π΄ New Attacks Target Recent PHP Framework Vulnerability π΄
π Read
via "Dark Reading: ".
Multiple threat actors are using relatively simple techniques to take advantage of the vulnerability, launching cryptominers, skimmers, and other malware payloads.π Read
via "Dark Reading: ".
Darkreading
New Attacks Target Recent PHP Framework Vulnerability
Multiple threat actors are using relatively simple techniques to take advantage of the vulnerability, launching cryptominers, skimmers, and other malware payloads.
ATENTIONβΌ New - CVE-2016-4643 (apple_tv, iphone_os, mac_os)
π Read
via "National Vulnerability Database".
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.π Read
via "National Vulnerability Database".
π΄ Microsoft Launches New Azure DevOps Bug Bounty Program π΄
π Read
via "Dark Reading: ".
A new program will pay bounties of up to $20,000 for new critical bugs in the company's Azure DevOps systems and services.π Read
via "Dark Reading: ".
Darkreading
Microsoft Launches New Azure DevOps Bug Bounty Program
A new program will pay bounties of up to $20,000 for new critical bugs in the company's Azure DevOps systems and services.
π΄ Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation π΄
π Read
via "Dark Reading: ".
Facebook says the accounts and pages were part of two unrelated disinformation operations aimed at targets outside the US.π Read
via "Dark Reading: ".
Darkreading
Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation
Facebook says the accounts and pages were part of two unrelated disinformation operations aimed at targets outside the US.
β Microsoft Launches Azure DevOps Bug Bounty Program β
π Read
via "Threatpost | The first stop for security news".
Microsoft is offering rewards of up to $20,000 for flaws in its Azure DevOps online services and the latest release of the Azure DevOps server.π Read
via "Threatpost | The first stop for security news".
Threat Post
Microsoft Launches Azure DevOps Bug Bounty Program
Microsoft is offering rewards of up to $20,000 for flaws in its Azure DevOps online services and the latest release of the Azure DevOps server.
π΄ 773 Million Email Addresses, 21 Million Passwords For Sale on Hacker Forum π΄
π Read
via "Dark Reading: ".
Data appears to be from multiple breaches over past few years, says researcher who discovered it.π Read
via "Dark Reading: ".
Darkreading
773 Million Email Addresses, 21 Million Passwords For Sale on Hacker Forum
Data appears to be from multiple breaches over past few years, says researcher who discovered it.
β YouTube bans dangerous and harmful pranks and challenges β
π Read
via "Naked Security".
The platform can't keep us from driving while blindfolded, but at least it can remove videos that glorify our more brainless moments.π Read
via "Naked Security".
Naked Security
YouTube bans dangerous and harmful pranks and challenges
The platform canβt keep us from driving while blindfolded, but at least it can remove videos that glorify our more brainless moments.
β Ep. 015 β USB anti-hacking, bypassing 2FA and government insecurity [PODCAST] β
π Read
via "Naked Security".
Here's the latest Naked Security podcast - enjoy!π Read
via "Naked Security".
Naked Security
Ep. 015 β USB anti-hacking, bypassing 2FA and government insecurity [PODCAST]
Hereβs the latest Naked Security podcast β enjoy!
β Did you know you can see the ad boxes Facebook sorts us into? β
π Read
via "Naked Security".
...or that they can edit the (often inaccurate) pigeon-holes Facebook likes to put us in, a study found.π Read
via "Naked Security".
Naked Security
Did you know you can see the ad boxes Facebook sorts us into?
β¦or that they can edit the (often inaccurate) pigeon-holes Facebook likes to put us in, a study found.
β Google cracks down on access to your Android phone and SMS data β
π Read
via "Naked Security".
Android apps that want access to your call and SMS data now have to pass muster with Google's team of reviewers.π Read
via "Naked Security".
Naked Security
Google cracks down on access to your Android phone and SMS data
Android apps that want access to your call and SMS data now have to pass muster with Googleβs team of reviewers.
β Vast data-berg washes up 1.16 billion pwned records β
π Read
via "Naked Security".
Have I Been Pwned? (HIBP) has revealed a huge cache of breached email addresses and passwords, which it has named Collection #1.π Read
via "Naked Security".
π Microsoft launches Azure DevOps bug bounty program, $20,000 rewards on offer π
π Read
via "Security on TechRepublic".
The Redmond giant is keenly interested in remote code execution and privilege escalation flaws.π Read
via "Security on TechRepublic".
π΄ 8 Tips for Monitoring Cloud Security π΄
π Read
via "Dark Reading: ".
Cloud security experts weigh in with the practices and tools they prefer to monitor and measure security metrics in the cloud.π Read
via "Dark Reading: ".
Dark Reading
8 Tips for Monitoring Cloud Security
Cloud security experts weigh in with the practices and tools they prefer to monitor and measure security metrics in the cloud.
π 5 blockchain trends to expect in 2019 π
π Read
via "Security on TechRepublic".
Blockchain may finally be ready to move from hype to reality, with continued IoT integrations and tokenization, according to KPMG.π Read
via "Security on TechRepublic".
TechRepublic
5 blockchain trends to expect in 2019
Blockchain may finally be ready to move from hype to reality, with continued IoT integrations and tokenization, according to KPMG.
β Twitter Android Glitch Exposed Private Tweets for Years β
π Read
via "Threatpost | The first stop for security news".
Twitter has fixed the issue, which has been ongoing since 2014.π Read
via "Threatpost | The first stop for security news".
Threat Post
Twitter Android Glitch Exposed Private Tweets for Years
Twitter has fixed the issue, which has been ongoing since 2014.
π΄ The Rx for HIPAA Compliance in the Cloud π΄
π Read
via "Dark Reading: ".
For medical entities, simply following HIPAA cloud service provider guidelines is no longer enough to ensure that your practice is protected from cyber threats, government investigations, and fines.π Read
via "Dark Reading: ".
Darkreading
The Rx for HIPAA Compliance in the Cloud
For medical entities, simply following HIPAA cloud service provider guidelines is no longer enough to ensure that your practice is protected from cyber threats, government investigations, and fines.
π΄ PCI Council Releases New Software Framework for DevOps Era π΄
π Read
via "Dark Reading: ".
The PCI Software Security Framework will eventually replace PCI DA-DSS when it expires in 2022.π Read
via "Dark Reading: ".
Dark Reading
PCI Council Releases New Software Framework for DevOps Era
The PCI Software Security Framework will eventually replace PCI DA-DSS when it expires in 2022.
π Bug bounty programs: Everything you thought you knew is wrong π
π Read
via "Security on TechRepublic".
One common criticism of bug bounty programs is that very few hackers actually make money. Not only is this untrue, but it misses the point.π Read
via "Security on TechRepublic".
TechRepublic
Bug bounty programs: Everything you thought you knew is wrong
One common criticism of bug bounty programs is that very few hackers actually make money. Not only is this untrue, but it misses the point.