β Healthcare in Crisis: Diagnosing Cybersecurity Shortcomings in Unprecedented Times β
π Read
via "Threat Post".
In the early fog of the COVID-19 pandemic, cybersecurity took a back seat to keeping patients alive. Lost in the chaos was IT security.π Read
via "Threat Post".
Threat Post
Healthcare in Crisis: Diagnosing Cybersecurity Shortcomings in Unprecedented Times
In the early fog of the COVID-19 pandemic, cybersecurity took a back seat to keeping patients alive. Lost in the chaos was IT security.
β Insider Report: Healthcare Security Woes Balloon in COVID-Era β
π Read
via "Threat Post".
As hackers put a bullseye on healthcare, Threatpost spotlights how hospitals, researchers and patients have been affected and how the sector is bolstering their cyber defenses.π Read
via "Threat Post".
Threat Post
Insider Report: Healthcare Security Woes Balloon in COVID-Era
As hackers put a bullseye on healthcare, Threatpost spotlights how hospitals, researchers and patients have been affected and how the sector is bolstering their cyber defenses.
π NSA Urges Orgs Patch Vulnerability Following Russian Exploitation π
π Read
via "Digital Guardian".
Attackers have been actively exploiting a recently uncovered command injection bug in VMware products to access protected data.π Read
via "Digital Guardian".
Digital Guardian
NSA Urges Orgs Patch Vulnerability Following Russian Exploitation
Attackers have been actively exploiting a recently uncovered command injection bug in VMware products to access protected data.
π¦Ώ Experian predicts 5 key data breach targets for 2021 π¦Ώ
π Read
via "Tech Republic".
The pandemic warfare will shift to vaccine supply chains, home networks, and data from telemedicine visits in the new year.π Read
via "Tech Republic".
TechRepublic
Experian predicts 5 key data breach targets for 2021
The pandemic warfare will shift to vaccine supply chains, home networks, and data from telemedicine visits in the new year.
π΄ NortonLifeLock Acquires Avira for $360M π΄
π Read
via "Dark Reading".
The all-cash transaction is expected to broaden NortonLifeLock's international presence and bring a freemium business model into its portfolio.π Read
via "Dark Reading".
Dark Reading
NortonLifeLock Acquires Avira for $360M
The all-cash transaction is expected to broaden NortonLifeLock's international presence and bring a freemium business model into its portfolio.
β βFreeβ Cyberpunk 2077 Downloads Lead to Data Harvesting β
π Read
via "Threat Post".
The hotly anticipated game -- featuring a digital Keanu Reeves as a major character -- is being used as a lure for cyberattacks.π Read
via "Threat Post".
Threat Post
βFreeβ Cyberpunk 2077 Downloads Lead to Data Harvesting
The hotly anticipated game β featuring a digital Keanu Reeves as a major character β is being used as a lure for cyberattacks.
β Europol Warns COVID-19 Vaccine Rollout Vulnerable to Fraud, Theft β
π Read
via "Threat Post".
With the promise of a widely available COVID-19 vaccine on the horizon, Europol, the European Unionβs law-enforcement agency, has issued a warning about the rise of vaccine-related Dark Web activity. The agency joins a chorus of security professionals that have concerns about widespread attacks on the COVID-19 vaccine rollout. The warning comes after Europol discovered [β¦]π Read
via "Threat Post".
Threat Post
Europol Warns COVID-19 Vaccine Rollout Vulnerable to Fraud, Theft
European Union's law-enforcement agency, has issued a warning about the rise of vaccine-related Dark Web activity.
π¦Ώ How cybercrime will cost the world $1 trillion this year π¦Ώ
π Read
via "Tech Republic".
Including both financial losses and cybersecurity spending, the $1 trillion in costs will represent a 50% increase over 2018, says McAfee.π Read
via "Tech Republic".
TechRepublic
How cybercrime will cost the world $1 trillion this year
Including both financial losses and cybersecurity spending, the $1 trillion in costs will represent a 50% increase over 2018, says McAfee.
π¦Ώ Malwarebytes: Schools still struggling with connectivity and using last year's antivirus software π¦Ώ
π Read
via "Tech Republic".
About half of IT decision makers in a new survey say they have not added any cybersecurity training for teachers and students since remote learning started.π Read
via "Tech Republic".
TechRepublic
Malwarebytes: Schools still struggling with connectivity and using last year's antivirus software
About half of IT decision makers in a new survey say they have not added any cybersecurity training for teachers and students since remote learning started.
π΄ NSA Warns of Exploits Targeting Recently Disclosed VMware Vulnerability π΄
π Read
via "Dark Reading".
Agency urges organizations to deploy patch as soon as possible since exploit activity is hard to detect.π Read
via "Dark Reading".
Dark Reading
NSA Warns of Exploits Targeting Recently Disclosed VMware Vulnerability
Agency urges organizations to deploy patch as soon as possible since exploit activity is hard to detect.
π΄ The Magic Behind the Magic π΄
π Read
via "Dark Reading".
And oldie but goodie and still pretty truey.π Read
via "Dark Reading".
Dark Reading
The Magic Behind the Magic
And oldie but goodie and still pretty truey.
βΌ CVE-2020-29595 βΌ
π Read
via "National Vulnerability Database".
PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa.π Read
via "National Vulnerability Database".
βΌ CVE-2020-17521 βΌ
π Read
via "National Vulnerability Database".
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and 4.0.0-alpha-1. Fixed in versions 2.4.21, 2.5.14, 3.0.7, 4.0.0-alpha-2.π Read
via "National Vulnerability Database".
βΌ CVE-2020-29597 βΌ
π Read
via "National Vulnerability Database".
IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server.π Read
via "National Vulnerability Database".
βΌ CVE-2020-29600 βΌ
π Read
via "National Vulnerability Database".
In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501.π Read
via "National Vulnerability Database".
βΌ CVE-2020-29599 βΌ
π Read
via "National Vulnerability Database".
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13945 βΌ
π Read
via "National Vulnerability Database".
In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.π Read
via "National Vulnerability Database".
π¦Ώ How to use an SSH config file on macOS for easier connections to your data center servers π¦Ώ
π Read
via "Tech Republic".
Jack Wallen shows you how to make SSH connections even easier from your macOS machine.π Read
via "Tech Republic".
TechRepublic
How to Use an SSH Config File on macOS for Easier Connections to Your Data Center Servers
Jack Wallen shows you how to make SSH connections even easier from your macOS machine.
β Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping β
π Read
via "Threat Post".
The developers behind the Android malware have a new variant that spies on instant messages in WhatsApp, Telegram, Skype and more.π Read
via "Threat Post".
Threat Post
Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping
The developers behind the Android malware have a new variant that spies on instant messages in WhatsApp, Telegram, Skype and more.
π¦Ώ Multi-factor authentication: 5 reasons not to use SMS π¦Ώ
π Read
via "Tech Republic".
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable. Tom Merritt lists five reasons why SMS should not be used for MFA.π Read
via "Tech Republic".
TechRepublic
Top 5 reasons not to use SMS for multi-factor authentication
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable. Tom Merritt lists five reasons why SMS should not be used for MFA.
π¦Ώ Top 5 reasons not to use SMS for multi-factor authentication π¦Ώ
π Read
via "Tech Republic".
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable. Tom Merritt lists five reasons why SMS should not be used for MFA.π Read
via "Tech Republic".
TechRepublic
Top 5 reasons not to use SMS for multi-factor authentication
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable approach. Tom Merritt lists five reasons why SMS should not be used for MFA.