π΄ Silence Group Quietly Emerges as New Threat to Banks π΄
via "Dark Reading".
Though only two members strong, hackers pose a credible threat to banks in Russia and multiple countries.
π Readvia "Dark Reading".
Darkreading
Silence Group Quietly Emerges as New Threat to Banks
Though only two members strong, hackers pose a credible threat to banks in Russia and multiple countries.
β OilRig Sends an OopsIE to Mideast Government Targets β
via "The first stop for security news | Threatpost".
The Iran-linked group is using a variant of the data-exfiltration OopsIE trojan to attack a Mideast government entity.
π Readvia "The first stop for security news | Threatpost".
Threat Post
OilRig Sends an OopsIE to Mideast Government Targets
The Iran-linked group is using a variant of the data-exfiltration OopsIE trojan to attack a Mideast government entity.
π΄ PowerPool Malware Uses Windows Zero-Day Posted on Twitter π΄
via "Dark Reading ".
Researchers detected the vulnerability in an attack campaign two days after it was posted on social media.
π Readvia "Dark Reading ".
Darkreading
PowerPool Malware Uses Windows Zero-Day Posted on Twitter
Researchers detected the vulnerability in an attack campaign two days after it was posted on social media.
ATENTIONβΌ New - CVE-2015-9266
π Read
via "National Vulnerability Database".
The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGateway 1.1.5; airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1, and AF5 2.2.1; airOS 4 XS2/XS5 4.0.4; and EdgeSwitch XP (formerly TOUGHSwitch) 1.3.2.π Read
via "National Vulnerability Database".
π΄ 7 Ways Blockchain is Being Used for Security π΄
π Read
via "Dark Reading: ".
Blockchain is being used as a security tool. If you haven't thought about adopting it, you might want to reconsider your take.π Read
via "Dark Reading: ".
Dark Reading
7 Ways Blockchain is Being Used for Security
Blockchain is being used as a security tool. If you haven't thought about adopting it, you might want to reconsider your take.
β Ungagged Google warns users about FBI accessing their accounts β
π Read
via "Naked Security".
Some of those who received the letters conjecture that it may be because they purchased the LuminosityLink RAT.π Read
via "Naked Security".
Naked Security
Ungagged Google warns users about FBI accessing their accounts
Some of those who received the letters conjecture that it may be because they purchased the LuminosityLink RAT.
β Thousands of unsecured 3D printers discovered online β
π Read
via "Naked Security".
With access control disabled, other people could download previous print files, or even maliciously damage the printer.π Read
via "Naked Security".
Naked Security
Thousands of unsecured 3D printers discovered online
With access control disabled, other people could download previous print files, or even maliciously damage the printer.
β High-Severity Flaws in Cisco Secure Internet Gateway Service Patched β
π Read
via "The first stop for security news | Threatpost ".
The two bugs were disclosed Wednesday in Cisco Umbrella, the tech giant's cloud-based security service.π Read
via "The first stop for security news | Threatpost ".
Threat Post
High-Severity Flaws in Cisco Secure Internet Gateway Service Patched
The two bugs were disclosed Wednesday in Cisco Umbrella, the tech giantβs cloud-based security service.
β Social Security numbers exposed on US government transparency site β
π Read
via "Naked Security".
The US government exposed dozens of people'sβ personal details, including social security numbers, due to an online mishap on a public transparency portal.π Read
via "Naked Security".
Naked Security
Social Security numbers exposed on US government transparency site
The US government exposed dozens of peopleβsβ personal details, including social security numbers, due to an online mishap on a public transparency portal.
β Mobile spyware maker mSpy leaks millions of records β AGAIN β
π Read
via "Naked Security".
The irony: Parents put it on kids' phones to protect them, but this breach exposed sensitive data including Whatsapp and Facebook messages.π Read
via "Naked Security".
Naked Security
Mobile spyware maker mSpy leaks millions of records β AGAIN
The irony: Parents put it on kidsβ phones to protect them, but this breach exposed sensitive data including Whatsapp and Facebook messages.
ATENTIONβΌ New - CVE-2017-1000600
π Read
via "National Vulnerability Database".
WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time. This issue appears to have been partially, but not completely fixed in WordPress 4.9π Read
via "National Vulnerability Database".
β Mozillaβs Release of Firefox 62 Packs Nine Fixes β
π Read
via "The first stop for security news | Threatpost ".
The slew of fixes address a critical vulnerability that could enable memory corruption.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Mozilla Patches Critical Code Execution Bug in Firefox 62
The update includes nine security patches overall.
π΄ Understanding & Solving the Information-Sharing Challenge π΄
π Read
via "Dark Reading: ".
Why cybersecurity threat feeds from intel-sharing groups diminish in value and become just another source of noise. (And what to do about it.)π Read
via "Dark Reading: ".
Darkreading
Understanding & Solving the Information-Sharing Challenge
Why cybersecurity threat feeds from intel-sharing groups diminish in value and become just another source of noise. (And what to do about it.)
π΄ US to Charge North Korea for Sony Breach, WannaCry π΄
π Read
via "Dark Reading: ".
The DoJ plans to charge North Korean threat actors for their involvement in two major cyberattacks, US officials report.π Read
via "Dark Reading: ".
Darkreading
US to Charge North Korea for Sony Breach, WannaCry
The DoJ plans to charge North Korean threat actors for their involvement in two major cyberattacks, US officials report.
β Active Spy Campaign Exploits Unpatched Windows Zero-Day β
π Read
via "The first stop for security news | Threatpost ".
The PowerPool gang launched its attack just two days after the zero-day in the Windows Task Scheduler was disclosed.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Active Spy Campaign Exploits Unpatched Windows Zero-Day
The PowerPool gang launched its attack just two days after the zero-day in the Windows Task Scheduler was disclosed.
π΄ The SOC Gets a Makeover π΄
π Read
via "Dark Reading: ".
Today's security operations center is all about reducing the number of alerts with emerging technologies - and enhancing old-school human collaboration. Here's how some real-world SOCs are evolving.π Read
via "Dark Reading: ".
Dark Reading
The SOC Gets a Makeover
Today's security operations center is all about reducing the number of alerts with emerging technologies - and enhancing old-school human collaboration. Here's how some real-world SOCs are evolving.
π΄ Why a Healthy Data Diet Is the Secret to Healthy Security π΄
π Read
via "Dark Reading: ".
In the same way that food is fuel to our bodies, data is the fuel on which our security programs run. Here are 10 action items to put on your cybersecurity menu.π Read
via "Dark Reading: ".
Darkreading
Why a Healthy Data Diet Is the Secret to Healthy Security
In the same way that food is fuel to our bodies, data is the fuel on which our security programs run. Here are 10 action items to put on your cybersecurity menu.