π΄ Finding Your Niche in Cybersecurity π΄
π Read
via "Dark Reading".
With a little patience and research, you can discover a role you love that also protects those around you.π Read
via "Dark Reading".
Dark Reading
Finding Your Niche in Cybersecurity
With a little patience and research, you can discover a role you love that also protects those around you.
β Controversial face matchers Clearview set to be fined over $20m β
π Read
via "Naked Security".
Scraping data for a facial recognition service? "That's unlawful", concluded both the British and the Australians.π Read
via "Naked Security".
Naked Security
Clearview AI face-matching service set to be fined over $20m
Scraping data for a facial recognition service? βThatβs unlawfulβ, concluded both the British and the Australians.
βΌ CVE-2021-41679 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/grades/InputFinalGrades.php, period parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41677 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/functions/GetStuListFnc.php &Grade= parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25987 βΌ
π Read
via "National Vulnerability Database".
Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. The post Γ’β¬ΕbodyΓ’β¬οΏ½ and Γ’β¬ΕtagsΓ’β¬οΏ½ donΓ’β¬β’t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41678 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/users/Staff.php, staff{TITLE] parameter.π Read
via "National Vulnerability Database".
π΄ Ransomware vs. Cities: A Cyber War π΄
π Read
via "Dark Reading".
As smart cities become the new normal for urban living, they must be resilient against the speed and sophistication of modern cyber threats.π Read
via "Dark Reading".
Dark Reading
Ransomware vs. Cities: A Cyber War
As smart cities become the new normal for urban living, they must be resilient against the speed and sophistication of modern cyber threats.
π¦Ώ Become an ethical hacker for just $13 during this Cyber Week sale π¦Ώ
π Read
via "Tech Republic".
Now you can learn everything you need to become a master ethical hacker without having to take time away from your current job.π Read
via "Tech Republic".
TechRepublic
Become an ethical hacker for just $13 during this Cyber Week sale
Now you can learn everything you need to become a master ethical hacker without having to take time away from your current job.
βΌ CVE-2021-43202 βΌ
π Read
via "National Vulnerability Database".
In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43998 βΌ
π Read
via "National Vulnerability Database".
HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and 1.8.4 templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement. Fixed in Vault and Vault Enterprise 1.7.6, 1.8.5, and 1.9.0.π Read
via "National Vulnerability Database".
ποΈ Bug Bounty Radar // The latest bug bounty programs for December 2021 ποΈ
π Read
via "The Daily Swig".
New web targets for the discerning hackerπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Bug Bounty Radar // The latest bug bounty programs for December 2021
New web targets for the discerning hacker
π’ Practicality of UK governmentβs cyber bill criticised by industry experts π’
π Read
via "ITPro".
The Product Security and Telecommunications Infrastructure (PSTI) Bill falls short in several key areasπ Read
via "ITPro".
IT PRO
Practicality of UK governmentβs cyber bill criticised by industry experts | IT PRO
The Product Security and Telecommunications Infrastructure (PSTI) Bill falls short in several key areas
π’ Ikea launches "full-scale investigation" into email-based cyber attack π’
π Read
via "ITPro".
Early evidence seems to indicate a compromise of Microsoft Exchange servers in a reply chain attack campaignπ Read
via "ITPro".
ITPro
Ikea launches "full-scale investigation" into email-based cyber attack
Early evidence seems to indicate a compromise of Microsoft Exchange servers in a reply chain attack campaign
π’ What is smishing? π’
π Read
via "ITPro".
A closer look at one of the most perilous forms of phishingπ Read
via "ITPro".
IT PRO
What is smishing? | IT PRO
A closer look at one of the most perilous forms of phishing
π’ RATDispenser evades nine in ten anti-virus engines π’
π Read
via "ITPro".
Stealth malware deploys key loggers and information stealersπ Read
via "ITPro".
IT PRO
RATDispenser evades nine in ten anti-virus engines | IT PRO
Stealth malware deploys key loggers and information stealers
π’ Sky Broadband took almost 18 months to fix serious router flaw π’
π Read
via "ITPro".
Flaw could expose userβs home network to hackersπ Read
via "ITPro".
IT PRO
Sky Broadband took almost 18 months to fix serious router flaw | IT PRO
Flaw could expose userβs home network to hackers
π’ GoDaddy data breach exposes over 1.2 million customer details π’
π Read
via "ITPro".
Attacker had access to admin passwords for over two monthsπ Read
via "ITPro".
IT PRO
GoDaddy data breach exposes over 1.2 million customer details | IT PRO
Attacker had access to admin passwords for over two months
π’ Why the NCSC and telecoms firms are at loggerheads over quantum key distribution π’
π Read
via "ITPro".
In the face of mixed messages between the public and private sector, should businesses be wary of jumping on the bandwagon?π Read
via "ITPro".
IT PRO
Why the NCSC and telecoms firms are at loggerheads over quantum key distribution | IT PRO
In the face of mixed messages between the public and private sector, should businesses be wary of jumping on the bandwagon?
π’ SMBs urged to update software ahead of Black Friday π’
π Read
via "ITPro".
NCSC identified 4,151 online shops compromised using vulnerability within e-commerce platform Magentoπ Read
via "ITPro".
IT PRO
SMBs urged to update software ahead of Black Friday | IT PRO
NCSC identified 4,151 online shops compromised using vulnerability within e-commerce platform Magento
π’ Pizza chain exposed 100,000 employees' Social Security numbers π’
π Read
via "ITPro".
Former and current staff at California Pizza Kitchen potentially burned by hackersπ Read
via "ITPro".
IT PRO
Pizza chain exposed 100,000 employees' Social Security numbers | IT PRO
Former and current staff at California Pizza Kitchen potentially burned by hackers
π’ Apple sues NSO Group over Pegasus attacks on its customers π’
π Read
via "ITPro".
The lawsuit claims 'flagrant' violations of US federal and state law from the Israeli firm behind the infamous spywareπ Read
via "ITPro".
IT PRO
Apple sues NSO Group over Pegasus attacks on its customers | IT PRO
The lawsuit claims 'flagrant' violations of US federal and state law from the Israeli firm behind the infamous spyware