β Microsoft Edge, Google Chrome Roll Out Password Protection Tools β
π Read
via "Threat Post".
The new tools on Chrome and Edge will make it easier for browser users to discover - and change - compromised passwords.π Read
via "Threat Post".
Threat Post
Microsoft Edge, Google Chrome Roll Out Password Protection Tools
The new tools on Chrome and Edge will make it easier for browser users to discover - and change - compromised passwords.
π¦Ώ Microsoft President urges tech leaders to follow lessons from Apollo missions and "War Games" π¦Ώ
π Read
via "Tech Republic".
President Brad Smith said that national security is threatened by the industry's inability to learn lessons from the past.π Read
via "Tech Republic".
TechRepublic
Microsoft President urges tech leaders to follow lessons from Apollo missions and "War Games"
President Brad Smith said that national security is threatened by the industry's inability to learn lessons from the past.
π΄ Intel Confirms Unauthorized Access of Earnings-Related Data π΄
π Read
via "Dark Reading".
News likely contributed to slide of over 9% in chipmaker's stock at one point Friday.π Read
via "Dark Reading".
Dark Reading
Intel Confirms Unauthorized Access of Earnings-Related Data
News likely contributed to slide of over 9% in chipmaker's stock at one point Friday.
π΄ Comparing Different AI Approaches to Email Security π΄
π Read
via "Dark Reading".
Get to know the difference between "supervised" and "unsupervised" machine learning.π Read
via "Dark Reading".
Dark Reading
Comparing Different AI Approaches to Email Security
Get to know the difference between supervised and unsupervised machine learning.
π AIDE 0.17 π
π Read
via "Packet Storm Security".
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.π Read
via "Packet Storm Security".
Packetstormsecurity
AIDE 0.17 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Logwatch 7.5.5 π
π Read
via "Packet Storm Security".
Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.π Read
via "Packet Storm Security".
Packetstormsecurity
Logwatch 7.5.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β US administration adds βsubliminalβ ad to White House website β
π Read
via "Naked Security".
Hiding digital "secrets" where they're supposed to be found is good fun. Just don't hide actual secrets and hope no one will notice!π Read
via "Naked Security".
Naked Security
US administration adds βsubliminalβ ad to White House website
Hiding digital βsecretsβ where theyβre supposed to be found is good fun. Just donβt hide actual secrets and hope no one will notice!
π΄ How to Better Secure Your Microsoft 365 Environment π΄
π Read
via "Dark Reading".
Security experts offer Microsoft 365 security guidance as more attackers target enterprise cloud environments.π Read
via "Dark Reading".
Darkreading
How to Better Secure Your Microsoft 365 Environment
Security experts offer Microsoft 365 security guidance as more attackers target enterprise cloud environments.
β Naked Security Live β Donβt let digital jokes turn into digital disasters β
π Read
via "Naked Security".
Here's the latest Naked Security Live video - watch and enjoy!π Read
via "Naked Security".
Naked Security
Naked Security Live β Donβt let digital jokes turn into digital disasters
Hereβs the latest Naked Security Live video β watch and enjoy!
π¦Ώ 2021 predictions: Quantifying and prioritizing cyber and business risk π¦Ώ
π Read
via "Tech Republic".
Every new year brings new challenges surrounding risk management. Learn how to protect your company and its assets with these tips from an industry insider.π Read
via "Tech Republic".
TechRepublic
2021 predictions: Quantifying and prioritizing cyber and business risk
Every new year brings new challenges surrounding risk management. Learn how to protect your company and its assets with these tips from an industry insider.
π¦Ώ Analysts question viability of last-minute executive order from Trump on IaaS companies' foreign users π¦Ώ
π Read
via "Tech Republic".
In response to the Solar Winds attack, the order forces cloud companies to keep the names, addresses, emails, credit card numbers, and more, any time cloud services are used.π Read
via "Tech Republic".
TechRepublic
Analysts question viability of last-minute executive order from Trump on IaaS companies' foreign users
In response to the Solar Winds attack, the order forces cloud companies to keep the names, addresses, emails, credit card numbers, and more, any time cloud services are used.
β SonicWall Breach Stems from βProbableβ Zero-Days β
π Read
via "Threat Post".
The security vendor is investigating potential zero-day vulnerabilities in its Secure Mobile Access (SMA) 100 series.π Read
via "Threat Post".
Threat Post
SonicWall Breach Stems from βProbableβ Zero-Days
The security vendor is investigating potential zero-day vulnerabilities in its Secure Mobile Access (SMA) 100 series.
