β ExtraPulsar backdoor based on leaked NSA code β what you need to know β
π Read
via "Naked Security".
A US security researcher has come up with an open-source Windows backdoor loosely based on NSA attack code that leaked back in 2017.π Read
via "Naked Security".
β Qualcomm Critical Flaw Exposes Private Keys For Android Devices β
π Read
via "Threatpost".
A side-channel attack in Qualcomm technology, which is used by most modern Android devices, could allow an attacker to snatch private keys.π Read
via "Threatpost".
Threat Post
Qualcomm Critical Flaw Exposes Private Keys For Android Devices
A side-channel attack in Qualcomm technology, which is used by most Android devices, could allow an attacker to snatch private keys.
π Enterprise cryptojacking attacks continue, despite overall decline in popularity among hackers π
π Read
via "Security on TechRepublic".
A newly-discovered cryptojacking campaign uses familiar exploits to target enterprises and traverse network shares, infecting any connected computer.π Read
via "Security on TechRepublic".
TechRepublic
Enterprise cryptojacking attacks continue, despite overall decline in popularity among hackers
A newly-discovered cryptojacking campaign uses familiar exploits to target enterprises and traverse network shares, infecting any connected computer.
π΄ Sensitive Data Lingers on Used Storage Drives Sold Online π΄
π Read
via "Dark Reading: ".
Four in 10 used hard drives sold on eBay found to contain sensitive information.π Read
via "Dark Reading: ".
Darkreading
Sensitive Data Lingers on Used Storage Drives Sold Online
Four in 10 used hard drives sold on eBay found to contain sensitive information.
π The 4 most important files for SSH connections π
π Read
via "Security on TechRepublic".
You are better armed to make use of the SSH tool with an understanding of four key SSH files.π Read
via "Security on TechRepublic".
β Amazon Employees Given βBroad Accessβ to Personal Alexa Info β
π Read
via "Threatpost".
An auditing program for the voice assistant technology exposes geolocation data that can be personally identified, sources said.π Read
via "Threatpost".
Threat Post
Amazon Employees Given βBroad Accessβ to Personal Alexa Info
An auditing program for the voice assistant technology exposes geolocation data that can be personally identified, sources said.
π΄ Enterprise Trojan Detections Spike 200% in Q1 2019 π΄
π Read
via "Dark Reading: ".
Cybercriminals see greater ROI targeting businesses, which have been slammed with ransomware attacks and Trojans.π Read
via "Dark Reading: ".
Darkreading
Enterprise Trojan Detections Spike 200% in Q1 2019
Cybercriminals see greater ROI targeting businesses, which have been slammed with ransomware attacks and Trojans.
π΄ How a Nigerian ISP Accidentally Hijacked the Internet π΄
π Read
via "Dark Reading: ".
For 74 minutes, traffic destined for Google and Cloudflare services was routed through Russia and into the largest system of censorship in the world, China's Great Firewall.π Read
via "Dark Reading: ".
Darkreading
How a Nigerian ISP Accidentally Hijacked the Internet
For 74 minutes, traffic destined for Google and Cloudflare services was routed through Russia and into the largest system of censorship in the world, China's Great Firewall.
ATENTIONβΌ New - CVE-2017-16558
π Read
via "National Vulnerability Database".
Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 contains an SQL injection vulnerability in the back end as well as in the listing module.π Read
via "National Vulnerability Database".
π΄ 55% of SMBs Would Pay Up Post-Ransomware Attack π΄
π Read
via "Dark Reading: ".
The number gets even higher among larger SMBs.π Read
via "Dark Reading: ".
Darkreading
55% of SMBs Would Pay Up Post-Ransomware Attack
The number gets even higher among larger SMBs.
π΄ UVA Wins Second Consecutive National Collegiate Cyber Defense Championship π΄
π Read
via "Dark Reading: ".
The Wahoos came out on top among 235 colleges and universities that took part in the 15-year-old competition.π Read
via "Dark Reading: ".
Darkreading
UVA Wins Second Consecutive National Collegiate Cyber Defense Championship
The Wahoos came out on top among 235 colleges and universities that took part in the 15-year-old competition.
ATENTIONβΌ New - CVE-2018-1360
π Read
via "National Vulnerability Database".
A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0 through 5.2.7, 5.4.0 and 5.4.1 may allow an unauthenticated attacker in a man in the middle position to retrieve the admin password via intercepting REST API JSON responses.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12244
π Read
via "National Vulnerability Database".
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.π Read
via "National Vulnerability Database".
β Android-Based Sony Smart-TVs Open to Image Pilfering β
π Read
via "Threatpost".
A pair of bugs would allow attackers to compromise the WiFi password of a TV and the multimedia stored inside it.π Read
via "Threatpost".
Threat Post
Android-Based Sony Smart-TVs Open to Image Pilfering
A pair of bugs would allow attackers to compromise the WiFi password of a TV and the multimedia stored inside it.
π΄ Cyberattackers Focus on More Subtle Techniques π΄
π Read
via "Dark Reading: ".
Spam has given way to spear phishing, cryptojacking remains popular, and credential spraying is on the rise.π Read
via "Dark Reading: ".
Darkreading
Cyberattackers Focus on More Subtle Techniques
Spam has given way to spear phishing, cryptojacking remains popular, and credential spraying is on the rise.
π΄ New EternalBlue Family Member Takes Aim at Asian Web Servers π΄
π Read
via "Dark Reading: ".
Beapy is a new malware variant that's storming across China, leaving cryptominers in its wake.π Read
via "Dark Reading: ".
Darkreading
New EternalBlue Family Member Takes Aim at Asian Web Servers
Beapy is a new malware variant that's storming across China, leaving cryptominers in its wake.
π΄ Security Vulns in Microsoft Products Continue to Increase π΄
π Read
via "Dark Reading: ".
The good news: Removing admin privileges can mitigate most of them, a new study by BeyondTrust shows.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Cops can try suspectβs fingers on locked iPhones found at crime scene β
π Read
via "Naked Security".
A Massachusetts federal district judge gave cops a warrant to force-unlock iPhones with the suspect's fingers.π Read
via "Naked Security".
Naked Security
Cops can try suspectβs fingers on locked iPhones found at crime scene
A Massachusetts federal district judge gave cops a warrant to force-unlock iPhones with the suspectβs fingers.
β Microsoft drops password expiration from Windows 10 security β
π Read
via "Naked Security".
Microsoft has recognised that users don't actually change their passwords when prompted, they just tweak them. And that doesn't help anyone.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Fingerprint glitch in passports swapped left and right hands β
π Read
via "Naked Security".
And just who, exactly, is going to pay for new passports if it's necessary? Danish police are chatting with Kube Data about that.π Read
via "Naked Security".
Naked Security
Fingerprint glitch in passports swapped left and right hands
And just who, exactly, is going to pay for new passports if itβs necessary? Danish police are chatting with Kube Data about that.
β NSA asks to end mass phone surveillance β
π Read
via "Naked Security".
The NSA has asked the White House to end its mass phone surveillance program because the work involved outweighs its intelligence value.π Read
via "Naked Security".
Naked Security
NSA asks to end mass phone surveillance
The NSA has asked the White House to end its mass phone surveillance program because the work involved outweighs its intelligence value.