β RSAC 2019: Microsoft Zero-Day Allows Exploits to Sneak Past Sandboxes β
π Read
via "Threatpost".
Researchers say that Microsoft won't issue a patch for the issue.π Read
via "Threatpost".
Threat Post
RSAC 2019: Microsoft Zero-Day Allows Exploits to Sneak Past Sandboxes
Researchers say that Microsoft won't issue a patch for the issue.
β Windows IoT Core exploitable via ethernet β
π Read
via "Naked Security".
Microsoft's IoT version of Windows is vulnerable to an exploit that could give an attacker complete control of the system.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β RSAC 2019: Malicious Emailed URLs See Triple-Digit Increase β
π Read
via "Threatpost".
At least 463,546 malicious URLs contained in the 28.4 million analyzed emails made it through to corporate in-boxes in Q4 of 2018.π Read
via "Threatpost".
Threat Post
RSAC 2019: Malicious Emailed URLs See Triple-Digit Increase
At least 463,546 malicious URLs contained in the 28.4 million analyzed emails made it through to corporate in-boxes in Q4 of 2018.
β RSAC 2019: Picking Apart the Foreshadow Attack β
π Read
via "Threatpost".
Raoul Strackx, one of the researchers who discovered the Foreshadow speculative execution vulnerability, talks at RSA about the Catch-22 issue when it comes to fixing speculative execution flaws.π Read
via "Threatpost".
Threat Post
RSA Conference 2019: Picking Apart the Foreshadow Attack
Raoul Strackx, one of the researchers who discovered the Foreshadow speculative execution vulnerability, talks at RSA about the Catch-22 issue when it comes to fixing speculative execution flaws.
β Update now! Critical Adobe ColdFusion flaw now being exploited β
π Read
via "Naked Security".
Adobe has issued an urgent patch for a critical flaw in the ColdFusion web development platform it says is being exploited in the wild.π Read
via "Naked Security".
Naked Security
Update now! Critical Adobe ColdFusion flaw now being exploited
Adobe has issued an urgent patch for a critical flaw in the ColdFusion web development platform it says is being exploited in the wild.
β Comcast security nightmare: default β0000β PIN on everybodyβs account β
π Read
via "Naked Security".
It didn't require an account PIN to switch carriers. Everybody uses 0000, it said, making it easier for customersβ¦ and phone hijackers.π Read
via "Naked Security".
Naked Security
Comcast security nightmare: default β0000β PIN on everybodyβs account
It didnβt require an account PIN to switch carriers. Everybody uses 0000, it said, making it easier for customersβ¦ and phone hijackers.
π΄ Incident Response: Having a Plan Isn't Enough π΄
π Read
via "Dark Reading: ".
Data shows organizations neglect to review and update breach response plans as employees and processes change, putting data at risk.π Read
via "Dark Reading: ".
β RSAC 2019: Most Consumers Say βNoβ to Cumbersome Data Privacy Practices β
π Read
via "Threatpost".
Consumer confidence in companies keeping their data safe is at an all-time low, but password hygiene and not reading EULAs and app permissions remain big problems.π Read
via "Threatpost".
Threat Post
RSAC 2019: Most Consumers Say βNoβ to Cumbersome Data Privacy Practices
Consumer confidence in companies keeping their data safe is at an all-time low, but password hygiene and not reading EULAs and app permissions remain big problems.
π΄ Organizations Taking Less Time to Detect Breaches π΄
π Read
via "Dark Reading: ".
But by the time they became aware, attackers have been on their networks for more than six months, new 2018 data shows.π Read
via "Dark Reading: ".
Darkreading
Organizations Taking Less Time to Detect Breaches
But by the time they became aware, attackers have been on their networks for more than six months, new 2018 data shows.
β RSAC 2019: Joomla! Mail Flaw Exploited to Create Mass Phishing Infrastructure β
π Read
via "Threatpost".
The Jmail Breaker attack leverages an old vulnerability in Joomla! along with a newly found flaw in the mail module.π Read
via "Threatpost".
