🛡 Cybersecurity & Privacy 🛡 - News

Silence Group Quietly Emerges as New Threat to Banks

Though only two members strong, hackers pose a credible threat to banks in Russia and multiple countries.

165 viewsedited 19:42

❌ OilRig Sends an OopsIE to Mideast Government Targets ❌

The Iran-linked group is using a variant of the data-exfiltration OopsIE trojan to attack a Mideast government entity.

📖 Read

via "The first stop for security news | Threatpost".

OilRig Sends an OopsIE to Mideast Government Targets

The Iran-linked group is using a variant of the data-exfiltration OopsIE trojan to attack a Mideast government entity.

171 viewsedited 21:09

🕴 PowerPool Malware Uses Windows Zero-Day Posted on Twitter 🕴

Researchers detected the vulnerability in an attack campaign two days after it was posted on social media.

📖 Read

via "Dark Reading ".

PowerPool Malware Uses Windows Zero-Day Posted on Twitter

Researchers detected the vulnerability in an attack campaign two days after it was posted on social media.

122 viewsedited 21:45

ATENTION‼ New - CVE-2015-9266

The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGateway 1.1.5; airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1, and AF5 2.2.1; airOS 4 XS2/XS5 4.0.4; and EdgeSwitch XP (formerly TOUGHSwitch) 1.3.2.

📖 Read

via "National Vulnerability Database".

119 views22:16

7 Ways Blockchain is Being Used for Security

🕴 7 Ways Blockchain is Being Used for Security 🕴

Blockchain is being used as a security tool. If you haven't thought about adopting it, you might want to reconsider your take.

📖 Read

via "Dark Reading: ".

Dark Reading

Blockchain is being used as a security tool. If you haven't thought about adopting it, you might want to reconsider your take.

105 views00:15

⚠ Ungagged Google warns users about FBI accessing their accounts ⚠

Some of those who received the letters conjecture that it may be because they purchased the LuminosityLink RAT.

📖 Read

via "Naked Security".

Ungagged Google warns users about FBI accessing their accounts

Some of those who received the letters conjecture that it may be because they purchased the LuminosityLink RAT.

94 views10:29

⚠ Thousands of unsecured 3D printers discovered online ⚠

With access control disabled, other people could download previous print files, or even maliciously damage the printer.

📖 Read

via "Naked Security".

Thousands of unsecured 3D printers discovered online

With access control disabled, other people could download previous print files, or even maliciously damage the printer.

87 views11:14

❌ High-Severity Flaws in Cisco Secure Internet Gateway Service Patched ❌

The two bugs were disclosed Wednesday in Cisco Umbrella, the tech giant's cloud-based security service.

📖 Read

via "The first stop for security news | Threatpost ".

High-Severity Flaws in Cisco Secure Internet Gateway Service Patched

The two bugs were disclosed Wednesday in Cisco Umbrella, the tech giant’s cloud-based security service.

108 views11:38

⚠ Social Security numbers exposed on US government transparency site ⚠

The US government exposed dozens of people's’ personal details, including social security numbers, due to an online mishap on a public transparency portal.

📖 Read

via "Naked Security".

Social Security numbers exposed on US government transparency site

The US government exposed dozens of people’s’ personal details, including social security numbers, due to an online mishap on a public transparency portal.

113 views13:29

⚠ Mobile spyware maker mSpy leaks millions of records – AGAIN ⚠

The irony: Parents put it on kids' phones to protect them, but this breach exposed sensitive data including Whatsapp and Facebook messages.

📖 Read

via "Naked Security".

Mobile spyware maker mSpy leaks millions of records – AGAIN

The irony: Parents put it on kids’ phones to protect them, but this breach exposed sensitive data including Whatsapp and Facebook messages.

142 views13:29

ATENTION‼ New - CVE-2017-1000600

WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time. This issue appears to have been partially, but not completely fixed in WordPress 4.9

📖 Read

via "National Vulnerability Database".

107 views14:33

❌ Mozilla’s Release of Firefox 62 Packs Nine Fixes ❌

The slew of fixes address a critical vulnerability that could enable memory corruption.

📖 Read

via "The first stop for security news | Threatpost ".

Mozilla Patches Critical Code Execution Bug in Firefox 62

The update includes nine security patches overall.

87 views14:38

🕴 Understanding & Solving the Information-Sharing Challenge 🕴

Why cybersecurity threat feeds from intel-sharing groups diminish in value and become just another source of noise. (And what to do about it.)

📖 Read

via "Dark Reading: ".

Understanding & Solving the Information-Sharing Challenge

Why cybersecurity threat feeds from intel-sharing groups diminish in value and become just another source of noise. (And what to do about it.)

84 views14:45

🕴 US to Charge North Korea for Sony Breach, WannaCry 🕴

The DoJ plans to charge North Korean threat actors for their involvement in two major cyberattacks, US officials report.

📖 Read

via "Dark Reading: ".

US to Charge North Korea for Sony Breach, WannaCry

The DoJ plans to charge North Korean threat actors for their involvement in two major cyberattacks, US officials report.

81 views16:00

❌ Active Spy Campaign Exploits Unpatched Windows Zero-Day ❌

The PowerPool gang launched its attack just two days after the zero-day in the Windows Task Scheduler was disclosed.

📖 Read

via "The first stop for security news | Threatpost ".

Active Spy Campaign Exploits Unpatched Windows Zero-Day

The PowerPool gang launched its attack just two days after the zero-day in the Windows Task Scheduler was disclosed.

83 views16:08

Today's security operations center is all about reducing the number of alerts with emerging technologies - and enhancing old-school human collaboration. Here's how some real-world SOCs are evolving.

🕴 The SOC Gets a Makeover 🕴

Today's security operations center is all about reducing the number of alerts with emerging technologies - and enhancing old-school human collaboration. Here's how some real-world SOCs are evolving.

📖 Read

via "Dark Reading: ".

Dark Reading

The SOC Gets a Makeover

85 views17:15

🕴 Why a Healthy Data Diet Is the Secret to Healthy Security 🕴

In the same way that food is fuel to our bodies, data is the fuel on which our security programs run. Here are 10 action items to put on your cybersecurity menu.

📖 Read

via "Dark Reading: ".

Why a Healthy Data Diet Is the Secret to Healthy Security

In the same way that food is fuel to our bodies, data is the fuel on which our security programs run. Here are 10 action items to put on your cybersecurity menu.

84 views18:45