β Facial Recognition βConsentβ Doesnβt Exist, Threatpost Poll Finds β
π Read
via "Threatpost".
Half of Threatpost readers surveyed in a recent poll don't believe that consent realistically exists when it comes to facial recognition.π Read
via "Threatpost".
Threat Post
Facial Recognition βConsentβ Doesnβt Exist, Threatpost Poll Finds
Half of Threatpost readers surveyed in a recent poll don't believe that consent realistically exists when it comes to facial recognition.
π΄ Go Medieval to Keep OT Safe π΄
π Read
via "Dark Reading: ".
When it comes to operational technology and industrial control systems, make sure you're the lord of all you survey.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Critical Flaws in Sierra Wireless 5G Gateway Allow RCE, Command Injection β
π Read
via "Threatpost".
A 5G wireless gateway tailored for industrial internet of things (IoT), retail point-of-sale and enterprise redundancy applications is riddled with vulnerabilities, include two critical bugs that allow remote code-execution (RCE) and arbitrary command-injection. The Sierra Wireless AirLink ES450 LTE gateway (version 4.9.3) has 11 different bugs, which could be exploited for RCE, uncovering user credentials [β¦]π Read
via "Threatpost".
Threat Post
Critical Flaws in Sierra Wireless 5G Gateway Allow RCE, Command Injection
The wireless gateways are used in PoS, industrial IoT and distributed enterprise settings.
π Friday Five: 4/26 Edition π
π Read
via "Subscriber Blog RSS Feed ".
A new phishing scam asking for selfies,embedding malware in video games, and the latest IoT vulnerability are all covered in this week's Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 4/26 Edition
A new phishing scam asking for selfies,embedding malware in video games, and the latest IoT vulnerability are all covered in this week's Friday Five.
ATENTIONβΌ New - CVE-2015-9284
π Read
via "National Vulnerability Database".
The request phase of the OmniAuth Ruby gem is vulnerable to Cross-Site Request Forgery when used as part of the Ruby on Rails framework, allowing accounts to be connected without user intent, user interaction, or feedback to the user. This permits a secondary account to be able to sign into the web application as the primary account.π Read
via "National Vulnerability Database".
π Widespread scam campaigns targeting millions uncovered by GoDaddy and Palo Alto Networks π
π Read
via "Security on TechRepublic".
A research team found that thousands of websites were tricking users into entering credit card information by spoofing trustworthy sites.π Read
via "Security on TechRepublic".
TechRepublic
Widespread scam campaigns targeting millions uncovered by GoDaddy and Palo Alto Networks
A research team found that thousands of websites were tricking users into entering credit card information by spoofing trustworthy sites.
π How to manage user passwords with Group Policy π
π Read
via "Security on TechRepublic".
You can enforce various policies to make sure your users meet certain requirements with their Windows passwords. Learn about some of the password-related settings in Group Policy.π Read
via "Security on TechRepublic".
TechRepublic
How to manage your users' Windows passwords with Group Policy
You can enforce various policies to make sure your users meet certain requirements with their Windows passwords. Learn about some of the password-related settings in Group Policy.
β GoDaddy Shutters 14,000 Subdomains Tied to βSnake Oilβ Scams β
π Read
via "Threatpost".
GoDaddy worked with researchers to shut down 15,000 domain-shadowing websites tied to bogus affiliate marketing offers promoted via spam campaigns.π Read
via "Threatpost".
Threat Post
GoDaddy Shutters 15,000 Subdomains Tied to βSnake Oilβ Scams
GoDaddy works with researchers to shut down 15,000 websites tied to 'snake oil' affiliate marketing offers promoted via spam campaigns.
β News Wrap: Amazon Echo Privacy, Facebook FTC Fines and Biometrics Regulation β
π Read
via "Threatpost".
On this week's Threatpost news wrap, the team discusses Facebook's FTC fine for its data security practices, a report that Amazon is collecting Echo users' geolocation data, and more.π Read
via "Threatpost".
Threat Post
News Wrap: Amazon Echo Privacy, Facebook FTC Fines and Biometrics Regulation
On this week's Threatpost news wrap, the team discusses Facebook's FTC fine for its data security practices, a report that Amazon is collecting Echo users' geolocation data, and more.
π US Air Force and Privoro partners for MDM solution π
π Read
via "Security on TechRepublic".
New mobile security prototyping contracting between Privoro and the United States Air Force leverages the SafeCase, intelligent smartphone case.π Read
via "Security on TechRepublic".
