ATENTIONβΌ New - CVE-2016-10736
π Read
via "National Vulnerability Database".
The "Social Pug - Easy Social Share Buttons" plugin before 1.2.6 for WordPress allows XSS via the wp-admin/admin.php?page=dpsp-toolkit dpsp_message_class parameter.π Read
via "National Vulnerability Database".
β Supreme Court refuses to hear Fiat Chrysler appeal in Jeep hacking case β
π Read
via "Naked Security".
The court's action means that one of the first legal cases involving cyber security risks in cars will go to trial in October.π Read
via "Naked Security".
Naked Security
Supreme Court refuses to hear Fiat Chrysler appeal in Jeep hacking case
The courtβs action means that one of the first legal cases involving cyber security risks in cars will go to trial in October.
β Update now! Microsoft and Adobeβs January 2019 Patch Tuesday is here β
π Read
via "Naked Security".
After a busy sequence of updates in October, November, and December, the new yearβs first Patch Tuesday promises a lighter workload.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ 6 Best Practices for Managing an Online Educational Infrastructure π΄
π Read
via "Dark Reading: ".
Universities must keep pace with rapidly changing technology to help thwart malicious hacking attempts and protect student information.π Read
via "Dark Reading: ".
Darkreading
6 Best Practices for Managing an Online Educational Infrastructure
Universities must keep pace with rapidly changing technology to help thwart malicious hacking attempts and protect student information.
β Google Search Results Spoofed to Create Fake News β
π Read
via "Threatpost | The first stop for security news".
The technique can be used to spread disinformation while leveraging the trust people have in Google's search results.π Read
via "Threatpost | The first stop for security news".
Threat Post
Google Search Results Spoofed to Create Fake News
The technique can be used to spread disinformation while leveraging the trust people have in Google's search results.
β βUnprecedentedβ DNS Hijacking Attacks Linked to Iran β
π Read
via "Threatpost | The first stop for security news".
The attacks, targeting several countries to redirect traffic and harvest credentials, have been linked to Iran.π Read
via "Threatpost | The first stop for security news".
Threat Post
βUnprecedentedβ DNS Hijacking Attacks Linked to Iran
The attacks, targeting several countries redirect traffic and harvest credentials, have been linked to Iran.
π΄ Google: G Suite Now Alerts Admins to Data Exfiltration π΄
π Read
via "Dark Reading: ".
New additions to the G Suite alert center are intended to notify admins of phishing and data exports.π Read
via "Dark Reading: ".
Darkreading
Google: G Suite Now Alerts Admins to Data Exfiltration
New additions to the G Suite alert center are intended to notify admins of phishing and data exports.
π΄ Consumers Demand Security from Smart Device Makers π΄
π Read
via "Dark Reading: ".
Poll shows individuals want better security from IoT device manufacturers as connected products flood the market.π Read
via "Dark Reading: ".
Dark Reading
Consumers Demand Security from Smart Device Makers
Poll shows individuals want better security from IoT device manufacturers as connected products flood the market.
π CES 2019: How Winston can protect consumers and smart offices from identity thieves π
π Read
via "Security on TechRepublic".
Winston is an online privacy device that sits between a modem and router to protect the user's online browsing and identity.π Read
via "Security on TechRepublic".
TechRepublic
CES 2019: How Winston can protect consumers and smart offices from identity thieves
Winston is an online privacy device that sits between a modem and router to protect the user's online browsing and identity.
π΄ Ryuk Ransomware Attribution May Be Premature π΄
π Read
via "Dark Reading: ".
The eagerness to tie recent Ryuk ransomware attacks to a specific group could be rushed, researchers say.π Read
via "Dark Reading: ".
Darkreading
Ryuk Ransomware Attribution May Be Premature
The eagerness to tie recent Ryuk ransomware attacks to a specific group could be rushed, researchers say.
π΄ Election Security Isn't as Bad as People Think π΄
π Read
via "Dark Reading: ".
Make no mistake, however: We'll always have to be on guard. And we can take some lessons from the world of industrial cybersecurity.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Facebook violated tough new cybersecurity law, says Vietnam β
π Read
via "Naked Security".
The law brought sweeping new powers, allowing authorities to force technology companies to hand over user data and to censor posts.π Read
via "Naked Security".
Naked Security
Facebook violated tough new cybersecurity law, says Vietnam
The law brought sweeping new powers, allowing authorities to force technology companies to hand over user data and to censor posts.
β You canβt delete Facebook from some Androids and people arenβt happy β
π Read
via "Naked Security".
The #DeleteFacebook movement may be growing, but many Samsung users are having a tough time scraping the social networkβs preinstalled software from their phones.π Read
via "Naked Security".
Naked Security
You canβt delete Facebook from some Androids and people arenβt happy
The #DeleteFacebook movement may be growing, but many Samsung users are having a tough time scraping the social networkβs preinstalled software from their phones.
π΄ Reddit Alerts Users to Possible Account Breaches π΄
π Read
via "Dark Reading: ".
User lockouts, combined with requirements for new passwords, indicate an attack on accounts at the popular social media platform.π Read
via "Dark Reading: ".
Darkreading
Reddit Alerts Users to Possible Account Breaches
User lockouts, combined with requirements for new passwords, indicate an attack on accounts at the popular social media platform.
β At CES, Focus is On βCool Factorβ Not IoT Security β
π Read
via "Threatpost | The first stop for security news".
When it comes to IoT, the priority at CES is the "wow factor" - but not so much a focus on security.π Read
via "Threatpost | The first stop for security news".
Threat Post
At CES, Focus is On βCool Factorβ Not IoT Security
When it comes to IoT, the priority at CES is the "wow factor" - but not so much a focus on security.
π΄ DNS Hijacking Campaign Targets Organizations Globally π΄
π Read
via "Dark Reading: ".
A group believed to be operating out of Iran has manipulated DNS records belonging to dozens of firms in an apparent cyber espionage campaign, FireEye says.π Read
via "Dark Reading: ".
Darkreading
DNS Hijacking Campaign Targets Organizations Globally
A group believed to be operating out of Iran has manipulated DNS records belonging to dozens of firms in an apparent cyber espionage campaign, FireEye says.
π΄ New Software Side-Channel Attack Raises Risk for Captured Crypto π΄
π Read
via "Dark Reading: ".
The new attack hits operating systems, not chips, and may give criminals the keys to a company's cryptography.π Read
via "Dark Reading: ".
Dark Reading
New Software Side-Channel Attack Raises Risk for Captured Crypto
The new attack hits operating systems, not chips, and may give criminals the keys to a company's cryptography.
ATENTIONβΌ New - CVE-2017-1002157
π Read
via "National Vulnerability Database".
modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-1002152
π Read
via "National Vulnerability Database".
Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles.π Read
via "National Vulnerability Database".
β El Chapo was brought down by a sysadmin β
π Read
via "Naked Security".
Christian Rodriguez says he set up secure VoIP communications for the cartel: a system whose encryption keys he wound up giving to the FBI.π Read
via "Naked Security".
Naked Security
El Chapo was brought down by a sysadmin
Christian Rodriguez says he set up secure VoIP communications for the cartel: a system whose encryption keys he wound up giving to the FBI.
β Trading site DX.Exchange spills gobs of user data β
π Read
via "Naked Security".
A trader believes he could easily have obtained admin access to the site and potentially have stolen the funds of its 600,000 users.π Read
via "Naked Security".
Naked Security
Trading site DX.Exchange spills gobs of user data
A trader believes he could easily have obtained admin access to the site and potentially have stolen the funds of its 600,000 users.