π΄ 'Picnic' Passes Test for Protecting IoT From Quantum Hacks π΄
π Read
via "Dark Reading: ".
Researchers from DigiCert, Utimaco, and Microsoft Research gives thumbs-up to a new algorithm for implementing quantum hacking-proof digital certificates.π Read
via "Dark Reading: ".
Dark Reading
IoT recent news | Dark Reading
Explore the latest news and expert commentary on IoT, brought to you by the editors of Dark Reading
π Have tech companies taken two-factor authentication too far? π
π Read
via "Security on TechRepublic".
Apple is facing a lawsuit from a user claiming that two-factor authentication is a "waste of their personal time." Here's why businesses shouldn't ignore the security measure.π Read
via "Security on TechRepublic".
TechRepublic
Have tech companies taken two-factor authentication too far?
Apple is facing a lawsuit from a user claiming that two-factor authentication is a "waste of their personal time." Here's why businesses shouldn't ignore the security measure.
β Xiaomi M365 Electric Scooter Hacked and Remotely Controlled β
π Read
via "Threatpost | The first stop for security news".
Hackers up to 100 meters away could take over Xiaomi M365 scooters to brake or accelerate them.π Read
via "Threatpost | The first stop for security news".
Threat Post
Xiaomi M365 Electric Scooter Hacked and Remotely Controlled
Hackers up to 100 meters away could take over Xiaomi M365 scooters to brake or accelerate them.
β Major Container Security Flaw Threatens Cascading Attacks β
π Read
via "Threatpost | The first stop for security news".
A fundamental component of container technologies like Docker, cri-o, containerd and Kubernetes contains an important vulnerability that could cause cascading attacks.π Read
via "Threatpost | The first stop for security news".
Threat Post
Major Container Security Flaw Threatens Cascading Attacks
A fundamental component of container technologies like Docker, cri-o, containerd and Kubernetes contains an important vulnerability that could cause cascading attacks.
β Attackers Completely Destroy VFEmailβs Secure Mail Infrastructure β
π Read
via "Threatpost | The first stop for security news".
"Every file server is lost, every backup server is lost.βπ Read
via "Threatpost | The first stop for security news".
Threat Post
Attackers Completely Destroy VFEmailβs Secure Mail Infrastructure
"Every file server is lost, every backup server is lost.β
β Critical WordPress Plugin Flaw Allows Complete Website Takeover β
π Read
via "Threatpost | The first stop for security news".
Users of the popular plugin, Simple Social Buttons, are encouraged to update to version 2.0.22.π Read
via "Threatpost | The first stop for security news".
Threat Post
Critical WordPress Plugin Flaw Allows Complete Website Takeover
Users of the popular plugin, Simple Social Buttons, are encouraged to update to version 2.0.22.
π΄ Devastating Cyberattack on Email Provider Destroys 18 Years of Data π΄
π Read
via "Dark Reading: ".
All data belonging to US users-including backup copies-have been deleted in catastrophe, VMEmail says.π Read
via "Dark Reading: ".
Darkreading
Devastating Cyberattack on Email Provider Destroys 18 Years of Data
All data belonging to US usersβincluding backup copiesβhave been deleted in catastrophe, VFEmail says.
β Microsoft Patches Zero-Day Browser Bug Under Active Attack β
π Read
via "Threatpost | The first stop for security news".
In its February Patch Tuesday bulletin Microsoft patches four public bugs and one that under active attack.π Read
via "Threatpost | The first stop for security news".
Threat Post
Microsoft Patches Zero-Day Browser Bug Under Active Attack
In its February Patch Tuesday bulletin Microsoft patches four public bugs and one that under active attack.
β Double-Stuffed: Dunkinβ Hit by Another Credential-Stuffing Attack β
π Read
via "Threatpost | The first stop for security news".
Dunkinβ Donuts may have just launched its first double-filled doughnut, but another doubling up is not quite as tasty. The chain has suffered its second credential-stuffing attack in three months. Like the first incident, the attack targeted pastry aficionados that have DD Perks accounts, which is Dunkinβs loyalty program. Names, email addresses, 16-digit DD Perks [β¦]π Read
via "Threatpost | The first stop for security news".
Threat Post
Double-Stuffed: Dunkinβ Hit by Another Credential-Stuffing Attack
Dunkinβ Donutsβ loyalty program was hit with a credential stuffing attack that targeted names, email addresses, 16-digit DD Perks account numbers and DD Perks QR codes.
