π΄ ShadowHammer Shows Supply Chain Risks π΄
π Read
via "Dark Reading: ".
Trusted relationships can become critical risks when suppliers' systems are breached.π Read
via "Dark Reading: ".
Darkreading
ShadowHammer Dangers Include Update Avoidance
More fallout from the compromise of Asus's automated software update.
π How to install and use Firefox Lockbox π
π Read
via "Security on TechRepublic".
Firefox Lockbox allows you to easily view your saved Firefox passwords and is a viable tool for certain users.π Read
via "Security on TechRepublic".
TechRepublic
How to install and use Firefox Lockbox
Firefox Lockbox allows you to easily view your saved Firefox passwords and is a viable tool for certain users.
π΄ Restaurant Chains Hit in PoS Attack π΄
π Read
via "Dark Reading: ".
Buca di Beppo, Earl of Sandwich, and Planet Hollywood were among the chains hit in a nearly year-long breach of their point-of-sale systems.π Read
via "Dark Reading: ".
Darkreading
Restaurant Chains Hit in PoS Attack
Buca di Beppo, Earl of Sandwich, and Planet Hollywood were among the chains hit in a nearly year-long breach of their point-of-sale systems.
ATENTIONβΌ New - CVE-2017-8023
π Read
via "National Vulnerability Database".
EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service to be executed on the host system with the privileges of the nsrexecd service, which runs with administrative privileges.π Read
via "National Vulnerability Database".
π΄ Nuanced Approach Needed to Deal With Huawei 5G Security Concerns π΄
π Read
via "Dark Reading: ".
Governments need to adopt strategic approach for dealing with concerns over telecom vendor's suspected ties to China's intelligence apparatus, NATO-affiliated body says.π Read
via "Dark Reading: ".
Dark Reading
Nuanced Approach Needed to Deal With Huawei 5G Security Concerns
Governments need to adopt strategic approach for dealing with concerns over telecom vendor's suspected ties to China's intelligence apparatus, NATO-affiliated body says.
β Wrecked Teslas hang onto your (unencrypted) data β
π Read
via "Naked Security".
Sold at salvage and auctions, they contain info from drivers' paired mobile devices, plus highly personal pre-crash video.π Read
via "Naked Security".
Naked Security
Wrecked Teslas hang onto your (unencrypted) data
Sold at salvage and auctions, they contain info from driversβ paired mobile devices, plus highly personal pre-crash video.
π 5 incident response best practices your company needs π
π Read
via "Security on TechRepublic".
More than half of incident response employees have encountered counter-IR instances in the form of log destruction and evasion tactics, according to Carbon Black.π Read
via "Security on TechRepublic".
TechRepublic
5 incident response best practices your company needs
More than half of incident response employees have encountered counter-IR instances in the form of log destruction and evasion tactics, according to Carbon Black.
β Possible Toyota data breach affecting 3.1 million customers β
π Read
via "Naked Security".
Several Toyota companies have announced that they might have suffered data breach attempts, with one affecting 3.1 million customers.π Read
via "Naked Security".
Naked Security
Possible Toyota data breach affecting 3.1 million customers
Several Toyota companies have announced that they might have suffered data breach attempts, with one affecting 3.1 million customers.
β Financial Apps are Ripe for Exploit via Reverse Engineering β
π Read
via "Threatpost".
White hat hacker reverse engineers financial apps and finds a treasure trove of security issues.π Read
via "Threatpost".
Threat Post
Financial Apps are Ripe for Exploit via Reverse Engineering
White hat hacker reverse engineers financial apps and finds a treasure trove of security issues.
β VMware patches critical vulnerabilities β
π Read
via "Naked Security".
VMware has released patches for several critical security vulnerabilities, days after two were unveiled at Pwn2Own.π Read
via "Naked Security".
Naked Security
VMware patches critical vulnerabilities
VMware has released patches for several critical security vulnerabilities, days after two were unveiled at Pwn2Own.
β Are there viable alternatives to Facebook and Twitter? β
π Read
via "Naked Security".
There's growing interest in social networks that prioritize user control. Two of the popular ones are Mastodon and Diaspora.π Read
via "Naked Security".
