β Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images β
π Read
via "Threatpost".
The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.π Read
via "Threatpost".
Threat Post
Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images
The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.
π΄ Tips for the Aftermath of a Cyberattack π΄
π Read
via "Dark Reading: ".
Incident response demands technical expertise, but you can't fully recover without non-IT experts.π Read
via "Dark Reading: ".
Darkreading
Tips for the Aftermath of a Cyberattack
Incident response demands technical expertise, but you can't fully recover without non-IT experts.
π΄ VPN Vulnerabilities Point Out Need for Comprehensive Remote Security π΄
π Read
via "Dark Reading: ".
VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool.π Read
via "Dark Reading: ".
Dark Reading
VPN Vulnerabilities Point Out Need for Comprehensive Remote Security
VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool.
π΄ Nation-State Hacker Group Hijacking DNS to Redirect Email, Web Traffic π΄
π Read
via "Dark Reading: ".
'Sea Turtle' group has compromised at least 40 national security organizations in 13 countries so far, Cisco Talos says.π Read
via "Dark Reading: ".
Darkreading
Nation-State Hacker Group Hijacking DNS to Redirect Email, Web Traffic
'Sea Turtle' group has compromised at least 40 national security organizations in 13 countries so far, Cisco Talos says.
ATENTIONβΌ New - CVE-2018-0382
π Read
via "National Vulnerability Database".
A vulnerability in the session identification management functionality of the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. The vulnerability exists because the affected software does not properly clear previously assigned session identifiers for a user session when a user authenticates to the web-based interface. An attacker could exploit this vulnerability by using an existing session identifier to connect to the software through the web-based interface. Successful exploitation could allow the attacker to hijack an authenticated user's browser session on the system. Versions 8.1 and 8.5 are affected.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-0248
π Read
via "National Vulnerability Database".
A vulnerability in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an aUTHENTICated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of service (DoS) condition on an affected device. The attacker would need to have valid administrator credentials on the device. This vulnerability is due to incomplete input validation for unexpected configuration options that the attacker could submit while accessing the GUI configuration menus. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted user input when using the administrative GUI configuration feature. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Software versions prior to 8.3.150.0, 8.5.140.0, 8.8.111.0 are affected by this vulnerability.π Read
via "National Vulnerability Database".
β Oracle issues nearly 300 patches in quarterly update β
π Read
via "Naked Security".
Oracle's latest security update covers 297 vulnerabilities, many of which come with a "patch now" warning.π Read
via "Naked Security".
Naked Security
Oracle issues nearly 300 patches in quarterly update
Oracleβs latest security update covers 297 vulnerabilities, many of which come with a βpatch nowβ warning.
β Chrome flaw on iOS leads to 500 million unwanted pop-up ads β
π Read
via "Naked Security".
If you own an iOS device and use the Chrome browser, you may have encountered some strange-looking pop-up ads in the past week.π Read
via "Naked Security".
Naked Security
Chrome flaw on iOS leads to 500 million unwanted pop-up ads
If you own an iOS device and use the Chrome browser, you may have encountered some strange-looking pop-up ads in the past week.
β Google plays Whack-A-Mole with naughty Android developers β
π Read
via "Naked Security".
Android developers without a track record are going to be submitted to more checks in order to stamp out those of βbad faith.βπ Read
via "Naked Security".
Naked Security
Google plays Whack-A-Mole with naughty Android developers
Android developers without a track record are going to be submitted to more checks in order to stamp out those of βbad faith.β
β Facebook user data used as bargaining chip, according to leaked docs β
π Read
via "Naked Security".
Leaked internal docs used to claim "privacy was an afterthought" at Facebookπ Read
via "Naked Security".
Naked Security
Facebook user data used as bargaining chip, according to leaked docs
Leaked internal docs used to claim βprivacy was an afterthoughtβ at Facebook
β Serious Security: Ransomware youβll never find β and how to stop it β
π Read
via "Naked Security".
What if you got hit by ransomware - but the malware program itself was on the other side of the world where you'd never find it?π Read
via "Naked Security".
