π΄ GAO Finds Deficiencies in Systems for Handling National Debt π΄
π Read
via "Dark Reading: ".
IT systems at the Bureau of the Fiscal Service and the Federal Reserve Bank show vulnerabilities that could lead them open to exploitation and breach.π Read
via "Dark Reading: ".
Dark Reading
GAO Finds Deficiencies in Systems for Handling National Debt
IT systems at the Bureau of the Fiscal Service and the Federal Reserve Bank show vulnerabilities that could lead them open to exploitation and breach.
β Grindr Poses National Security Risk, U.S. Gov Says β
π Read
via "Threatpost".
According to a report, Grindr's Chinese owners are selling the platform after concerns were raised about user data handling.π Read
via "Threatpost".
Threat Post
Grindr Poses National Security Risk, U.S. Gov Says
According to a report, Grindr's Chinese owners are selling the platform after concerns were raised about user data handling.
ATENTIONβΌ New - CVE-2017-2752
π Read
via "National Vulnerability Database".
A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as a result of this issue.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-2748
π Read
via "National Vulnerability Database".
A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-18364
π Read
via "National Vulnerability Database".
phpFK lite has XSS via the faq.php, members.php, or search.php query string or the user.php user parameter.π Read
via "National Vulnerability Database".
π΄ Threat Hunting 101: Not Mission Impossible for the Resource-Challenged π΄
π Read
via "Dark Reading: ".
How small and medium-sized businesses can leverage native features of the operating system and freely available, high-quality hunting resources to overcome financial limitations.π Read
via "Dark Reading: ".
Darkreading
Threat Hunting 101: Not Mission Impossible for the Resource-Challenged
How small and medium-sized businesses can leverage native features of the operating system and freely available, high-quality hunting resources to overcome financial limitations.
π Breaking Down Singapore's New Data Protection Trustmark Certification π
π Read
via "Subscriber Blog RSS Feed ".
A new certification, launched by a division of the country's government this week, is designed to help organizations demonstrate "accountable and responsible data protection practices."π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Breaking Down Singapore's New Data Protection Trustmark Certification
A new certification, launched by a division of the country's government this week, is designed to help organizations demonstrate "accountable and responsible data protection practices."
π΄ 87% of Cloud Pros Say Visibility Masks Security π΄
π Read
via "Dark Reading: ".
The majority of cloud IT professionals find a direct link between network visibility and business value, new data shows.π Read
via "Dark Reading: ".
Dark Reading
87% of Cloud Pros Say Lack of Visibility Masks Security
The majority of cloud IT professionals find a direct link between network visibility and business value, new data shows.
ATENTIONβΌ New - CVE-2016-9166 (netiq_edirectory)
π Read
via "National Vulnerability Database".
NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.π Read
via "National Vulnerability Database".
π΄ New Shodan Tool Warns Organizations of Their Internet-Exposed Devices π΄
π Read
via "Dark Reading: ".
Shodan Monitor is free to members of the popular Internet search engine.π Read
via "Dark Reading: ".
Dark Reading
New Shodan Tool Warns Organizations of Their Internet-Exposed Devices
Shodan Monitor is free to members of the popular Internet search engine.
β FTC Demands Broadband Providers Reveal Data Handling Practices β
π Read
via "Threatpost".
The FTC is ordering seven companies - including AT&T, T-Mobile, Comcast and more - to outline what data they collect, what they use the data for, and how transparent they're being with consumers.π Read
via "Threatpost".
Threat Post
FTC Demands Broadband Providers Reveal Data Handling Practices
The FTC is ordering seven companies - including AT&T, T-Mobile, Comcast and more - to outline what data they collect, what they use the data for, and how transparent they're being with consumers.
β Cisco Releases Flood of Patches for IOS XE and Small Business Routers β
π Read
via "Threatpost".
The networking giant issued 27 patches impacting a wide range of its products running the ISO XE software.π Read
via "Threatpost".
Threat Post
Cisco Releases Flood of Patches for IOS XE, But Leaves Some Routers Open to Attack
The networking giant issued 27 patches impacting a wide range of its products running the ISO XE software.