Naked Security
Are there viable alternatives to Facebook and Twitter?
Thereβs growing interest in social networks that prioritize user control. Two of the popular ones are Mastodon and Diaspora.
β TP-Link router zero-day that offers your network up to hackers β
π Read
via "Naked Security".
Downgrade attack lets any user take over - just ask for old-style access to the debugging port and you won't need a passwordπ Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Rapid7 Buys Network Monitoring Firm NetFort π΄
π Read
via "Dark Reading: ".
New technology will be integrated into Rapid7's cloud-based security analytics platform.π Read
via "Dark Reading: ".
Dark Reading
Rapid7 Buys Network Monitoring Firm NetFort
New technology will be integrated into Rapid7's cloud-based security analytics platform.
π How financial institutions are risking customer data through insecure mobile apps π
π Read
via "Security on TechRepublic".
An investigation of mobile apps from 30 financial institutions reveals weak encryption, data leakage, insecure data storage, and other vulnerabilities.π Read
via "Security on TechRepublic".
TechRepublic
How financial institutions are risking customer data through insecure mobile apps
An investigation of mobile apps from 30 financial institutions reveals weak encryption, data leakage, insecure data storage, and other vulnerabilities.
π Why women still make up only 24% of cybersecurity pros π
π Read
via "Security on TechRepublic".
More millennial women are entering the field, but wage gap issues remain, according to an (ISC)Β² report.π Read
via "Security on TechRepublic".
TechRepublic
Why women still make up only 24% of cybersecurity pros
More millennial women are entering the field, but wage gap issues remain, according to an (ISC)Β² report.
β Government spyware hidden in Google Play store apps β
π Read
via "Naked Security".
The malware, dubbed Exodus, records and steals all manner of data and leaves phones vulnerable to further hacking and data tampering.π Read
via "Naked Security".
Naked Security
Government spyware hidden in Google Play store apps
The malware, dubbed Exodus, records and steals all manner of data and leaves phones vulnerable to further hacking and data tampering.
π΄ Airports & Operational Technology: 4 Attack Scenarios π΄
π Read
via "Dark Reading: ".
As OT systems increasingly fall into the crosshairs of cyberattackers, aviation-industry CISOs have become hyper-focused on securing them.π Read
via "Dark Reading: ".
Darkreading
Airports & Operational Technology: 4 Attack Scenarios
As OT systems increasingly fall into the crosshairs of cyberattackers, aviation-industry CISOs have become hyper-focused on securing them.
π΄ Sentence Handed Down in $4.2 Million BEC Scheme π΄
π Read
via "Dark Reading: ".
Maryland man conspired in a business email compromise scheme that stole from at least 13 separate victims over the course of a year.π Read
via "Dark Reading: ".
Dark Reading
Sentence Handed Down in $4.2 Million BEC Scheme
Maryland man conspired in a business email compromise scheme that stole from at least 13 separate victims over the course of a year.
π How companies are dealing with the security threats of an evolving remote workforce π
π Read
via "Security on TechRepublic".
Multi-factor authentication is a common strategy, while Zero Trust is gaining traction, according to an Okta report.π Read
via "Security on TechRepublic".
TechRepublic
How companies are dealing with the security threats of an evolving remote workforce
Multi-factor authentication is a common strategy, while Zero Trust is gaining traction, according to an Okta report.
π Assessing third-party vendor risk: Top 6 challenges π
π Read
via "Security on TechRepublic".
Third-party cyber threats are impacting major business decisions, according to a BitSight and CeFPro report. Here are some of the biggest challenges.π Read
via "Security on TechRepublic".
TechRepublic
Assessing third-party vendor risk: Top 6 challenges
Third-party cyber threats are impacting major business decisions, according to a BitSight and CeFPro report. Here are some of the biggest challenges.
β Googleβs April Android Security Bulletin Warns of 3 Critical Bugs β
π Read
via "Threatpost".
Google's April Android Security update fixed 12 Android-specific vulnerabilities including three critical remote code execution flaws.π Read
via "Threatpost".
Threat Post
Googleβs April Android Security Bulletin Warns of 3 Critical Bugs
Google's April Android Security update fixed 12 Android-specific vulnerabilities including three critical remote code execution flaws.