β Cisco DNA Center Bug Opens Enterprises to Remote Attack β
π Read
via "Threat Post".
The high-severity security vulnerability (CVE-2021-1257) allows cross-site request forgery (CSRF) attacks.π Read
via "Threat Post".
Threat Post
Cisco DNA Center Bug Opens Enterprises to Remote Attack
The high-severity security vulnerability (CVE-2021-1257) allows cross-site request forgery (CSRF) attacks.
π¦Ώ Homebrew: How to install post-exploitation tools on macOS π¦Ώ
π Read
via "Tech Republic".
We'll guide you through the process of using Homebrew package manager to install post-exploit security tools on macOS to further assess compromised system vulnerabilities found in your Apple equipment.π Read
via "Tech Republic".
TechRepublic
Homebrew: How to install post-exploitation tools on macOS
Learn how to use the Homebrew package manager to install post-exploit security tools on macOS to further assess compromised system vulnerabilities found in your Apple equipment.
π The Most Read Data Insider Blogs of 2020 π
π Read
via "Digital Guardian".
SOX compliance, preventing social engineering attacks, and data classification. In this blog, we count down the most read blogs of 2020.π Read
via "Digital Guardian".
Digital Guardian
The Most Read Data Insider Blogs of 2020
SOX compliance, preventing social engineering attacks, and data classification. In this blog, we count down the most read blogs of 2020.
π΄ Small Security Teams Have Big Security Fears, CISOs Report π΄
π Read
via "Dark Reading".
Researchers poll security leaders who are tasked with protecting large organizations but have a small presence and budget.π Read
via "Dark Reading".
Dark Reading
Small Security Teams Have Big Security Fears, CISOs Report
Researchers poll security leaders who are tasked with protecting large organizations but have a small presence and budget.
β 2.28M MeetMindful Daters Compromised in Data Breach β
π Read
via "Threat Post".
The ShinyHunters hacking group offer a raft of information, from location and contact info to dating preferences and bodily descriptions, as a free download.π Read
via "Threat Post".
Threat Post
2.28M MeetMindful Daters Compromised in Data Breach
The ShinyHunters hacking group offer a raft of information, from location and contact info to dating preferences and bodily descriptions, as a free download.
π¦Ώ Gartner: The future of AI is not as rosy as some might think π¦Ώ
π Read
via "Tech Republic".
A Gartner report predicts that the second-order consequences of widespread AI will have massive societal impacts, to the point of making us unsure if and when we can trust our own eyes.π Read
via "Tech Republic".
TechRepublic
Gartner: The future of AI is not as rosy as some might think
A Gartner report predicts that the second-order consequences of widespread AI will have massive societal impacts, to the point of making us unsure if and when we can trust our own eyes.
βΌ CVE-2021-21272 βΌ
π Read
via "National Vulnerability Database".
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the downloaded gzipped tarballs to be automatically extracted to the user-specified directory where the tarball can have symbolic links and hard links. A well-crafted tarball or tarballs allow malicious artifact providers linking, writing, or overwriting specific files on the host filesystem outside of the user-specified directory unexpectedly with the same permissions as the user who runs `oras pull`. Users of the affected versions are impacted if they are `oras` CLI users who runs `oras pull`, or if they are Go programs, which invoke `github.com/deislabs/oras/pkg/content.FileStore`. The problem has been fixed in version 0.9.0. For `oras` CLI users, there is no workarounds other than pulling from a trusted artifact provider. For `oras` package users, the workaround is to not use `github.com/deislabs/oras/pkg/content.FileStore`, and use other content stores instead, or pull from a trusted artifact provider.π Read
via "National Vulnerability Database".
β Outgoing FCC Chair Issues Final Security Salvo Against China β
π Read
via "Threat Post".
Ajit Pai says Chinese telecom companies βbiggest national security threatβ for regulators in exit interview.π Read
via "Threat Post".
Threat Post
Outgoing FCC Chair Issues Final Security Salvo Against China
Ajit Pai says Chinese telecom companies βbiggest national security threatβ for regulators in exit interview.
π΄ Deloitte & Touche Buys Threat-Hunting Firm π΄
π Read
via "Dark Reading".
Root9B (R9B) offers threat hunting and other managed security services.π Read
via "Dark Reading".
Dark Reading
Deloitte & Touche Buys Threat-Hunting Firm
Root9B (R9B) offers threat hunting and other managed security services.