π¦Ώ The new Ring Always Home Camera is a security disaster in the making π¦Ώ
π Read
via "Tech Republic".
Jack Wallen offers his take on the upcoming release of the Ring Always Home Cam.π Read
via "Tech Republic".
TechRepublic
Ring Always Home Cam: A security disaster in the making
Jack Wallen offers his take on the upcoming release of the Ring Always Home Cam.
π¦Ώ Could Microsoft be en route to dumping Windows in favor of Linux? π¦Ώ
π Read
via "Tech Republic".
Microsoft Linux is the next evolution of the Microsoft desktop operating system, argues Jack Wallen. He explains why this would be a win-win for Microsoft, IT pros, users, and the Linux community.π Read
via "Tech Republic".
β Sophisticated Android Ransomware Executes with the Home Button β
π Read
via "Threat Post".
The malware also has a unique machine-learning module.π Read
via "Threat Post".
Threat Post
Sophisticated Android Ransomware Executes with the Home Button
The malware also has a unique machine-learning module.
π΄ CISOs Planning on Bigger Budgets: Report π΄
π Read
via "Dark Reading".
Budgets are on the rise, even in a time of revenue worries across the industry.π Read
via "Dark Reading".
Dark Reading
CISOs Planning on Bigger Budgets: Report
Budgets are on the rise, even in a time of revenue worries across the industry.
π¦Ώ How to secure your open source supply chain π¦Ώ
π Read
via "Tech Republic".
Commentary: Open source has never been more popular, which means it's time to figure out how to effectively secure the open source you use. Two experts weigh in.π Read
via "Tech Republic".
TechRepublic
How to secure your open source supply chain
Commentary: Open source has never been more popular, which means it's time to figure out how to effectively secure the open source you use. Two experts weigh in.
π¦Ώ How the enterprise can shut down cyber criminals and protect a remote staff π¦Ώ
π Read
via "Tech Republic".
Hackers accidentally allowed into company software by security noncompliant employees cost businesses millions annually; we asked experts to weigh in on best safety practices.π Read
via "Tech Republic".
TechRepublic
How the enterprise can shut down cyber criminals and protect a remote staff
Hackers accidentally allowed into company software by security noncompliant employees cost businesses millions annually; we asked experts to weigh in on best safety practices.
π΄ Critical Zerologon Flaw Exploited in TA505 Attacks π΄
π Read
via "Dark Reading".
Microsoft reports a new campaign leveraging the critical Zerologon vulnerability just days after nation-state group Mercury was seen using the flaw.π Read
via "Dark Reading".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π 10/9 Friday Five π
π Read
via "Digital Guardian".
Antitrust reforms, biometic data collection, and DHS malware warnings - catch up on all the week's news with the Friday Five!π Read
via "Digital Guardian".
Digital Guardian
10/9 Friday Five
Antitrust reforms, biometic data collection, and DHS malware warnings - catch up on all the week's news with the Friday Five!
β Fitbit Spyware Steals Personal Data via Watch Face β
π Read
via "Threat Post".
Immersive Labs Researcher takes advantage of lax Fitbit privacy controls to build a malicious spyware watch face.π Read
via "Threat Post".
Threat Post
Fitbit Spyware Steals Personal Data via Watch Face
Immersive Labs Researcher takes advantage of lax Fitbit privacy controls to build a malicious spyware watch face.
π΄ Apple Pays Bug Bounty to Enterprise Network Researchers π΄
π Read
via "Dark Reading".
So far, the company has doled out $288,000 to five researchers who, in three months, found 55 vulnerabilities in its corporate infrastructure.π Read
via "Dark Reading".
Dark Reading
Apple Pays Bug Bounty to Enterprise Network Researchers
So far, the company has doled out $288,000 to five researchers who, in three months, found 55 vulnerabilities in its corporate infrastructure.
π΄ Latest Version of MalLocker Android Ransomware Packs New Tricks π΄
π Read
via "Dark Reading".
Like most such mobile malware, the new one doesn't encrypt data but attempts to make an infected system impossible to use, Microsoft says.π Read
via "Dark Reading".
Darkreading
Latest Version of MalLocker Android Ransomware Packs New Tricks
Like most such mobile malware, the new one doesn't encrypt data but attempts to make an infected system impossible to use, Microsoft says.
βΌ CVE-2020-26935 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26947 βΌ
π Read
via "National Vulnerability Database".
monero-wallet-gui in Monero GUI 0.17.0.1 includes the . directory in an embedded RPATH (with a preference ahead of /usr/lib), which allows local users to gain privileges via a Trojan horse library in the current working directory.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26948 βΌ
π Read
via "National Vulnerability Database".
Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ImageURL parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2020-14184 βΌ
π Read
via "National Vulnerability Database".
Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in Jira issue filter export files. The affected versions are before 8.5.9, from version 8.6.0 before 8.12.3, and from version 8.13.0 before 8.13.1.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5141 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.π Read
via "National Vulnerability Database".
β S3 Ep1: Ransomware β is it really OK to pay? β Naked Security Podcast β
π Read
via "Naked Security".
Our podcast is back for Series 3 - here's Episode 1!π Read
via "Naked Security".
Naked Security
S3 Ep1: Ransomware β is it really OK to pay? [Podcast]
Our podcast is back for Series 3 β hereβs Episode 1!
β Naked Security Live β Cybersecurity tips for your own network β
π Read
via "Naked Security".
Here's the latest Naked Security Live video - enjoy (and please share with your friends)!π Read
via "Naked Security".
Naked Security
Naked Security Live β Cybersecurity tips for your own network
Hereβs the latest Naked Security Live video β enjoy (and please share with your friends)!
β Ransomware Attackers Buy Network Access in Cyberattack Shortcut β
π Read
via "Threat Post".
Network access to various industries is being offered in underground forums at as little as $300 a pop - and researchers warn that ransomware groups like Maze and NetWalker could be buying in.π Read
via "Threat Post".
Threat Post
Ransomware Attackers Buy Network Access in Cyberattack Shortcut
Network access to various industries is being offered in underground forums at as little as $300 a pop - and researchers warn that ransomware groups like Maze and NetWalker could be buying in.
π΄ How to Pinpoint Rogue IoT Devices on Your Network π΄
π Read
via "Dark Reading".
Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.π Read
via "Dark Reading".
Dark Reading
How to Pinpoint Rogue IoT Devices on Your Network
Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.