ποΈ Millions of South Africans caught up in security incident after debt recovery firm suffers βsignificant data breachβ ποΈ
π Read
via "The Daily Swig".
Sensitive information is among datasets potentially exposedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Millions of South Africans caught up in security incident after debt recovery firm suffers βsignificant data breachβ
Sensitive information is among datasets potentially exposed
βΌ CVE-2021-36749 βΌ
π Read
via "National Vulnerability Database".
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. This issue was previously mentioned as being fixed in 0.21.0 as per CVE-2021-26920 but was not fixed in 0.21.0 or 0.21.1.π Read
via "National Vulnerability Database".
π΄ Primer: Microsoft Active Directory Security for AD Admins π΄
π Read
via "Dark Reading".
Nearly all AD environments are vulnerable to identity attack paths -- a powerful, widespread, and difficult-to-detect attack technique. But we didn't say impossible. Here's how admins can stop them.π Read
via "Dark Reading".
Dark Reading
Primer: Microsoft Active Directory Security for AD Admins
Nearly all AD environments are vulnerable to identity attack paths -- a powerful, widespread, and difficult-to-detect attack technique. But we didn't say impossible. Here's how admins can stop them.
π΄ BlackFog ARM 64 Edition Provides Anti Data Exfiltration Across New Patforms π΄
π Read
via "Dark Reading".
New BlackFog ARM 64 edition maximizes performance, battery life, and data security.π Read
via "Dark Reading".
Dark Reading
BlackFog ARM 64 Edition Provides Anti Data Exfiltration Across New Patforms
New BlackFog ARM 64 edition maximizes performance, battery life, and data security.
π΄ NIST Brings Threat Modeling into the Spotlight π΄
π Read
via "Dark Reading".
NIST recommendations typically become part of government procurement, which means threat modeling will soon be written into questions for organizations that sell to the federal government.π Read
via "Dark Reading".
Dark Reading
NIST Brings Threat Modeling into the Spotlight
NIST recommendations typically become part of government procurement, which means threat modeling will soon be written into questions for organizations that sell to the federal government.
π΄ UK MoD Data Breach Shows Cybersecurity Must Protect Both People and Data π΄
π Read
via "Dark Reading".
The UK MoD has failed to protect personally identifiable information (PII) for Afghan interpreters; the incident highlights how avoidable cybersecurity mistakes can have devastating consequences.π Read
via "Dark Reading".
Dark Reading
UK MoD Data Breach Shows Cybersecurity Must Protect Both People and Data
The UK MoD has failed to protect personally identifiable information (PII) for Afghan interpreters; the incident highlights how avoidable cybersecurity mistakes can have devastating consequences.
π΄ SAIC Appoints Kevin Brown as Chief Information Security Officer π΄
π Read
via "Dark Reading".
Industry leader with decades of information security experience manages SAICβs security strategy and oversees critical cybersecurity operations.π Read
via "Dark Reading".
Dark Reading
SAIC Appoints Kevin Brown as Chief Information Security Officer
Industry leader with decades of information security experience manages SAICβs security strategy and oversees critical cybersecurity operations.
π΄ How to Implement a Security Champions Program π΄
π Read
via "Dark Reading".
A Security Champions program is a great way to enhance security maturity, reduce vulnerabilities, and make security top of mind throughout the business.π Read
via "Dark Reading".
Dark Reading
How to Implement a Security Champions Program
A Security Champions program is a great way to enhance security maturity, reduce vulnerabilities, and make security top of mind throughout the business.
π΄ Microsoft Exchange Autodiscover Flaw Leaks Thousands of Credentials π΄
π Read
via "Dark Reading".
Researchers claim to have accessed hundreds of thousands of Windows credentials using a bug in the Autodiscover protocol.π Read
via "Dark Reading".
Dark Reading
Microsoft Exchange Autodiscover Flaw Leaks Thousands of Credentials
Researchers claim to have accessed hundreds of thousands of Windows credentials using a bug in the Autodiscover protocol.
π΄ FamousSparrow APT Group Flocks to Hotels, Governments, Businesses π΄
π Read
via "Dark Reading".
The cyber espionage group has a custom backdoor and has added the ProxyLogon Microsoft Exchange flaw to its toolkit.π Read
via "Dark Reading".
Dark Reading
FamousSparrow APT Group Flocks to Hotels, Governments, Businesses
The cyber espionage group has a custom backdoor and has added the ProxyLogon Microsoft Exchange flaw to its toolkit.
