ATENTIONβΌ New - CVE-2014-1426
π Read
via "National Vulnerability Database".
A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue affects: Ubuntu MAAS versions prior to 1.9.2.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-3151
π Read
via "National Vulnerability Database".
The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-3147
π Read
via "National Vulnerability Database".
Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-3145
π Read
via "National Vulnerability Database".
When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-1830
π Read
via "National Vulnerability Database".
Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so.π Read
via "National Vulnerability Database".
π Machine Learning Technology at Center of Real Estate Trade Theft Case π
π Read
via "Subscriber Blog RSS Feed ".
In a complaint, filed Friday, one company is alleging a former employee took screen shots of trade secrets, including proprietary wireframes and a proposed regional launch timeline of its services, before leaving for another real estate technology competitor.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Machine Learning Technology at Center of Real Estate Trade Theft Case
In a complaint, filed Friday, one company is alleging a former employee took screen shots of trade secrets, including proprietary wireframes and a proposed regional launch timeline of its services, before leaving for another real estate technology competitor.
π΄ Who Gets Targeted Most in Cyberattack Campaigns π΄
π Read
via "Dark Reading: ".
Attackers are changing both their tactics and targets in an attempt to remain criminally successful, Proofpoint's study found.π Read
via "Dark Reading: ".
Darkreading
Who Gets Targeted Most in Cyberattack Campaigns
Attackers are changing both their tactics and targets in an attempt to remain criminally successful, Proofpoint's study found.
β Is Privacy Really iPhone? Researchers Weigh in on Appleβs Targeted Ad Tracking β
π Read
via "Threatpost".
A unique identifier is enabled by default on every iPhone that's shipped, allowing advertisers to follow the phone's activity across the web.π Read
via "Threatpost".
Threat Post
Is Privacy Really iPhone? Researchers Weigh in on Appleβs Targeted Ad Tracking
A unique identifier is enabled by default on every iPhone that's shipped, allowing advertisers to follow the phone's activity across the web.
β Wi-Fi Hotspot Finder Spills 2 Million Passwords β
π Read
via "Threatpost".
China-based app maker ignored repeated warnings by researchers that its password database - stored in plain text - was accessible to anyone online.π Read
via "Threatpost".
Threat Post
Wi-Fi Hotspot Finder Spills 2 Million Passwords
China-based app maker ignored repeated warnings by researchers that its password database - stored in plain text - was accessible to anyone online.
π΄ WannaCry Hero Hutchins Pleads Guilty to Malware Charges π΄
π Read
via "Dark Reading: ".
Marcus Hutchins, the security researcher who helped halt the spread of the WannaCry attack, pleads guilty to two charges related to writing malware.π Read
via "Dark Reading: ".
Darkreading
WannaCry Hero Hutchins Pleads Guilty to Malware Charges
Marcus Hutchins, the security researcher who helped halt the spread of the WannaCry attack, pleads guilty to two charges related to writing malware.
π΄ Trojanized TeamViewer Used in Targeted Attacks Against Multiple Embassies π΄
π Read
via "Dark Reading: ".
Motive remains unclear though financial theft appears to be one possibility, Check Point Research says.π Read
via "Dark Reading: ".
Darkreading
Trojanized TeamViewer Used in Targeted Attacks Against Multiple Embassies
Motive remains unclear though financial theft appears to be one possibility, Check Point Research says.
π΄ FBI: $2.7 billion in Losses to Cyber-Enabled Crimes in 2018 π΄
π Read
via "Dark Reading: ".
Internet Crime Complaint Center (IC3) last year received an average of 900+ reports daily of Internet-enabled theft, fraud, and exploitation.π Read
via "Dark Reading: ".
Dark Reading
FBI: $2.7 billion in Losses to Cyber-Enabled Crimes in 2018
Internet Crime Complaint Center (IC3) last year received an average of 900+ reports daily of Internet-enabled theft, fraud, and exploitation.
ATENTIONβΌ New - CVE-2013-7470
π Read
via "National Vulnerability Database".
cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different vulnerability than CVE-2013-0310.π Read
via "National Vulnerability Database".
β Tuesday review β the hot 21 stories of the week β
π Read
via "Naked Security".
A day late! From the weakness in several VPNs to the Internet Explorer browser flaw, and much more - catch up on everything we wrote last week.π Read
via "Naked Security".
Naked Security
Tuesday review β the hot 21 stories of the week
A day late! From the weakness in several VPNs to the Internet Explorer browser flaw, and much more β catch up on everything we wrote last week.
π΄ 1 in 4 Workers Are Aware Of Security Guidelines - but Ignore Them π΄
π Read
via "Dark Reading: ".
1 in 4 Workers Are Aware Of Company IT Security Guidelines but Don't Follow Themπ Read
via "Dark Reading: ".
Dark Reading
1 in 4 Workers Are Aware Of Security Guidelines - but Ignore Them
1 in 4 Workers Are Aware Of Company IT Security Guidelines but Don't Follow Them
π΄ 7 Ways to Get the Most from Your IDS/IPS π΄
π Read
via "Dark Reading: ".
Intrusion detection and prevention is at the foundation of successful security in-depth. Securing the perimeter requires a solid understanding of these two critical components.π Read
via "Dark Reading: ".
Dark Reading
7 Ways to Get the Most from Your IDS/IPS
Intrusion detection and prevention is at the foundation of successful security in-depth. Securing the perimeter requires a solid understanding of these two critical components.
β Once again, itβs 123456: the password that says βI give upβ β
π Read
via "Naked Security".
A new survey says 46% of users find security confusing, which helps explain how that old clunker keeps popping to the top of breach lists.π Read
via "Naked Security".
Naked Security
Once again, itβs 123456: the password that says βI give upβ
A new survey says 46% of users find security confusing, which helps explain how that old clunker keeps popping to the top of breach lists.
β Hotspot finder app blabs 2 million Wi-Fi network passwords β
π Read
via "Naked Security".
If you used WiFi Finder, your passwords to both public and private networks have been left online in an unprotected database.π Read
via "Naked Security".
Naked Security
Hotspot finder app blabs 2 million Wi-Fi network passwords
If you used WiFi Finder, your passwords to both public and private networks have been left online in an unprotected database.
π Weaponization of vulnerabilities in Adobe products more than doubled in 2018 π
π Read
via "Security on TechRepublic".
Using free Adobe software like Flash Player and Adobe Reader can pose a security risk in your organization.π Read
via "Security on TechRepublic".
TechRepublic
Weaponization of vulnerabilities in Adobe products more than doubled in 2018
Using free Adobe software like Flash Player and Adobe Reader can pose a security risk in your organization.
π΄ Will the US Adopt a National Privacy Law? π΄
π Read
via "Dark Reading: ".
Probably not before the 2020 election. But keep an eye on this Congress as legislators debate how to define personal data and what limits to place on how companies use it.π Read
via "Dark Reading: ".
Dark Reading
Will the US Adopt a National Privacy Law?
Probably not before the 2020 election. But keep an eye on this Congress as legislators debate how to define personal data and what limits to place on how companies use it.
β Phone fingerprint scanner fooled by chewing gum packet β
π Read
via "Naked Security".
A video has surfaced claiming to show someone unlocking a Nokia 9 by tapping a gum packet against the fingerprint scanner.π Read
via "Naked Security".
Naked Security
Phone fingerprint scanner fooled by chewing gum packet
A video has surfaced claiming to show someone unlocking a Nokia 9 by tapping a gum packet against the fingerprint scanner.