π¦Ώ Homebrew: How to install reconnaissance tools on macOS π¦Ώ
π Read
via "Tech Republic".
We'll guide you through the process of using Homebrew package manager to install security tools on macOS to perform reconnaissance, discovery, and fingerprinting of the devices on your network.π Read
via "Tech Republic".
TechRepublic
Homebrew: How to install reconnaissance tools on macOS
We'll guide you through the process of using Homebrew package manager to install security tools on macOS to perform reconnaissance, discovery, and fingerprinting of the devices on your network.
π΄ Building the Human Firewall π΄
π Read
via "Dark Reading".
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?π Read
via "Dark Reading".
Dark Reading
Building the Human Firewall
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
β Office 365 OAuth Attack Targets Coinbase Users β
π Read
via "Threat Post".
Attackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth.π Read
via "Threat Post".
Threat Post
Office 365 OAuth Attack Targets Coinbase Users
Attackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth.
π΄ Businesses Rethink Endpoint Security for 2021 π΄
π Read
via "Dark Reading".
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?π Read
via "Dark Reading".
Dark Reading
Businesses Rethink Endpoint Security for 2021
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?
β Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts β
π Read
via "Threat Post".
Hundreds of medical patients taking cancer drugs, Premarin, Lyrica and more are now vulnerable to phishing, malware and identity fraud.π Read
via "Threat Post".
Threat Post
Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts
Hundreds of medical patients taking cancer drugs, Premarin, Lyrica and more are now vulnerable to phishing, malware and identity fraud.
βΌ CVE-2020-4748 βΌ
π Read
via "National Vulnerability Database".
IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188517.π Read
via "National Vulnerability Database".
βΌ CVE-2020-6367 βΌ
π Read
via "National Vulnerability Database".
There is a reflected cross site scripting vulnerability in SAP NetWeaver Composite Application Framework, versions - 7.20, 7.30, 7.31, 7.40, 7.50. An unauthenticated attacker can trick an unsuspecting authenticated user to click on a malicious link. The end users browser has no way to know that the script should not be trusted, and will execute the script, resulting in sensitive information being disclosed or modified.π Read
via "National Vulnerability Database".
β Facebook: A Top Launching Pad For Phishing Attacks β
π Read
via "Threat Post".
Amazon, Apple, Netflix, Facebook and WhatsApp are top brands leveraged by cybercriminals in phishing and fraud attacks - including a recent strike on a half-million Facebook users.π Read
via "Threat Post".
Threat Post
Facebook: A Top Launching Pad For Phishing Attacks
Amazon, Apple, Netflix, Facebook and WhatsApp are top brands leveraged by cybercriminals in phishing and fraud attacks - including a recent strike on a half-million Facebook users.
π΄ Farsight Labs Launched as Security Collaboration Platform π΄
π Read
via "Dark Reading".
Farsight Security's platform will offer no-cost access to certain tools and services.π Read
via "Dark Reading".
Dark Reading
Farsight Labs Launched as Security Collaboration Platform
Farsight Security's platform will offer no-cost access to certain tools and services.
β Naked Security Live β Ping of Death: are you at risk? β
π Read
via "Naked Security".
Here's the latest Naked Security Live video - enjoy (and please share with your friends)!π Read
via "Naked Security".
Naked Security
Naked Security Live β Ping of Death: are you at risk?
Hereβs the latest Naked Security Live video β enjoy (and please share with your friends)!
β Russian βgovernment hackersβ charged with cybercrimes by the US β
π Read
via "Naked Security".
What can we learn from the US DOJ indictments against the "Sandworm Team"?π Read
via "Naked Security".
Naked Security
Russian βgovernment hackersβ charged with cybercrimes by the US
What can we learn from the US DOJ indictments against the βSandworm Teamβ?
π΄ The Cybersecurity Maturity Model Certification: Are You in Compliance? π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
The Cybersecurity Maturity Model Certification: Are You in Compliance?
Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.
β Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio β
π Read
via "Threat Post".
The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month.π Read
via "Threat Post".
Threat Post
Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio
The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month.
βΌ CVE-2020-3992 βΌ
π Read
via "National Vulnerability Database".
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7370 βΌ
π Read
via "National Vulnerability Database".
User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of Danyil Vasilenko's Bolt Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Bolt Browser version 1.4 and prior versions.π Read
via "National Vulnerability Database".
π΄ NSA Reveals the Top 25 Vulnerabilities Exploited by Chinese Nation-State Hackers π΄
π Read
via "Dark Reading".
Officials urge organizations to patch the vulnerabilities most commonly scanned for, and exploited by, Chinese attackers.π Read
via "Dark Reading".
Dark Reading
NSA Reveals the Top 25 Vulnerabilities Exploited by Chinese Nation-State Hackers
Officials urge organizations to patch the vulnerabilities most commonly scanned for, and exploited by, Chinese attackers.
π΄ Do Standards Exist That Certify Secure IoT Systems? π΄
π Read
via "Dark Reading".
The IoT industry remains fragmented with a lot of players, big and small, churning out a lot of products.π Read
via "Dark Reading".
Dark Reading
Do Standards Exist That Certify Secure IoT Systems?
The IoT industry remains fragmented with a lot of players, big and small, churning out a lot of products.
π DOJ Charges Sandworm, The Group Behind Destructive NotPetya Attack π
π Read
via "Digital Guardian".
That Russians were behind the attacks has always been a forgone conclusion to many experts but this is the first time that the U.S. has formally made the accusation.π Read
via "Digital Guardian".
Digital Guardian
DOJ Charges Sandworm, The Group Behind Destructive NotPetya Attack
That Russians were behind the attacks has always been a forgone conclusion to many experts but this is the first time that the U.S. has formally made the accusation.
π Sifter 10.4g π
π Read
via "Packet Storm Security".
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.π Read
via "Packet Storm Security".
Packetstormsecurity
Sifter 10.4g β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Ransomware Group Makes Splashy $20K Donation to Charities β
π Read
via "Threat Post".
Cybercriminal gang Darkside sent $20K in donations to charities in a βRobin Hoodβ effort thatβs likely intended to draw attention to future data dumps, according to experts.π Read
via "Threat Post".
Threat Post
Ransomware Group Makes Splashy $20K Donation to Charities
Cybercriminal gang Darkside sent $20K in donations to charities in a βRobin Hoodβ effort thatβs likely intended to draw attention to future data dumps, according to experts.
π΄ Ransomware Attacks Show Little Sign of Slowing in 2021 π΄
π Read
via "Dark Reading".
Attackers have little motivation to stop when businesses are paying increasingly larger ransoms, say security experts who foresee a rise in attacks.π Read
via "Dark Reading".
Dark Reading
Ransomware Attacks Show Little Sign of Slowing in 2021
Attackers have little motivation to stop when businesses are paying increasingly larger ransoms, say security experts who foresee a rise in attacks.