🛡 Cybersecurity & Privacy 🛡 - News

Researchers: Facebook’s Data-Leveraging Scandal Puts Users on Notice

After a report revealed that Facebook used user data to leverage its relationships with other companies, researchers are stressing that both firms and users need to re-assess data privacy.

40 views19:57

❌ Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images ❌

The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.

📖 Read

via "Threatpost".

Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images

The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.

41 views21:02

🕴 Tips for the Aftermath of a Cyberattack 🕴

Incident response demands technical expertise, but you can't fully recover without non-IT experts.

📖 Read

via "Dark Reading: ".

Tips for the Aftermath of a Cyberattack

Incident response demands technical expertise, but you can't fully recover without non-IT experts.

43 views21:41

VPN Vulnerabilities Point Out Need for Comprehensive Remote Security

🕴 VPN Vulnerabilities Point Out Need for Comprehensive Remote Security 🕴

VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool.

📖 Read

via "Dark Reading: ".

Dark Reading

VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool.

44 views22:36

🕴 Nation-State Hacker Group Hijacking DNS to Redirect Email, Web Traffic 🕴

'Sea Turtle' group has compromised at least 40 national security organizations in 13 countries so far, Cisco Talos says.

📖 Read

via "Dark Reading: ".

Nation-State Hacker Group Hijacking DNS to Redirect Email, Web Traffic

'Sea Turtle' group has compromised at least 40 national security organizations in 13 countries so far, Cisco Talos says.

46 views22:56

ATENTION‼ New - CVE-2018-0382

A vulnerability in the session identification management functionality of the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. The vulnerability exists because the affected software does not properly clear previously assigned session identifiers for a user session when a user authenticates to the web-based interface. An attacker could exploit this vulnerability by using an existing session identifier to connect to the software through the web-based interface. Successful exploitation could allow the attacker to hijack an authenticated user's browser session on the system. Versions 8.1 and 8.5 are affected.

📖 Read

via "National Vulnerability Database".

47 views00:27

ATENTION‼ New - CVE-2018-0248

A vulnerability in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an aUTHENTICated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of service (DoS) condition on an affected device. The attacker would need to have valid administrator credentials on the device. This vulnerability is due to incomplete input validation for unexpected configuration options that the attacker could submit while accessing the GUI configuration menus. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted user input when using the administrative GUI configuration feature. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Software versions prior to 8.3.150.0, 8.5.140.0, 8.8.111.0 are affected by this vulnerability.

📖 Read

via "National Vulnerability Database".

53 views00:27

⚠ Oracle issues nearly 300 patches in quarterly update ⚠

Oracle's latest security update covers 297 vulnerabilities, many of which come with a "patch now" warning.

📖 Read

via "Naked Security".

Oracle issues nearly 300 patches in quarterly update

Oracle’s latest security update covers 297 vulnerabilities, many of which come with a “patch now” warning.

48 views10:59

⚠ Chrome flaw on iOS leads to 500 million unwanted pop-up ads ⚠

If you own an iOS device and use the Chrome browser, you may have encountered some strange-looking pop-up ads in the past week.

📖 Read

via "Naked Security".

Chrome flaw on iOS leads to 500 million unwanted pop-up ads

If you own an iOS device and use the Chrome browser, you may have encountered some strange-looking pop-up ads in the past week.

44 views11:19

⚠ Google plays Whack-A-Mole with naughty Android developers ⚠

Android developers without a track record are going to be submitted to more checks in order to stamp out those of “bad faith.”

📖 Read

via "Naked Security".

Google plays Whack-A-Mole with naughty Android developers

Android developers without a track record are going to be submitted to more checks in order to stamp out those of “bad faith.”

44 views11:39

⚠ Facebook user data used as bargaining chip, according to leaked docs ⚠

Leaked internal docs used to claim "privacy was an afterthought" at Facebook

📖 Read

via "Naked Security".

Facebook user data used as bargaining chip, according to leaked docs

Leaked internal docs used to claim “privacy was an afterthought” at Facebook

41 views11:59

⚠ Serious Security: Ransomware you’ll never find – and how to stop it ⚠

What if you got hit by ransomware - but the malware program itself was on the other side of the world where you'd never find it?

📖 Read

via "Naked Security".

Serious Security: Ransomware you’ll never find – and how to stop it

What if you got hit by ransomware – but the malware program itself was on the other side of the world where you’d never find it?

45 views13:10

❌ Cisco Patches Critical Flaw In ASR 9000 Routers ❌

The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said.

📖 Read

via "Threatpost".

Cisco Patches Critical Flaw In ASR 9000 Routers

The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said.

49 views13:12

BlackBerry opens BBM Enterprise for personal use after Emtek discontinues BBM Consumer

🔐 BlackBerry opens BBM Enterprise for personal use after Emtek discontinues BBM Consumer 🔐

Attempts to make BBM more consumer-focused with social media functions saw limited success, leading to the discontinuation of the BBM Consumer app.

📖 Read

via "Security on TechRepublic".

TechRepublic

Attempts to make BBM more consumer-focused with social media functions saw limited success, leading to the discontinuation of the BBM Consumer app.

51 views13:45

How to secure a blockchain: 3 things business leaders need to know

🔐 How to secure a blockchain: 3 things business leaders need to know 🔐

With companies across industries adopting blockchain technologies, security concerns remain, according to the World Economic Forum.

📖 Read

via "Security on TechRepublic".

TechRepublic

With companies across industries adopting blockchain technologies, security concerns remain, according to the World Economic Forum.

50 views13:54

Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent

🕴 Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent 🕴

The social media giant says it did not access the imported data and is notifying affected users.

📖 Read

via "Dark Reading: ".

Dark Reading

The social media giant says it did not access the imported data and is notifying affected users.

54 views14:38

🕴 GoT Guide to Cybersecurity: Preparing for Battle During a Staffing Shortage 🕴

Faced with an overwhelming adversary, Game of Thrones heroes Daenerys Targaryen and Jon Snow have a lot in common with today's beleaguered CISOs.

📖 Read

via "Dark Reading: ".

GoT Guide to Cybersecurity: Preparing for Battle During a Staffing Shortage

Faced with an overwhelming adversary, <i>Game of Thrones</i> heroes Daenerys Targaryen and Jon Snow have a lot in common with today's beleaguered CISOs.

60 views14:38

How to install the OPNsense Firewall/Router distribution

🔐 How to install the OPNsense Firewall/Router Linux distribution 🔐

Need a dedicated firewall appliance? OPNsense is a free, open-source solution, ready to protect your network from intrusion.

📖 Read

via "Security on TechRepublic".

TechRepublic

Need a dedicated firewall appliance? OPNsense is a free, open-source solution, ready to protect your network from intrusion.

59 views15:40

❌ Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug ❌

The U.S-focused eGobbler malvertising attacks are exploiting an unpatched Google Chrome bug.

📖 Read

via "Threatpost".

Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug

The U.S-focused eGobbler malvertising attacks are exploiting an unpatched Google Chrome bug.

54 views16:05

🕴 Former Student Admits to USB Killer Attack 🕴

An Indian national used device to attack computers and peripherals at a New York college.

📖 Read

via "Dark Reading: ".

Former Student Admits to USB Killer Attack

An Indian national used device to attack computers and peripherals at a New York college.

54 views16:38