π΄ Microsoft, Adobe Both Close More Than 70 Security Issues π΄
π Read
via "Dark Reading: ".
With their regularly scheduled Patch Tuesday updates, both companies issued fixes for scores of vulnerabilities in their widely used software.π Read
via "Dark Reading: ".
Darkreading
Microsoft, Adobe Both Close More Than 70 Security Issues
With their regularly scheduled Patch Tuesday updates, both companies issued fixes for scores of vulnerabilities in their widely used software.
π΄ Up to 100,000 Reported Affected in Landmark White Data Breach π΄
π Read
via "Dark Reading: ".
Australian property valuation firm Landmark White exposed files containing personal data and property valuation details.π Read
via "Dark Reading: ".
Darkreading
Up to 100,000 Reported Affected in Landmark White Data Breach
Australian property valuation firm Landmark White exposed files containing personal data and property valuation details.
β Siemens Warns of Critical Remote-Code Execution ICS Flaw β
π Read
via "Threatpost | The first stop for security news".
The affected SICAM 230 process control system is used as an integrated energy system for utility companies, and as a monitoring system for smart-grid applications.π Read
via "Threatpost | The first stop for security news".
Threat Post
Siemens Warns of Critical Remote-Code Execution ICS Flaw
The affected SICAM 230 process control system is used as an integrated energy system for utility companies, and as a monitoring system for smart-grid applications.
ATENTIONβΌ New - CVE-2017-0938
π Read
via "National Vulnerability Database".
Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks.π Read
via "National Vulnerability Database".
β Security firm beats Adobe by patching reader flaw first β
π Read
via "Naked Security".
Adobe has patched a flaw that enabled attackers to slurp a userβs network authentication details - but not before someone else patched it first.π Read
via "Naked Security".
Naked Security
Security firm beats Adobe by patching reader flaw first
Adobe has patched a flaw that enabled attackers to slurp a userβs network authentication details β but not before someone else patched it first.
β 620 million records from 16 websites listed for sale on the Dark Web β
π Read
via "Sophos".
Some of the breaches are new, while some were reported last year. The sites include MyFitnessPal, MyHeritage, Whitepages and more.π Read
via "Sophos".
Naked Security
620 million records from 16 websites listed for sale on the Dark Web
Some of the breaches are new, while some were reported last year. The sites include MyFitnessPal, MyHeritage, Whitepages and more.
π 4 ways your company can avoid a data breach π
π Read
via "Security on TechRepublic".
Only one in three organizations say they are confident they can prevent data breaches, according to Balbix.π Read
via "Security on TechRepublic".
TechRepublic
4 ways your company can avoid a data breach
Only one in three organizations say they are confident they can prevent data breaches, according to Balbix.
β Ep. 019 β Android holes, iOS screengrabbing and USB poo [PODCAST] β
π Read
via "Naked Security".
Here's the latest Naked Security podcast - enjoy!π Read
via "Naked Security".
Naked Security
Ep. 019 β Android holes, iOS screengrabbing and USB poo [PODCAST]
Hereβs the latest Naked Security podcast β enjoy!
π More developers are abusing Apple Developer Enterprise Program to distribute illicit apps π
π Read
via "Security on TechRepublic".
Apple has less of an iron grip over iOS than first thought, as organizations are using the Developer Enterprise Program for apps that would not be allowed in the App Store.π Read
via "Security on TechRepublic".
TechRepublic
More developers are abusing Apple Developer Enterprise Program to distribute illicit apps
Apple has less of an iron grip over iOS than first thought, as organizations are using the Developer Enterprise Program for apps that would not be allowed in the App Store.
β Unpatched Apple macOS Hole Exposes Safari Browsing History β
π Read
via "Threatpost | The first stop for security news".
There are no permission dialogues for apps in certain folders for macOS Mojave, which allows a malicious app to spy on browsing histories..π Read
via "Threatpost | The first stop for security news".
Threat Post
Unpatched Apple macOS Hole Exposes Safari Browsing History
Apple has since acknowledged the flaw.
β βDirty Sockβ Flaw in snapd Allows Root Access to Linux Servers β
π Read
via "Threatpost | The first stop for security news".
The issue affects default installations of Ubuntu Server and Desktop and is likely included in many Ubuntu-like Linux distributions.π Read
via "Threatpost | The first stop for security news".
Threat Post
βDirty Sockβ Flaw in snapd Allows Root Access to Linux Servers
The issue affects default installations of Ubuntu Server and Desktop and is likely included in many Ubuntu-like Linux distributions.