TechRepublic
US Air Force and Privoro partners for MDM solution
New mobile security prototyping contracting between Privoro and the United States Air Force leverages the SafeCase, intelligent smartphone case.
β Users Urged to Disable WordPress Plugin After Unpatched Flaw Disclosed β
π Read
via "Threatpost".
Yet another WordPress plugin vulnerability has put thousands of websites at risk.π Read
via "Threatpost".
Threat Post
Users Urged to Update WordPress Plugin After Flaw Disclosed
Yet another WordPress plugin vulnerability has put thousands of websites at risk.
π΄ Malware Makes Itself at Home in Set-Top Boxes π΄
π Read
via "Dark Reading: ".
Low-cost boxes that promise free TV streaming services often come complete with malware, according to a new study.π Read
via "Dark Reading: ".
Dark Reading
Malware Makes Itself at Home in Set-Top Boxes
Low-cost boxes that promise free TV streaming services often come complete with malware, according to a new study.
π΄ Slack Warns of Big, Bad Dangers in SEC Filing π΄
π Read
via "Dark Reading: ".
A filing prior to an IPO lists nation-state dangers to Slack's services and customers as a risk for investors.π Read
via "Dark Reading: ".
Darkreading
Slack Warns of Big, Bad Dangers in SEC Filing
A filing prior to an IPO lists nation-state dangers to Slack's services and customers as a risk for investors.
π΄ How to Build a Cloud Security Model π΄
π Read
via "Dark Reading: ".
Security experts point to seven crucial steps companies should be taking as they move data and processes to cloud environments.π Read
via "Dark Reading: ".
Dark Reading
How to Build a Cloud Security Model
Security experts point to seven crucial steps companies should be taking as they move data and processes to cloud environments.
π Small business cybersecurity: The case for MSSPs π
π Read
via "Security on TechRepublic".
Small businesses may not have the staff needed to use automated security platforms, which is one reason why opting for a Managed Security Service Provider (MSSP) might be the better option.π Read
via "Security on TechRepublic".
TechRepublic
Small business cybersecurity: The case for MSSPs
Small businesses may not have the staff needed to use automated security platforms, which is one reason why opting for a Managed Security Service Provider (MSSP) might be the better option.
π Cybersecurity insurance: Read the fine print π
π Read
via "Security on TechRepublic".
Before purchasing cybersecurity insurance for your business, be sure you have a thorough understanding of what is covered.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity insurance: Read the fine print
Before purchasing cybersecurity insurance for your business, be sure you have a thorough understanding of what is covered.
β Monday review β the hot 17 stories of the week β
π Read
via "Naked Security".
From DNS over HTTPS to Microsoft's expiration policy - and everything in between. It's weekly roundup time.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Piracy streaming apps are stuffed with malware β
π Read
via "Naked Security".
Researchers have found that hackers are exploiting vulnerable piracy streaming devices to steal credit card data or rope them into botnets.π Read
via "Naked Security".
Naked Security
Piracy streaming apps are stuffed with malware
Researchers have found that hackers are exploiting vulnerable piracy streaming devices to steal credit card data or rope them into botnets.
β Cops need warrant for both location history and phone pinging, says judge β
π Read
via "Naked Security".
It's one of the first location data privacy cases to grapple with the warrant and surveillance implications of the Carpenter decision.π Read
via "Naked Security".
Naked Security
Cops need warrant for both location history and phone pinging, says judge
Itβs one of the first location data privacy cases to grapple with the warrant and surveillance implications of the Carpenter decision.
β Cryptocurrency giants in $850m fraud allegations β
π Read
via "Naked Security".
The New York Attorney General has accused major cryptocurrency exchange Bitfinex and cryptocurrency Tether of an $850m fraud.π Read
via "Naked Security".
Naked Security
Cryptocurrency giants in $850m fraud allegations
The New York Attorney General has accused major cryptocurrency exchange Bitfinex and cryptocurrency Tether of an $850m fraud.
β NIST tool boosts chances of finding dangerous software flaws β
π Read
via "Naked Security".
NIST thinks it has reached an important milestone in complex software testing with something called Combinatorial Coverage Measurement (CCM).π Read
via "Naked Security".
Naked Security
NIST tool boosts chances of finding dangerous software flaws
NIST thinks it has reached an important milestone in complex software testing with something called Combinatorial Coverage Measurement (CCM).