Threat Post
RSAC 2019: Joomla! Flaw Exploited to Create Mass Phishing Infrastructure
The Jmail Breaker attack leverages an old vulnerability in Joomla! along with a newly found flaw in the mail module.
π΄ Axonius' 'Unsexy' Tool Wins RSAC Innovation Sandbox π΄
π Read
via "Dark Reading: ".
Judges award top honor to new company solving an old, unsolved problem: asset discovery and management.π Read
via "Dark Reading: ".
β Companies are flying blind on cybersecurity β
π Read
via "Naked Security".
IT managers are flying blind in the battle to protect their companies from cyber attacks, according to a new Sophos survey.π Read
via "Naked Security".
Naked Security
Companies are flying blind on cybersecurity
IT managers are flying blind in the battle to protect their companies from cyber attacks, according to a new Sophos survey.
π The public sector is a cyberattack magnet, manual processes are to blame π
π Read
via "Security on TechRepublic".
More than half (51%) of respondents said their security teams spend more time on manual processes than handling vulnerabilities, according to a Tenable and Ponemon report.π Read
via "Security on TechRepublic".
TechRepublic
The public sector is a cyberattack magnet, manual processes are to blame
More than half (51%) of respondents said their security teams spend more time on manual processes than handling vulnerabilities, according to a Tenable and Ponemon report.
π΄ Artificial Intelligence: The Terminator of Malware π΄
π Read
via "Dark Reading: ".
Is it possible that the combination of AI, facial recognition, and the coalescence of global mass-hack data could lead us toward a Skynet-like future?π Read
via "Dark Reading: ".
π΄ 6 Questions to Ask While Buying a Connected Car π΄
π Read
via "Dark Reading: ".
Here are six questions to keep in mind when you walk into the showroom to buy a networked car.π Read
via "Dark Reading: ".
π Insider cyberthreats in government agencies hit all-time high, report says π
π Read
via "Security on TechRepublic".
Untrained insiders and foreign governments create huge cybersecurity risks in government agencies, according to a SolarWinds report.π Read
via "Security on TechRepublic".
TechRepublic
Insider cyberthreats in government agencies hit all-time high, report says
Untrained insiders and foreign governments create huge cybersecurity risks in government agencies, according to a SolarWinds report.
ATENTIONβΌ New - CVE-2018-15361
π Read
via "National Vulnerability Database".
UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.π Read
via "National Vulnerability Database".
β RSA Conference: BEC Scammer Gang Takes Aim at Boy Scouts, Other Nonprofts β
π Read
via "Threatpost".
A scammer ring dubbed Scarlet Widow has targeted nonprofits, schools and universities with an array of business email compromise (BEC) attacks over the past few months.π Read
via "Threatpost".
Threat Post
RSA Conference 2019: BEC Scammer Gang Takes Aim at Boy Scouts, Other Nonprofts
A scammer ring, dubbed Scarlet Widow, has targeted nonprofits, schools and universities with an array of business email compromise (BEC) attacks over the past few months.
π΄ Lazarus Research Highlights Threat from North Korea π΄
π Read
via "Dark Reading: ".
A widespread attack against companies and government agencies have been linked to the North Korean Lazarus group, underscoring that the countries hackers are becoming more brazen.π Read
via "Dark Reading: ".
π How to use the Microsoft Authenticator app on an Apple Watch π
π Read
via "Security on TechRepublic".
You can turn to your trusty Apple Watch to log into websites that use your Microsoft Account. Here's how.π Read
via "Security on TechRepublic".
TechRepublic
How to use the Microsoft Authenticator app on an Apple Watch
You can turn to your trusty Apple Watch to log into websites that use your Microsoft Account. Here's how.
π΄ Care and Feeding of Your SIEM π΄
π Read
via "Dark Reading: ".
Six simple steps to mitigate the grunt work and keep your organization safe.π Read
via "Dark Reading: ".