Read
via "Dark Reading: ".
Dark Reading
Think You're Spending Enough on Security?
While the amount will vary from organization to organization, here are four ways for everyone to evaluate whether they're allocating the right amount of money and resources.
π How to Mitigate a DDoS Attack π
π Read
via "Subscriber Blog RSS Feed ".
Following a rash of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks worldwide, countries are offering guidance.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
How to Mitigate a DDoS Attack
Following a rash of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks worldwide, countries are offering guidance.
ATENTIONβΌ New - CVE-2018-17145
π Read
via "National Vulnerability Database".
Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15.π Read
via "National Vulnerability Database".
π΄ Zoom Brings Two-Factor Authentication to All Users π΄
π Read
via "Dark Reading: ".
This marks the latest step Zoom has taken to improve user security as more employees work from home.π Read
via "Dark Reading: ".
Dark Reading
Zoom Brings Two-Factor Authentication to All Users
This marks the latest step Zoom has taken to improve user security as more employees work from home.