π΄ The 'Opsec Fail' That Helped Unmask a North Korean State Hacker π΄
π Read
via "Dark Reading: ".
How Park Jin Hyok - charged by the US government for alleged computer crimes for the Sony, Bank of Bangladesh, WannaCry cyberattacks - inadvertently blew his cover via email accounts.π Read
via "Dark Reading: ".
Dark Reading
The 'Opsec Fail' That Helped Unmask a North Korean State Hacker
How Park Jin Hyok - charged by the US government for alleged computer crimes for the Sony, Bank of Bangladesh, WannaCry cyberattacks - inadvertently blew his cover via email accounts.
β Critical Vulnerability Found in Cisco Video Surveillance Manager β
π Read
via "The first stop for security news | Threatpost ".
Cisco has patched vulnerability in its video surveillance manager software that could give an unauthenticated, remote attacker the ability to execute arbitrary commands on targeted systems.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Critical Vulnerability Found in Cisco Video Surveillance Manager
Cisco has patched vulnerability in its video surveillance manager software that could give an unauthenticated, remote attacker the ability to execute arbitrary commands on targeted systems.
π ProTip: Automate setting a firmware password on Apple computers π
π Read
via "Security on TechRepublic".
Securing Mac computers means more than just protecting the data. Limiting the ways a user can gain access to a device--including bypassing the existing OS or resetting account passwords is easily enabled with a simple command.π Read
via "Security on TechRepublic".
TechRepublic
How to automate setting a firmware password on Apple computers
Securing Mac computers means more than just protecting the data--limiting how a user can gain access to a device is easy to enable with a simple command.
β Podcast: Two Billion IoT Devices Still Vulnerable to BlueBorne Bug β
π Read
via "The first stop for security news | Threatpost ".
Up to two billion devices are still vulnerable to the BlueBorne IoT attack - and may not ever get a patch.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Podcast: Two Billion IoT Devices Still Vulnerable to BlueBorne Bug
Up to two billion devices are still vulnerable to the BlueBorne IoT attack - and may not ever get a patch.
β Monday review β the hot 19 stories of the week β
π Read
via "Naked Security".
From iOS security updates to Netflix phishing attacks, catch up with everything we've written in the last seven days - it's weekly roundup time.π Read
via "Naked Security".
Naked Security
Monday review β the hot 19 stories of the week
From iOS security updates to Netflix phishing attacks, catch up with everything weβve written in the last seven days β itβs weekly roundup time.
β iTunes is assigning you a βtrust scoreβ based on emails and phone calls β
π Read
via "Naked Security".
It's just a number to detect fraud, not a Black Mirror-esque score that's going to rate us all as social misfits unworthy of wedding invitations.π Read
via "Naked Security".
Naked Security
iTunes is assigning you a βtrust scoreβ based on emails and phone calls
Itβs just a number to detect fraud, not a Black Mirror-esque score thatβs going to rate us all as social misfits unworthy of wedding invitations.
β Police accidentally tweet bookmarks that reveal surveilled groups β
π Read
via "Naked Security".
The Massachusetts State Police (MSP) accidentally spilled some of its opsec onto Twitter last week, uploading a screenshot that revealed browser bookmarks.π Read
via "Naked Security".
Naked Security
Police accidentally tweet bookmarks that reveal surveilled groups
The Massachusetts State Police (MSP) accidentally spilled some of its opsec onto Twitter last week, uploading a screenshot that revealed browser bookmarks.
β App developers are STILL allowed to read your Gmails β
π Read
via "Naked Security".
Google is still allowing third-party developers access to access its usersβ Gmail data, it said in a letter to Senators last week.π Read
via "Naked Security".
Naked Security
App developers are STILL allowed to read your Gmails
Google is still allowing third-party developers access to access its usersβ Gmail data, it said in a letter to Senators last week.
β Facebook faces sanctions if it drags its feet on data transparency β
π Read
via "Naked Security".
The EU justice commissioner said she's out of patience. Also, she quit Facebook because it's a "channel of dirt."π Read
via "Naked Security".
