β Patch now! Magento e-commerce sites targeted by SQLi attacks β
π Read
via "Naked Security".
If you're a Magento admin, stop what youβre doing and patch now.π Read
via "Naked Security".
Naked Security
Patch now! Magento e-commerce sites targeted by SQLi attacks
If youβre a Magento admin, stop what youβre doing and patch now.
β LokiBot Trojan Spotted Hitching a Ride Inside .PNG Files β
π Read
via "Threatpost".
Spam campaign features obfuscated .zipx archive that unpacks LokiBot attack.π Read
via "Threatpost".
Threat Post
LokiBot Trojan Spotted Hitching a Ride Inside .PNG Files
Spam campaign features obfuscated .zipx archive that unpacks LokiBot attack.
β Hackers Abuse Google Cloud Platform to Attack D-Link Routers β
π Read
via "Threatpost".
Three waves of DNS hijacking attacks against consumer routers have been linked back to Google Cloud Platform abuse.π Read
via "Threatpost".
Threat Post
Hackers Abuse Google Cloud Platform to Attack D-Link Routers
Three waves of DNS hijacking attacks against consumer routers have been linked back to Google Cloud Platform abuse.
π΄ The Matrix at 20: A Metaphor for Today's Cybersecurity Challenges π΄
π Read
via "Dark Reading: ".
The Matrix ushered in a new generation of sci-fi movies and futuristic plotlines with a relentless, seemingly invulnerable set of villains. Twenty years later, that theme is all too familiar to security pros.π Read
via "Dark Reading: ".
Darkreading
The Matrix at 20: A Metaphor for Today's Cybersecurity Challenges
<i>The Matrix</i> ushered in a new generation of sci-fi movies and futuristic plotlines with a relentless, seemingly invulnerable set of villains. Twenty years later, that theme is all too familiar to security pros.
β Serious Security: GPS week rollover and the other sort of βzero dayβ β
π Read
via "Naked Security".
Tomorrow night, the GPS "earth clock" has a Y2K event - but here's why you should be OK.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Facebook Boots 74 Cybercrime Groups From Platform β
π Read
via "Threatpost".
The 74 cybercrime groups were offering illicit services - from email spamming tools to stolen credentials - right on Facebook's platform.π Read
via "Threatpost".
Threat Post
Facebook Boots 74 Cybercrime Groups From Platform
The 74 cybercrime groups were offering illicit services - from email spamming tools to stolen credentials - right on Facebook's platform.
π Friday Five: 4/5 Edition π
π Read
via "Subscriber Blog RSS Feed ".
Employee theft at SMBs, fighting stalkerware, and a "hacker-proof" new cryptographic library - catch up on the week's infosec news with this roundup!π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 4/5 Edition
Employee theft at SMBs, fighting stalkerware, and a "hacker-proof" new cryptographic library - catch up on the week's infosec news with this roundup!
π΄ Advanced Persistent Threat: Dark Reading Caption Contest Winners π΄
π Read
via "Dark Reading: ".
From sushi and phishing to robots, passwords and ninjas -- and the winners are ...π Read
via "Dark Reading: ".
Darkreading
Advanced Persistent Threat: Dark Reading Caption Contest Winners
From sushi and phishing to robots, passwords and ninjas -- and the winners are ...
π΄ Ongoing DNS Hijack Attack Hits Consumer Modems and Routers π΄
π Read
via "Dark Reading: ".
The attack campaigns have re-routed DNS requests through illicit servers in Canada and Russia.π Read
via "Dark Reading: ".
Darkreading
Ongoing DNS Hijack Attack Hits Consumer Modems and Routers
The attack campaigns have re-routed DNS requests through illicit servers in Canada and Russia.
π How to completely and securely delete files in Windows π
π Read
via "Security on TechRepublic".
To make sure a deleted file can't be recovered, you'll need to use a third-party shredding tool. Here's a look at three such free programs: Eraser, File Shredder, and Freeraser.π Read
via "Security on TechRepublic".
TechRepublic
How to completely and securely delete files in Windows | TechRepublic
To make sure a deleted file can't be recovered, you'll need to use a third-party shredding tool. Here's a look at three such free programs: Eraser, File Shredder, and Freeraser.