Naked Security
Serious Security: Ransomware youβll never find β and how to stop it
What if you got hit by ransomware β but the malware program itself was on the other side of the world where youβd never find it?
β Cisco Patches Critical Flaw In ASR 9000 Routers β
π Read
via "Threatpost".
The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said.π Read
via "Threatpost".
Threat Post
Cisco Patches Critical Flaw In ASR 9000 Routers
The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said.
π BlackBerry opens BBM Enterprise for personal use after Emtek discontinues BBM Consumer π
π Read
via "Security on TechRepublic".
Attempts to make BBM more consumer-focused with social media functions saw limited success, leading to the discontinuation of the BBM Consumer app.π Read
via "Security on TechRepublic".
TechRepublic
BlackBerry opens BBM Enterprise for personal use after Emtek discontinues BBM Consumer
Attempts to make BBM more consumer-focused with social media functions saw limited success, leading to the discontinuation of the BBM Consumer app.
π How to secure a blockchain: 3 things business leaders need to know π
π Read
via "Security on TechRepublic".
With companies across industries adopting blockchain technologies, security concerns remain, according to the World Economic Forum.π Read
via "Security on TechRepublic".
TechRepublic
How to secure a blockchain: 3 things business leaders need to know
With companies across industries adopting blockchain technologies, security concerns remain, according to the World Economic Forum.
π΄ Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent π΄
π Read
via "Dark Reading: ".
The social media giant says it did not access the imported data and is notifying affected users.π Read
via "Dark Reading: ".
Dark Reading
Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent
The social media giant says it did not access the imported data and is notifying affected users.
π΄ GoT Guide to Cybersecurity: Preparing for Battle During a Staffing Shortage π΄
π Read
via "Dark Reading: ".
Faced with an overwhelming adversary, Game of Thrones heroes Daenerys Targaryen and Jon Snow have a lot in common with today's beleaguered CISOs.π Read
via "Dark Reading: ".
Darkreading
GoT Guide to Cybersecurity: Preparing for Battle During a Staffing Shortage
Faced with an overwhelming adversary, <i>Game of Thrones</i> heroes Daenerys Targaryen and Jon Snow have a lot in common with today's beleaguered CISOs.
π How to install the OPNsense Firewall/Router Linux distribution π
π Read
via "Security on TechRepublic".
Need a dedicated firewall appliance? OPNsense is a free, open-source solution, ready to protect your network from intrusion.π Read
via "Security on TechRepublic".
TechRepublic
How to install the OPNsense Firewall/Router distribution
Need a dedicated firewall appliance? OPNsense is a free, open-source solution, ready to protect your network from intrusion.
β Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug β
π Read
via "Threatpost".
The U.S-focused eGobbler malvertising attacks are exploiting an unpatched Google Chrome bug.π Read
via "Threatpost".
Threat Post
Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug
The U.S-focused eGobbler malvertising attacks are exploiting an unpatched Google Chrome bug.
π΄ Former Student Admits to USB Killer Attack π΄
π Read
via "Dark Reading: ".
An Indian national used device to attack computers and peripherals at a New York college.π Read
via "Dark Reading: ".
Darkreading
Former Student Admits to USB Killer Attack
An Indian national used device to attack computers and peripherals at a New York college.
π Breaking Down the Best Practices & Tools for Data-Centric Audit and Protection (DCAP) π
π Read
via "Subscriber Blog RSS Feed ".
Data classification, discovery, and encryption: We reached out to 18 security experts for insight on implementing a data-centric audit and protection program in an organization.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Breaking Down the Best Practices & Tools for Data-Centric Audit and Protection (DCAP)
Data classification, discovery, and encryption: We reached out to 18 security experts for insight on implementing a data-centric audit and protection program in an organization.
β Poll: Facebook Harvests Email Contacts for 1.5M Users β Is Enough, Enough? β
π Read
via "Threatpost".
Take our short poll on how far Facebook can push its luck.π Read
via "Threatpost".
Threat Post
Poll: Facebook Harvests Email Contacts for 1.5M Users β Is Enough, Enough?
Take our short poll on how far Facebook can push its luck.