π΄ 2018's Most Common Vulnerabilities Include Issues New and Old π΄
π Read
via "Dark Reading: ".
The most common vulnerabilities seen last year run the gamut from cross-site scripting to issues with CMS platforms.π Read
via "Dark Reading: ".
Dark Reading
2018's Most Common Vulnerabilities Include Issues New and Old
The most common vulnerabilities seen last year run the gamut from cross-site scripting to issues with CMS platforms.
β Serious Security: What 2000 years of cryptography can teach us β
π Read
via "Naked Security".
Here's a fascinating history of cryptography that has plenty to teach you - and you don't need a degree in mathematics to follow along!π Read
via "Naked Security".
ATENTIONβΌ New - CVE-2017-18332
π Read
via "National Vulnerability Database".
Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18331
π Read
via "National Vulnerability Database".
Improper access control on secure display buffers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, SDA660π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18160
π Read
via "National Vulnerability Database".
AGPS session failure in GNSS module due to cyphersuites are hardcoded and needed manual update everytime in snapdragon mobile and snapdragon wear in versions MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 835, SD 845, SD 850π Read
via "National Vulnerability Database".
β Monday review β the hot 23 stories of the week β
π Read
via "Naked Security".
From WhatsApps that aren't meant for you to the highly promising USB-C authentication, and everything in between. It's weekly roundup time.π Read
via "Naked Security".
Naked Security
Monday review β the hot 23 stories of the week
From WhatsApps that arenβt meant for you to the highly promising USB-C authentication, and everything in between. Itβs weekly roundup time.
β Monday review β the hot 23 stories of the week β
π Read
via "Naked Security".
From WhatsApps that aren't meant for you to the highly promising USB-C authentication, and everything in between. It's weekly roundup time.π Read
via "Naked Security".
Naked Security
Monday review β the hot 23 stories of the week
From WhatsApps that arenβt meant for you to the highly promising USB-C authentication, and everything in between. Itβs weekly roundup time.
β Monday review β the hot 23 stories of the week β
π Read
via "Naked Security".
From WhatsApps that aren't meant for you to the highly promising USB-C authentication, and everything in between. It's weekly roundup time.π Read
via "Naked Security".
Naked Security
Monday review β the hot 23 stories of the week
From WhatsApps that arenβt meant for you to the highly promising USB-C authentication, and everything in between. Itβs weekly roundup time.
β Tim Cook demands a way for users to delete their personal data β
π Read
via "Naked Security".
The Apple CEO wants the FTC to set up a data-broker clearinghouse so people can see the data that companies have collected on them.π Read
via "Naked Security".
Naked Security
Tim Cook demands a way for users to delete their personal data
The Apple CEO wants the FTC to set up a data-broker clearinghouse so people can see the data that companies have collected on them.
β State agency exposes 3TB of data, including FBI info and remote logins β
π Read
via "Naked Security".
Oklahomaβs Department of Securities (ODS) exposed 3TB of files in plain text containing sensitive data on the public internet this month.π Read
via "Naked Security".
Naked Security
State agency exposes 3TB of data, including FBI info and remote logins
Oklahomaβs Department of Securities (ODS) exposed 3TB of files in plain text containing sensitive data on the public internet this month.
β Attackers used a LinkedIn job ad and Skype call to breach bankβs defences β
π Read
via "Naked Security".
A Chilean Senator has taken to Twitter with alarming news β the company running the countryβs ATM network suffered a serious cyberattack.π Read
via "Naked Security".
Naked Security
Attackers used a LinkedIn job ad and Skype call to breach bankβs defences
A Chilean Senator has taken to Twitter with alarming news β the company running the countryβs ATM network suffered a serious cyberattack.
β Twitter bug exposed some Android private tweets to public view β
π Read
via "Naked Security".
The latest privacy glitch, which went unnoticed for over four years, may trigger yet another EU privacy probe.π Read
via "Naked Security".
Naked Security
Twitter bug exposed some Android private tweets to public view
The latest privacy glitch, which went unnoticed for over four years, may trigger yet another EU privacy probe.
π΄ Shadow IT, IaaS & the Security Imperative π΄
π Read
via "Dark Reading: ".
Organizations must strengthen their security posture in cloud environments. That means considering five critical elements about their infrastructure, especially when it operates as an IaaS.π Read
via "Dark Reading: ".
Dark Reading
Shadow IT, IaaS & the Security Imperative
Organizations must strengthen their security posture in cloud environments. That means considering five critical elements about their infrastructure, especially when it operates as an IaaS.
ATENTIONβΌ New - CVE-2016-10739
π Read
via "National Vulnerability Database".
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.π Read
via "National Vulnerability Database".
β WhatsApp fights the spread of deadly fake news with recipient limit β
π Read
via "Naked Security".
WhatsApp has capped the number of people you can forward messages to, after India was seized by rumour-inspired mob lynchings.π Read
via "Naked Security".
Naked Security
WhatsApp fights the spread of deadly fake news with recipient limit
WhatsApp has capped the number of people you can forward messages to, after India was seized by rumour-inspired mob lynchings.
β DNC targeted by Russian hackers beyond 2018 midterms, it claims β
π Read
via "Naked Security".
The Democratic National Committee has filed a civil complaint accusing Russia of trying to hack its computers as recently as November 2018.π Read
via "Naked Security".
Naked Security
DNC targeted by Russian hackers beyond 2018 midterms, it claims
The Democratic National Committee has filed a civil complaint accusing Russia of trying to hack its computers as recently as November 2018.
β Bicycle-riding hitman convicted with Garmin GPS watch location data β
π Read
via "Naked Security".
Location data extracted from the athletic hitman's Garmin GPS watch and TomTom sat nav led to his conviction in two gangland murders.π Read
via "Naked Security".
Naked Security
Bicycle-riding hitman convicted with Garmin GPS watch location data
Location data extracted from the athletic hitmanβs Garmin GPS watch and TomTom sat nav led to his conviction in two gangland murders.
β Rogue websites can turn vulnerable browser extensions into back doors β
π Read
via "Naked Security".
A researcher has found that websites can use some extensions to bypass security policies, execute code, and even install other extensions.π Read
via "Naked Security".
Naked Security
Rogue websites can turn vulnerable browser extensions into back doors
A researcher has found that websites can use some extensions to bypass security policies, execute code, and even install other extensions.
π Rushing to patch? Here's how to prioritize your security efforts π
π Read
via "Security on TechRepublic".
When addressing security vulnerabilities, enterprises should focus on those with publicly available exploit code, according to a Kenna Security report.π Read
via "Security on TechRepublic".
TechRepublic
Rushing to patch? Here's how to prioritize your security efforts
When addressing security vulnerabilities, enterprises should focus on those with publicly available exploit code, according to a Kenna Security report.
β Adobe Issues Unscheduled Updates for Experience Manager Platform β
π Read
via "Threatpost | The first stop for security news".
The patches are part of Adobe's second unscheduled update this month.π Read
via "Threatpost | The first stop for security news".
Threat Post
Adobe Issues Unscheduled Updates for Experience Manager Platform
The patches are Adobe's second unscheduled update this month.