π΄ h2c Smuggling: A New 'Devastating' Kind of HTTP Request Smuggling π΄
π Read
via "Dark Reading: ".
The newly discovered form of HTTP request smuggling could have widespread impact because any proxy can be affected, say researchers. Here's what infosec pros should know.π Read
via "Dark Reading: ".
Dark Reading
h2c Smuggling: A New 'Devastating' Kind of HTTP Request
The newly discovered form of HTTP request smuggling could have widespread impact because any proxy can be affected, researchers say. Here's what infosec pros should know.
π How to protect your organization against brute-force attacks π
π Read
via "Security on TechRepublic".
Cybersecurity is critical. With the shift toward remote work, brute-force attacks are increasingly targeting accounts that use Microsoft's Remote Desktop Protocol, says NordVPN Teams.π Read
via "Security on TechRepublic".
π nfstream 6.1.1 π
π Go!
via "Security Tool Files β Packet Storm".
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
nfstream 6.1.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ DDoS Attacks Rose 151% in First Half of 2020 π΄
π Read
via "Dark Reading: ".
Attacks grew in number, size, and sophistication as the coronavirus pandemic took hold.π Read
via "Dark Reading: ".
Dark Reading
DDoS Attacks Rose 151% in First Half of 2020
Attacks grew in number, size, and sophistication as the coronavirus pandemic took hold.
π΄ Likely Links Emerge Between Lazarus Group and Russian-Speaking Cybercriminals π΄
π Read
via "Dark Reading: ".
Researchers examine security incidents over the past several years that seemingly connect North Korea's Lazarus Group with Russian-speaking attackers.π Read
via "Dark Reading: ".
Dark Reading
Likely Links Emerge Between Lazarus Group and Russian-Speaking Cybercriminals
Researchers examine security incidents over the past several years that seemingly connect North Korea's Lazarus Group with Russian-speaking attackers.
π΄ What's on Your Enterprise Network? You Might be Surprised π΄
π Read
via "Dark Reading: ".
The strangest connected devices are showing up, and the threats they pose to security should not be overlooked.π Read
via "Dark Reading: ".
Dark Reading
What's on Your Enterprise Network? You Might be Surprised
The strangest connected devices are showing up, and the threats they pose to security should not be overlooked.
ATENTIONβΌ New - CVE-2020-12787
π Read
via "National Vulnerability Database".
Microchip Atmel ATSAMA5 products in Secure Mode allow an attacker to bypass existing security mechanisms related to applet handling.π Read
via "National Vulnerability Database".
β Zerologon β hacking Windows servers with a bunch of zeros β
π Read
via "Naked Security".
Cryptography is hard. And cryptographic blunders can be hard to spot. This one was there for years...π Read
via "Naked Security".
Naked Security
Zerologon β hacking Windows servers with a bunch of zeros
Cryptography is hard. And cryptographic blunders can be hard to spot. This one was there for yearsβ¦
π΄ h2c Smuggling: A New 'Devastating' Kind of HTTP Request π΄
π Read
via "Dark Reading: ".
The newly discovered form of HTTP request smuggling could have widespread impact because any proxy can be affected, researchers say. Here's what infosec pros should know.π Read
via "Dark Reading: ".
Dark Reading
h2c Smuggling: A New 'Devastating' Kind of HTTP Request
The newly discovered form of HTTP request smuggling could have widespread impact because any proxy can be affected, researchers say. Here's what infosec pros should know.
π How ransomware operators are joining forces to carry out attacks π
π Read
via "Security on TechRepublic".
Attackers buy stolen data from other criminals, while the Maze group publishes data captured by other gangs, says Positive Technologies.π Read
via "Security on TechRepublic".
TechRepublic
How ransomware operators are joining forces to carry out attacks
Attackers buy stolen data from other criminals, while the Maze group publishes data captured by other gangs, says Positive Technologies.
π nfstream 6.1.2 π
π Go!
via "Security Tool Files β Packet Storm".
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
nfstream 6.1.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β California Elementary Kids Kicked Off Online Learning by Ransomware β
π Read
via "Threatpost".
The attack on the Newhall District in Valencia is part of a wave of ransomware attacks on the education sector, which shows no sign of dissipating.π Read
via "Threatpost".
Threat Post
California Elementary Kids Kicked Off Online Learning by Ransomware
The attack on the Newhall District in Valencia is part of a wave of ransomware attacks on the education sector, which shows no sign of dissipating.
π΄ How IT Security Organizations are Attacking the Cybersecurity Problem π΄
π Read
via "Dark Reading: ".
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.π Read
via "Dark Reading: ".
π΄ Struggling to Secure Remote IT? 3 Lessons from the Office π΄
π Read
via "Dark Reading: ".
The great remote work experiment has exacerbated existing challenges and exposed new gaps, but there are things to be learned from office challenges.π Read
via "Dark Reading: ".
β APT41 Operatives Indicted as Sophisticated Hacking Activity Continues β
π Read
via "Threatpost".
Five alleged members of the China-linked advanced threat group and two associates have been indicted by a Federal grand jury, on dozens of charges.π Read
via "Threatpost".
Threat Post
APT41 Operatives Indicted as Sophisticated Hacking Activity Continues
Five alleged members of the China-linked advanced threat group and two associates have been indicted by a Federal grand jury, on dozens of charges.
β Google Play Bans Stalkerware and βMisrepresentationβ β
π Read
via "Threatpost".
The official app store is taking on spy- and surveillance-ware, along with apps that could be used to mount political-influence campaigns.π Read
via "Threatpost".
Threat Post
Google Play Bans Stalkerware and βMisrepresentationβ
The official app store is taking on spy- and surveillance-ware, along with apps that could be used to mount political-influence campaigns.
π΄ Time for CEOs to Stop Enabling China's Blatant IP Theft π΄
π Read
via "Dark Reading: ".
Protecting intellectual property in the name of US economic and national security should be part of every company's fiduciary duty.π Read
via "Dark Reading: ".
Dark Reading
Time for CEOs to Stop Enabling China's Blatant IP Theft
Protecting intellectual property in the name of US economic and national security should be part of every company's fiduciary duty.
π DOJ Charges Two Iranians in Cyber Intrusion Campaign π
π Read
via "Subscriber Blog RSS Feed ".
For years, the hackers infiltrated systems and targeted intellectual property and national security data.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
DOJ Charges Two Iranians in Cyber Intrusion Campaign
For years, the hackers infiltrated systems and targeted intellectual property and national security data.
π CISOs top traits revealed in report: Improvement needed π
π Read
via "Security on TechRepublic".
A new Gartner report found only 12% of chief information security officers (CISOs) met the criteria for being considered highly effective.π Read
via "Security on TechRepublic".
TechRepublic
CISOs top traits revealed in report: Improvement needed
A new Gartner report found only 12% of chief information security officers (CISOs) met the criteria for being considered highly effective.
ATENTIONβΌ New - CVE-2020-0392
π Read
via "National Vulnerability Database".
In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-150226608π Read
via "National Vulnerability Database".