π΄ 6 Things To Know About the Ransomware That Hit Norsk Hydro π΄
π Read
via "Dark Reading: ".
In just one week, 'LockerGoga' has cost the Norwegian aluminum maker $40 million as it struggles to recover operations across Europe and North America.π Read
via "Dark Reading: ".
Darkreading
6 Things To Know About the Ransomware That Hit Norsk Hydro
In just one week, 'LockerGoga' has cost the Norwegian aluminum maker $40 million as it struggles to recover operations across Europe and North America.
π Apple Pay: A cheat sheet π
π Read
via "Security on TechRepublic".
Apple Pay is a mobile payment solution that's accepted by millions of retailers in various countries. This guide covers what you need to know to use Apple Pay.π Read
via "Security on TechRepublic".
TechRepublic
Apple Pay: A cheat sheet
Apple Pay is a mobile payment solution that's accepted by millions of retailers in various countries. This guide covers what you need to know to use Apple Pay.
ATENTIONβΌ New - CVE-2017-18365
π Read
via "National Vulnerability Database".
The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found in the product's source code. By sending a crafted cookie signed with this secret, one can call Marshal.load with arbitrary data, which is a problem because the Marshal data format allows Ruby objects.π Read
via "National Vulnerability Database".
β Firefox brings Lockbox password manager to Androidβs autofill β
π Read
via "Naked Security".
All your saved Firefox passwords, now happily inserting themselves into your Android-verse!π Read
via "Naked Security".
Naked Security
Firefox brings Lockbox password manager to Androidβs autofill
All your saved Firefox passwords, now happily inserting themselves into your Android-verse!
β Broadband providers told to explain how they handle consumer data β
π Read
via "Naked Security".
The FTC launched a broad inquiry to find out what data they collect, why, who they share it with, and how consumers can change or delete it.π Read
via "Naked Security".
Naked Security
Broadband providers told to explain how they handle consumer data
The FTC launched a broad inquiry to find out what data they collect, why, who they share it with, and how consumers can change or delete it.
π΄ Inside Cyber Battlefields, the Newest Domain of War π΄
π Read
via "Dark Reading: ".
In his Black Hat Asia keynote, Mikko Hypponen explored implications of "the next arms race" and why cyber will present challenges never before seen in warfare.π Read
via "Dark Reading: ".
Dark Reading
Inside Cyber Battlefields, the Newest Domain of War
In his Black Hat Asia keynote, Mikko Hypponen explored implications of the next arms race and why cyber will present challenges never before seen in warfare.
β Spyware app exposes private photos, hosting provider steps in β
π Read
via "Naked Security".
A hosting company has taken down a database owned by a mobile spying app after it was found displaying phone owners' intimate images online.π Read
via "Naked Security".
Naked Security
Spyware app exposes private photos, hosting provider steps in
A hosting company has taken down a database owned by a mobile spying app after it was found displaying phone ownersβ intimate images online.
π Is crowdsourcing cybersecurity the answer to CISOs' problems? π
π Read
via "Security on TechRepublic".
More than half of organizations now run bug bounty and other crowdsourced options to avoid data breaches, according to a Bugcrowd report.π Read
via "Security on TechRepublic".
TechRepublic
Is crowdsourcing cybersecurity the answer to CISOs' problems?
More than half of organizations now run bug bounty and other crowdsourced options to avoid data breaches, according to a Bugcrowd report.
π Employee mistakes and system errors are a larger threat to data security than hackers or insiders π
π Read
via "Security on TechRepublic".
Employee mistakes were ranked as the highest risk in the 2019 Global Encryption Trends Study, though employee-owned devices on company networks deserve more security scrutiny.π Read
via "Security on TechRepublic".
TechRepublic
Employee mistakes and system errors are a larger threat to data security than hackers or insiders
Employee mistakes were ranked as the highest risk in the 2019 Global Encryption Trends Study, though employee-owned devices on company networks deserve more security scrutiny.