β Thunderclap Flaws Shatter Peripheral Security β
π Read
via "Threatpost | The first stop for security news".
Many machines, including almost all Apple laptops and desktops produced since 2011, are vulnerable to data exfiltration via weaponized peripherals.π Read
via "Threatpost | The first stop for security news".
Threat Post
Thunderclap Flaws Shatter Peripheral Security
Many machines, including almost all Apple laptops and desktops produced since 2011, are vulnerable to data exfiltration via weaponized peripherals.
π New detection method identifies cryptomining and other fileless malware attacks π
π Read
via "Security on TechRepublic".
SentinelOne and Intel announced a new method to detect cryptomining and cryptojacking attacks using hardware-based detection technology.π Read
via "Security on TechRepublic".
TechRepublic
New detection method identifies cryptomining and other fileless malware attacks
SentinelOne and Intel announced a new method to detect cryptomining and cryptojacking attacks using hardware-based detection technology.
β Cisco Patches High-Severity Webex Vulnerability For Third Time β
π Read
via "Threatpost | The first stop for security news".
Third time's hopefully a charm for Cisco, which has patched a high-severity flaw once again in its Webex video conferencing platform.π Read
via "Threatpost | The first stop for security news".
Threat Post
Cisco Patches High-Severity Webex Vulnerability For Third Time
Third time's hopefully a charm for Cisco as it patches a high-severity Webex flaw once again.
β Ring Doorbell Flaw Opens Door to Spying β
π Read
via "Threatpost | The first stop for security news".
Researchers are urging Ring users to update to the latest version of the smart doorbell after a serious flaw triggered privacy concerns.π Read
via "Threatpost | The first stop for security news".
Threat Post
Ring Doorbell Flaw Opens Door to Spying
Researchers are urging Ring users to update to the latest version of the smart doorbell after a serious flaw triggered privacy concerns.
β Card-Skimming Scripts Hide Behind Google Analytics, Angular β
π Read
via "Threatpost | The first stop for security news".
The campaign is marked by a significant level of customization, with an βindividualized yet very consistent approach to every compromise.π Read
via "Threatpost | The first stop for security news".
Threat Post
Card-Skimming Scripts Hide Behind Google Analytics, Angular
The campaign is marked by a significant level of customization, with an βindividualized yet very consistent approach to every compromise
π΄ Whose Line Is It? When Voice Phishing Attacks Get Sneaky π΄
π Read
via "Dark Reading: ".
Researchers investigate malicious apps designed to intercept calls to legitimate numbers, making voice phishing attacks harder to detect.π Read
via "Dark Reading: ".
Darkreading
Whose Line Is It? When Voice Phishing Attacks Get Sneaky
Researchers investigate malicious apps designed to intercept calls to legitimate numbers, making voice phishing attacks harder to detect.
π What is GLBA Compliance? Understanding the Data Protection Requirements of the Gramm-Leach-Bliley Act in 2019 π
π Read
via "Subscriber Blog RSS Feed ".
Learn about what GLBA means for data protection and how to achieve GLBA compliance in Data Protection 101, our series on the fundamentals of information security.π Read
via "Subscriber Blog RSS Feed ".
Digitalguardian
What is GLBA Compliance? (Understand Requirements)
Learn about what GLBA means for data protection and how to achieve GLBA compliance in Data Protection 101, our series on the fundamentals of information security.
π Software vulnerabilities are becoming more numerous, less understood π
π Read
via "Security on TechRepublic".
Operating a database of software vulnerabilities is a challenging undertaking, according to private vulnerability database operator Risk Based Security.π Read
via "Security on TechRepublic".
TechRepublic
Software vulnerabilities are becoming more numerous, less understood
Operating a database of software vulnerabilities is a challenging undertaking, according to private vulnerability database operator Risk Based Security.
π΄ Stay Ahead of the Curve by Using AI in Compliance π΄
π Read
via "Dark Reading: ".
Although human oversight is required, advanced technologies built on AI will become pivotal in building safer financial markets and a safer world.π Read
via "Dark Reading: ".
Dark Reading
Stay Ahead of the Curve by Using AI in Compliance
Although human oversight is required, advanced technologies built on AI will become pivotal in building safer financial markets and a safer world.
π΄ Former Albany College Student Charged with Computer Damage π΄
π Read
via "Dark Reading: ".
Vishwanath Akuthota has been accused of using a 'USB killer device' to destroy dozens of computers, officials report.π Read
via "Dark Reading: ".
Darkreading
Former Albany College Student Charged with Computer Damage
Vishwanath Akuthota has been accused of using a 'USB killer device' to destroy dozens of computers, officials report.