Naked Security
Facebook faces sanctions if it drags its feet on data transparency
The EU justice commissioner said sheβs out of patience. Also, she quit Facebook because itβs a βchannel of dirt.β
β Bankrupt NCIX customer data resold on Craigslist β
π Read
via "Naked Security".
What happens to sensitive customer data when a large company that has collected it over many years suddenly goes bust?π Read
via "Naked Security".
Naked Security
Bankrupt NCIX customer data resold on Craigslist
What happens to sensitive customer data when a large company that has collected it over many years suddenly goes bust?
π Will Microsoft finally kill the password with its Authenticator upgrade? π
π Read
via "Security on TechRepublic".
Microsoft has extended its support for passwordless login using the app to the hundreds of thousands of Azure Active Directory-connected apps used by business, one of a series of security improvements announced at Ignite.π Read
via "Security on TechRepublic".
β Tricky DoS Attack Crashes Mozilla Firefox β
π Read
via "The first stop for security news | Threatpost ".
There are currently no mitigations for the Firefox attack, a researcher told Threatpost.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Tricky DoS Attack Crashes Mozilla Firefox
There are currently no mitigations for the Firefox attack, a researcher told Threatpost.
π Cisco: We've killed another critical hard-coded root password bug, patch urgently π
π Read
via "Security on TechRepublic".
This time a 9.8/10-severity hardcoded password has been found in Cisco's video surveillance software.π Read
via "Security on TechRepublic".
TechRepublic
Cisco: We've killed another critical hard-coded root password bug, patch urgently
This time a 9.8/10-severity hardcoded password has been found in Cisco's video surveillance software.
π΄ Hacking Back: Simply a Bad Idea π΄
π Read
via "Dark Reading: ".
While the concept may sound appealing, it's rife with drawbacks and dangers.π Read
via "Dark Reading: ".
Darkreading
Hacking Back: Simply a Bad Idea
While the concept may sound appealing, it's rife with drawbacks and dangers.
π΄ 'Scan4Yyou' Operator Gets 14-Year Sentence π΄
π Read
via "Dark Reading: ".
A citizen of the former USSR is sentenced to 168 months for running Scan4you, an online counter antivirus service.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Assessing the Human Element in Cyber Risk Analysis β
π Read
via "The first stop for security news | Threatpost ".
The human factor doesn't have to be an intangible when assessing cyber risks within a company.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Assessing the Human Element in Cyber Risk Analysis
The human factor doesnβt have to be an intangible when assessing cyber risks within a company.
β Googleβs Forced Sign-in to Chrome Raises Privacy Red Flags β
π Read
via "The first stop for security news | Threatpost ".
Chrome users are now automatically signed into the browser if they're signed into any other Google service, such as Gmail.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Googleβs Forced Sign-in to Chrome Raises Privacy Red Flags
Chrome users are now automatically signed into the browser if theyβre signed into any other Google service, such as Gmail.
β Adwind RAT Scurries By AV Software With New DDE Variant β
π Read
via "The first stop for security news | Threatpost ".
The spam campaign mostly targets victims in Turkey and Germany.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Adwind RAT Scurries By AV Software With New DDE Variant
The spam campaign mostly targets victims in Turkey and Germany.
π΄ 6 Dark Web Pricing Trends π΄
π Read
via "Dark Reading: ".
For cybercriminals, the Dark Web grows more profitable every day.π Read
via "Dark Reading: ".
Dark Reading
6 Dark Web Pricing Trends
For cybercriminals, the Dark Web grows more profitable every day.
π΄ Microsoft Deletes Passwords for Azure Active Directory Applications π΄
π Read
via "Dark Reading: ".
At Ignite 2018, security took center stage as Microsoft rolled out new security services and promised an end to passwords for online apps.π Read
via "Dark Reading: ".
Darkreading
Microsoft Deletes Passwords for Azure Active Directory Applications
At Ignite 2018, security took center stage as Microsoft rolled out new security services and promised an end to passwords for online apps.
ATENTIONβΌ New - CVE-2015-8298
π Read
via "National Vulnerability Database".
Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or the (5) rxtec cookie to index.htm.π Read
via "National Vulnerability Database".