π΄ Phishing Campaign Targeting Verizon Mobile Users π΄
π Read
via "Dark Reading: ".
Lookout Phishing AI, which discovered the attack, says it has been going on since late November.π Read
via "Dark Reading: ".
Darkreading
Phishing Campaign Targeting Verizon Mobile Users
Lookout Phishing AI, which discovered the attack, says it has been going on since late November.
β Cisco Finally Patches Routers Bugs As New Unpatched Flaws Surface β
π Read
via "Threatpost".
Cisco repatched its RV320 and RV325 routers against two high-severity vulnerabilities, but at the same time reported two new medium-severity bugs with no fixes.π Read
via "Threatpost".
Threat Post
Cisco Finally Patches Router Bugs As New Unpatched Flaws Surface
Cisco re-patched its RV320 and RV325 routers to protect against two high-severity vulnerabilities at the same time reported two new mediums-severity bugs with no fixes.
β Podcast: Chris Vickery on UpGuardβs Discovery of Millions of Facebook Records β
π Read
via "Threatpost".
Chris Vickery with UpGuard, who discovered two datasets exposing millions of Facebook records, discusses his findings and the implications of data collection with Threatpost.π Read
via "Threatpost".
Threat Post
Podcast: Chris Vickery on UpGuardβs Discovery of Millions of Facebook Records
Chris Vickery with UpGuard, who discovered two datasets exposing millions of Facebook records, discusses his findings and the implications of data collection with Threatpost.
β Monday review β the hot 25 stories of the week β
π Read
via "Naked Security".
From a Russian GPS spoofing campaign to the Facebook apps leaking millions of records - it's weekly roundup time.π Read
via "Naked Security".
Naked Security
Monday review β the hot 25 stories of the week
From a Russian GPS spoofing campaign to the Facebook apps leaking millions of records β itβs weekly roundup time.
β SAS 2019: Exodus Spyware Found Targeting Apple iOS Users β
π Read
via "Threatpost".
The surveillance tool was signed with legitimate Apple developer certificates.π Read
via "Threatpost".
Threat Post
SAS 2019: Exodus Spyware Found Targeting Apple iOS Users
The surveillance tool was signed with legitimate Apple developer certificates.
β Myspace songs come back from the dead β
π Read
via "Naked Security".
It's fewer than 1% of the 50 million songs and videos Myspace lost, but hey, it's better than nothing!π Read
via "Naked Security".
Naked Security
Myspace songs come back from the dead
Itβs fewer than 1% of the 50 million songs and videos Myspace lost, but hey, itβs better than nothing!
β Firefox draws battle lines against push notification spam β
π Read
via "Naked Security".
Mozilla doesnβt yet know how to solve the problem of website push notification spam in the Firefox browser, but itβs working on it.π Read
via "Naked Security".
Naked Security
Firefox draws battle lines against push notification spam
Mozilla doesnβt yet know how to solve the problem of website push notification spam in the Firefox browser, but itβs working on it.
β Microsoft lets Windows users off the update leash β
π Read
via "Naked Security".
Microsoft has announced some big changes that will finally give Windows users more control over updates and releases.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Ignore the Insider Threat at Your Peril π΄
π Read
via "Dark Reading: ".
Attacks from insiders often go undiscovered for months or years, so the potential impact can be huge. These 11 countermeasures can mitigate the damage.π Read
via "Dark Reading: ".
Dark Reading
Ignore the Insider Threat at Your Peril
Attacks from insiders often go undiscovered for months or years, so the potential impact can be huge. These 11 countermeasures can mitigate the damage.
β Bootstrap supply chain attack is another attempt to poison the barrel β
π Read
via "Naked Security".
Somebody smuggled something bad into the vast third-party, open-source supply chain we all depend upon.π Read
via "Naked Security".
Naked Security
Bootstrap supply chain attack is another attempt to poison the barrel
Somebody smuggled something bad into the vast third-party, open-source supply chain we all depend upon.
ATENTIONβΌ New - CVE-2016-10745
π Read
via "National Vulnerability Database".
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.π Read
via "National Vulnerability Database".