π΄ European Security Firm to Offer Free Hacking Toolkit π΄
π Read
via "Dark Reading: ".
CQTools suite includes both exploit kits and information-extraction functions, its developers say.π Read
via "Dark Reading: ".
Dark Reading
European Security Firm to Offer Free Hacking Toolkit
CQTools suite includes both exploit kits and information-extraction functions, its developers say.
π΄ Booter Owner Pleads Guilty in Federal Court π΄
π Read
via "Dark Reading: ".
Illinois man offered "DDoS for hire" services that hit millions of victims.π Read
via "Dark Reading: ".
Dark Reading
Booter Owner Pleads Guilty in Federal Court
Illinois man offered DDoS for hire services that hit millions of victims.
π΄ Intel Focuses on Data Center, Firmware Security Ahead of RSAC π΄
π Read
via "Dark Reading: ".
The new Intel SGX Card is intended to extend application memory security using Intel SGX in existing data center infrastructure.π Read
via "Dark Reading: ".
Dark Reading
Intel Focuses on Data Center, Firmware Security Ahead of RSAC
The new Intel SGX Card is intended to extend application memory security using Intel SGX in existing data center infrastructure.
π΄ Persistent Attackers Rarely Use Bespoke Malware π΄
π Read
via "Dark Reading: ".
Study of the Bronze Union group-also known as APT27 or Emissary Panda-underscores how most advanced persistent threat (APT) groups now use administrative tools or slight variants of well-known tools.π Read
via "Dark Reading: ".
Dark Reading
Persistent Attackers Rarely Use Bespoke Malware
Study of the Bronze Union group-also known as APT27 or Emissary Panda-underscores how most advanced persistent threat (APT) groups now use administrative tools or slight variants of well-known tools.
π΄ More Than 22,000 Vulns Were Disclosed in 2018, 27% Without Fixes π΄
π Read
via "Dark Reading: ".
As in previous years, input validation vulnerabilities accounted for a substantial proportion of total, Risk Based Security report shows.π Read
via "Dark Reading: ".
Dark Reading
More Than 22,000 Vulns Were Disclosed in 2018, 27% Without Fixes
As in previous years, input validation vulnerabilities accounted for a substantial proportion of total, Risk Based Security report shows.
π΄ IoT, APIs, and Criminal Bots Pose Evolving Dangers π΄
π Read
via "Dark Reading: ".
A pair of reports reach similar conclusions about some of the threats growing in cyberspace and the industries likely to be most affected.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
β US pushed Russian troll factory offline during US midterm elections β
π Read
via "Naked Security".
The US blocked internet access to Russian trolls who, they say, were trying to spread FUD.π Read
via "Naked Security".
Naked Security
US pushed Russian troll factory offline during US midterm elections
The US blocked internet access to Russian trolls who, they say, were trying to spread FUD.
β US House and Senate debate new data privacy law β
π Read
via "Naked Security".
A steady stream of hair-raising revelations about the treatment of users' data by Facebook, et al. is pushing Congress to do *something.*π Read
via "Naked Security".
Naked Security
US House and Senate debate new data privacy law
A steady stream of hair-raising revelations about the treatment of usersβ data by Facebook, et al. is pushing Congress to do *something.*
β Thunderclap: Apple Macs at risk from malicious Thunderbolt peripherals β
π Read
via "Naked Security".
Researchers have revealed how malicious Thunderbolt and PCI Express (PCIe) peripherals could be used to compromise computers running macOS, Windows, Linux and FreeBSD.π Read
via "Naked Security".
Naked Security
Thunderclap: Apple Macs at risk from malicious Thunderbolt peripherals
Researchers have revealed how malicious Thunderbolt and PCI Express (PCIe) peripherals could be used to compromise computers running macOS, Windows, Linux and FreeBSD.
π΄ Find your New Favorite Security Tool in the Black Hat Asia Arsenal π΄
π Read
via "Dark Reading: ".
From data exfiltration over FM radio to open-source cybersecurity training suites, Black Hat Asia's Arsenal offers live demos of the latest security tools.π Read
via "Dark Reading: ".
Dark Reading
Find your New Favorite Security Tool in the Black Hat Asia Arsenal
From data exfiltration over FM radio to open-source cybersecurity training suites, Black Hat Asia's Arsenal offers live demos of the latest security tools.
β Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers β
π Read
via "Threatpost | The first stop for security news".
Cisco said that CVE-2019-1663, which has a CVSS score of 9.8, allows unauthenticated, remote attackers to execute arbitrary code.π Read
via "Threatpost | The first stop for security news".
Threat Post
Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers
Cisco said that CVE-2019-1663, which has a CVSS score of 9.8, allows unauthenticated, remote attackers to execute arbitrary code.