π The 5 most hacked passwords π
π Read
via "Security on TechRepublic".
More than 23 million people were breached after using the password 123456, according to the UK's National Cyber Security Centre.π Read
via "Security on TechRepublic".
TechRepublic
The 5 most hacked passwords
More than 23 million people were breached after using the password 123456, according to the UK's National Cyber Security Centre.
β Millions of Medical Documents for Addiction and Recovery Patients Leaked β
π Read
via "Threatpost".
The information includes data on all rehab treatments and procedures, linked with patients' names and other info.π Read
via "Threatpost".
Threat Post
Millions of Medical Documents for Addiction and Recovery Patients Leaked
The information includes data on all rehab treatments and procedures, linked with patients' names and other info.
β Can you get hit by someone elseβs ransomware? [VIDEO] β
π Read
via "Naked Security".
How to protect yourself from being *affected* by malware, even if you're not yourself *infected*.π Read
via "Naked Security".
Naked Security
Can you get hit by someone elseβs ransomware? [VIDEO]
How to protect yourself from being *affected* by malware, even if youβre not yourself *infected*.
π΄ 4 Tips to Protect Your Business Against Social Media Mistakes π΄
π Read
via "Dark Reading: ".
Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or cause huge reputational damage.π Read
via "Dark Reading: ".
Darkreading
4 Tips to Protect Your Business Against Social Media Mistakes
Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or cause huge reputational damage.
β WannaCry Hero Pleads Guilty to Kronos Malware Charges β
π Read
via "Threatpost".
The malware researcher has pleaded guilty to two out of 10 charges; one with creating the Kronos malware and the other with conspiracy.π Read
via "Threatpost".
Threat Post
WannaCry Hero Pleads Guilty to Kronos Malware Charges
The malware researcher has pleaded guilty to two out of 10 charges; one with creating the Kronos malware and the other with conspiracy.
π How to update the Nmap database π
π Read
via "Security on TechRepublic".
Your nmap service probe database is probably way out of date. Jack Wallen shows you how to update that special file to the latest version.π Read
via "Security on TechRepublic".
TechRepublic
How to update the nmap database
Your nmap service probe database is probably out of date. It's easy to update that special file to the latest version.
π How to update the nmap database π
π Read
via "Security on TechRepublic".
Your nmap service probe database is probably out of date. It's easy to update that special file to the latest version.π Read
via "Security on TechRepublic".
TechRepublic
How to update the nmap database
Your nmap service probe database is probably out of date. It's easy to update that special file to the latest version.
β Franceβs βSecureβ Telegram Replacement Hacked in an Hour β
π Read
via "Threatpost".
The messaging app that will replace the government's use of WhatsApp and Telegram was released last week, with security vulnerability included.π Read
via "Threatpost".
Threat Post
Franceβs βSecureβ Telegram Replacement Hacked in an Hour
The messaging app that will replace the government's use of WhatsApp and Telegram was released last week, with security vulnerability included.
ATENTIONβΌ New - CVE-2018-20818
π Read
via "National Vulnerability Database".
A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and OpenPLC_v3 versions. It occurs in the modbus.cpp mapUnusedIO() function, which can cause a runtime crash of the PLC or possibly have unspecified other impact.π Read
via "National Vulnerability Database".
β Evil TeamViewer Attacks Under the Guise of the U.S. State Department β
π Read
via "Threatpost".
The attack is targeting financial regulators and embassy staff-- but probably isn't the work of an APT.π Read
via "Threatpost".
Threat Post
Evil TeamViewer Attacks Under the Guise of the U.S. State Department
The attack is targeting financial regulators and embassy staffβ but probably isn't the work of an APT.
ATENTIONβΌ New - CVE-2016-1587
π Read
via "National Vulnerability Database".
The Snapweb interface before version 0.21.2 was exposing controls to install or remove snap packages without controlling the identity of the user, nor the origin of the connection. An attacker could have used the controls to remotely add a valid, but malicious, snap package, from the Store, potentially using system resources without permission from the legitimate administrator of the system.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-1586
π Read
via "National Vulnerability Database".
A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-1585
π Read
via "National Vulnerability Database".
In all versions of AppArmor mount rules are accidentally widened when compiled.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-1584
π Read
via "National Vulnerability Database".
In all versions of Unity8 a running but not active application on a large-screen device could talk with Maliit and consume keyboard input.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-1579
π Read
via "National Vulnerability Database".
UDM provides support for running commands after a download is completed, this is currently made use of for click package installation. This functionality was not restricted to unconfined applications. Before UDM version 1.2+16.04.20160408-0ubuntu1 any confined application could make use of the UDM C++ API to run arbitrary commands in an unconfined environment as the phablet user.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-1573
π Read
via "National Vulnerability Database".
Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-1343
π Read
via "National Vulnerability Database".
All versions of unity-scope-gdrive logs search terms to syslog.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-1341
π Read
via "National Vulnerability Database".
Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Appoprt before 2.19.2 function _python_module_path.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-1340
π Read
via "National Vulnerability Database".
LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-1327
π Read
via "National Vulnerability Database".
Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn't actually require the confined app have access to the file to create a transfer. This could allow a malicious application using the DBUS API to export file:///etc/passwd which would then send a copy of that file to another app.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-1326
π Read
via "National Vulnerability Database".
python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file.π Read
via "National Vulnerability Database".