β A real-life Maze ransomware attack β βIf at first you donβt succeedβ¦β β
π Read
via "Naked Security".
The crooks wanted $15,000,000. They didn't get it. Huzzah!π Read
via "Naked Security".
Naked Security
A real-life Maze ransomware attack β βIf at first you donβt succeedβ¦β
The crooks wanted $15,000,000. They didnβt get it. Huzzah!
ATENTIONβΌ New - CVE-2020-0262
π Read
via "National Vulnerability Database".
In WiFi tethering, there is a possible attacker controlled intent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156353008π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0089
π Read
via "National Vulnerability Database".
In the audio server, there is a missing permission check. This could lead to local escalation of privilege regarding audio settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137015603π Read
via "National Vulnerability Database".
β Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach β
π Read
via "Threatpost".
Maze continues to adopt tactics from rival cybercrime gangs.π Read
via "Threatpost".
Threat Post
Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach
Maze continues to adopt tactics from rival cybercrime gangs.
π TikTok and WeChat to be banned from US app stores starting Sunday π
π Read
via "Security on TechRepublic".
Users in the US would be unable to download the two Chinese-owned apps from local app stores, according to the Department of Commerce.π Read
via "Security on TechRepublic".
TechRepublic
TikTok and WeChat to be banned from US app stores starting Sunday
Users in the US would be unable to download the two Chinese-owned apps from local app stores, according to the Department of Commerce.
β Security Takeaways from the Great Work-from-Home Experiment β
π Read
via "Threatpost".
As the pandemic drags on and remote workforces stay remote, zero-trust and other lessons learned should come to the fore.π Read
via "Threatpost".
Threat Post
Security Takeaways from the Great Work-from-Home Experiment
As the pandemic drags on and remote workforces stay remote, zero-trust and other lessons learned should come to the fore.
ATENTIONβΌ New - CVE-2020-0272
π Read
via "National Vulnerability Database".
In libhwbinder, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-130166487π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0271
π Read
via "National Vulnerability Database".
In the Settings app, there is an insecure default value. This could lead to local escalation of privilege and tapjacking with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144507081π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0269
π Read
via "National Vulnerability Database".
In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151645626π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0268
π Read
via "National Vulnerability Database".
In NFC, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148294643π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0265
π Read
via "National Vulnerability Database".
In Telephony, there are possible leaks of sensitive data due to missing permission checks. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150155839π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-0263
π Read
via "National Vulnerability Database".
In the Accessibility service, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154913130π Read
via "National Vulnerability Database".
β SecOps Teams Wrestle with Manual Processes, HR Gaps β
π Read
via "Threatpost".
Enterprise security teams are "drowning in alerts."π Read
via "Threatpost".
Threat Post
SecOps Teams Wrestle with Manual Processes, HR Gaps
Enterprise security teams are "drowning in alerts."
π How to encrypt files on your Linux servers with gocryptfs π
π Read
via "Security on TechRepublic".
Looking for an easy to use encryption tool to protect data on your Linux servers? Jack Wallen shows you how to install and use gocryptfs to serve that very purpose.π Read
via "Security on TechRepublic".
TechRepublic
How to encrypt files on your Linux servers with gocryptfs
Looking for an easy to use encryption tool to protect data on your Linux servers? Jack Wallen shows you how to install and use gocryptfs to serve that very purpose.
π΄ Deadly Ransomware Story Continues to Unfold π΄
π Read
via "Dark Reading: ".
A ransomware attack with fatal consequences is attracting notice and comment from around the world.π Read
via "Dark Reading: ".
Dark Reading
Deadly Ransomware Story Continues to Unfold
A ransomware attack with fatal consequences is attracting notice and comment from around the world.
π΄ A Hacker's Playlist π΄
π Read
via "Dark Reading: ".
Nine security researchers share their favorite songs and genres.π Read
via "Dark Reading: ".
Dark Reading
A Hacker's Playlist
Nine security researchers share their favorite songs and genres.
β Stubborn WooCommerce Plugin Bugs Get Third Patch β
π Read
via "Threatpost".
Users of the Discount Rules for WooCommerce WordPress plugin are urged to apply a third and (hopefully) final patch.π Read
via "Threatpost".
Threat Post
Stubborn WooCommerce Plugin Bug Gets Third Patch
Users of the Discount Rules for WooCommerce WordPress plugin are urged to apply a third and (hopefully) final patch.
β The TikTok Ban: Security Experts Weigh in on the Appβs Risks β
π Read
via "Threatpost".
With no hard evidence of abuse, are bans warranted? The real security concerns will likely come after the ban goes into effect, researchers said in our exclusive roundtable.π Read
via "Threatpost".
Threat Post
UPDATE β TikTok Ban: Security Experts Weigh in on the Appβs Risks
With no hard evidence of abuse, are bans warranted? The real security concerns will likely come after the ban goes into effect, researchers said in our exclusive roundtable.
β Naked Security Live β βThe Zerologon hole: are you at risk?β β
π Read
via "Naked Security".
Naked Security Live - here's the recorded version of our latest video. Enjoy.π Read
via "Naked Security".
Naked Security
Naked Security Live β βThe Zerologon hole: are you at risk?β
Naked Security Live β hereβs the recorded version of our latest video. Enjoy.