π΄ Supply Chain and Ransomware Threats Drove 60% Increase in Global Cyber Intelligence Sharing Among Financial Firms π΄
π Read
via "Dark Reading".
AMEX, Banco Falabella, IAG, and UBS win global award for annual cyber intelligence sharing efforts.π Read
via "Dark Reading".
Dark Reading
Supply Chain and Ransomware Threats Drove 60% Increase in Global Cyber Intelligence Sharing Among Financial Firms
AMEX, Banco Falabella, IAG, and UBS win global award for annual cyber intelligence sharing efforts.
π΄ A Cyber-Resilience Model for the Next Era π΄
π Read
via "Dark Reading".
Digital dilemmas have driven security to the forefront of business leaders' priorities. Understanding how to provide security at the speed of change and build a cyber-resilient organization will drive competitive advantage and help organizations run and transform with ease.π Read
via "Dark Reading".
Dark Reading
A Cyber-Resilience Model for the Next Era
Digital dilemmas have driven security to the forefront of business leaders' priorities. Understanding how to provide security at the speed of change and build a cyber-resilient organization will drive competitive advantage and help organizations run and transformβ¦
π΄ 6 Lessons From Major Data Breaches This Year π΄
π Read
via "Dark Reading".
Though many incidents stemmed from familiar security failures, they served up β or resurfaced β some important takeaways.π Read
via "Dark Reading".
Dark Reading
6 Lessons From Major Data Breaches This Year
Though many incidents stemmed from familiar security failures, they served up β or resurfaced β some important takeaways.
π΄ Panorays Closes $42 Million Series B Funding Round π΄
π Read
via "Dark Reading".
Funding comes on the heels of 500% growth in client base.π Read
via "Dark Reading".
Dark Reading
Panorays Closes $42 Million Series B Funding Round
Funding comes on the heels of 500% growth in client base.
π΄ Apple Patches Zero-Days in iOS, Known Vuln in macOS π΄
π Read
via "Dark Reading".
One of the iOS vulnerabilities was discovered by Citizen Lab; the Google Threat Analysis Group reported iOS and macOS flaws.π Read
via "Dark Reading".
Darkreading
Apple Patches Zero-Days in iOS, Known Vuln in macOS
One of the iOS vulnerabilities was discovered by Citizen Lab; the Google Threat Analysis Group reported iOS and macOS flaws.
π΄ Google Spots New Technique to Sneak Malware Past Detection Tools π΄
π Read
via "Dark Reading".
The operator behind OpenSUpdater is using a new way to sneak adware and other malware past security tools.π Read
via "Dark Reading".
Dark Reading
Google Spots New Technique to Sneak Malware Past Detection Tools
The operator behind OpenSUpdater is using a new way to sneak adware and other malware past security tools.
π΄ Password Reuse Problems Persist Despite Known Risks π΄
π Read
via "Dark Reading".
The vast majority of users worry about compromised passwords, but two-thirds continue to use the same password or a variation, a survey finds.π Read
via "Dark Reading".
Dark Reading
Password Reuse Problems Persist Despite Known Risks
The vast majority of users worry about compromised passwords, but two-thirds continue to use the same password or a variation, a survey finds.
π΄ Who Is BlackMatter? π΄
π Read
via "Dark Reading".
Researchers piece together the origins of the group that made headlines this week as the perpetrator behind a ransomware attack on New Cooperative.π Read
via "Dark Reading".
Dark Reading
Who Is BlackMatter?
Researchers piece together the origins of the group that made headlines this week as the perpetrator behind a ransomware attack on New Cooperative.
π΄ What Are the Different Types of Cyber Insurance? π΄
π Read
via "Dark Reading".
Even with the best cybersecurity defenses in place, organizations can fall victim to a cyberattack.π Read
via "Dark Reading".
Dark Reading
What Are the Different Types of Cyber Insurance?
Even with the best cybersecurity defenses in place, organizations can fall victim to a cyberattack.
ποΈ Bitcoin.org hack nets giveaway scammers $17,000 overnight ποΈ
π Read
via "The Daily Swig".
Open source project back online after fraudsters dangled double-your-money lureπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Bitcoin.org hack nets giveaway scammers $17,000 overnight
Open source project back online after fraudsters dangled double-your-money lure
β Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN β
π Read
via "Threat Post".
Unauthenticated cyberattackers can also wreak havoc on networking device configurations.π Read
via "Threat Post".
Threat Post
Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN
Unauthenticated cyberattackers can also wreak havoc on networking device configurations.