β Facebook under investigation for harvesting 1.5m usersβ contact lists β
π Read
via "Naked Security".
For years, Facebook asked some new users for email passwords, then grabbed their contacts without consent (or any way to stop the process).π Read
via "Naked Security".
Naked Security
Facebook under investigation for harvesting 1.5m usersβ contact lists
For years, Facebook asked some new users for email passwords, then grabbed their contacts without consent (or any way to stop the process).
β Docker breach of 190,000 users exposes lack of two-factor authentication β
π Read
via "Naked Security".
The containerisation platform has asked 190k users to change their passwords after hackers gained access to a database of personal data.π Read
via "Naked Security".
Naked Security
Docker breach of 190,000 users exposes lack of two-factor authentication
The containerisation platform has asked 190k users to change their passwords after hackers gained access to a database of personal data.
π 61% of IT pros have experienced a serious data breach π
π Read
via "Security on TechRepublic".
Cybercriminals continue to target intellectual property, putting companies at risk for financial and brand reputation hits, according to McAfee.π Read
via "Security on TechRepublic".
TechRepublic
61% of IT pros have experienced a serious data breach
Cybercriminals continue to target intellectual property, putting companies at risk for financial and brand reputation hits, according to McAfee.
β Securing edge devices β how to keep the crooks out of your network β
π Read
via "Naked Security".
The Good Guys from the Cyber Threat Alliance just published a report to help you keep the Bad Guys out of your networkπ Read
via "Naked Security".
Naked Security
Securing edge devices β how to keep the crooks out of your network
The Good Guys from the Cyber Threat Alliance just published a report to help you keep the Bad Guys out of your network
π΄ Researchers Explore Remote Code Injection in macOS π΄
π Read
via "Dark Reading: ".
Deep Instinct analysts test three code injection methods and a custom-built Mach-O loader to load malicious files from memory.π Read
via "Dark Reading: ".
Darkreading
Researchers Explore Remote Code Injection in macOS
Deep Instinct analysts test three code injection methods and a custom-built Mach-O loader to load malicious files from memory.
π Why third-party providers pose a security risk to organizations π
π Read
via "Security on TechRepublic".
A dependency on third-party cloud and hosting providers leaves businesses more vulnerable to potential cyber threats, according to RiskRecon and the Cyentia Institute.π Read
via "Security on TechRepublic".
TechRepublic
Why third-party providers pose a security risk to organizations
A dependency on third-party cloud and hosting providers leaves businesses more vulnerable to potential cyber threats, according to RiskRecon and the Cyentia Institute.
π΄ Threat Intelligence Firms Look to AI, but Still Require Humans π΄
π Read
via "Dark Reading: ".
Machine learning and artificial intelligence are helping threat-intelligence firms cover a greater area of the darknet, but human analysts will always be necessary, experts say.π Read
via "Dark Reading: ".
Dark Reading
Threat Intelligence Firms Look to AI, but Still Require Humans
Machine learning and artificial intelligence are helping threat-intelligence firms cover a greater area of the darknet, but human analysts will always be necessary, experts say.
π΄ How to Help Your Board Navigate Cybersecurity's Legal Risks π΄
π Read
via "Dark Reading: ".
What's worse than a massive data breach? A massive data breach followed by a shareholder derivative lawsuit. Learn what's at stake and what CISOs can do to mitigate the damage.π Read
via "Dark Reading: ".
Dark Reading
Cyber Risk recent news | Dark Reading
Explore the latest news and expert commentary on Cyber Risk, brought to you by the editors of Dark Reading
β Android users: watch out for this fake address bar trick β
π Read
via "Naked Security".
When is an address bar not an address bar? When it's a fake.π Read
via "Naked Security".
Naked Security
Android users: watch out for this fake address bar trick
When is an address bar not an address bar? When itβs a fake.
π Android Security Bulletin April 2019: What you need to know π
π Read
via "Security on TechRepublic".
Another month is here and Android finds itself with a mixture of critical and high vulnerabilities.π Read
via "Security on TechRepublic".
TechRepublic
Android Security Bulletin April 2019: What you need to know
Another month is here and Android finds itself with a mixture of critical and high vulnerabilities.
β BEC Hack Cons Catholic Church Out of $1.75 Million β
π Read
via "Threatpost".
An Ohio parish lost a whopping $1.75 million after attackers breached two employees' email accounts - and then tricked other employees into sending wire transfers to a fraudulent bank account.π Read
via "Threatpost".
Threat Post
BEC Hack Cons Catholic Church Out of $1.75 Million
An Ohio parish lost a whopping $1.75 million after attackers breached two employees' email accounts - and then tricked other employees into sending wire transfers to a fraudulent bank account.
ATENTIONβΌ New - CVE-2015-9286
π Read
via "National Vulnerability Database".
Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.π Read
via "National Vulnerability Database".
β Researchers Compromise Netflix Content in Widevine DRM Hack β
π Read
via "Threatpost".
A bug in the popular anti-piracy framework allows a side-channel attack on premium content.π Read
via "Threatpost".
Threat Post
Researchers Compromise Netflix Content in Widevine DRM Hack
A bug in the popular anti-piracy framework allows a side-channel attack on premium content.
π The Best Tools & Techniques for Employee Security Awareness Training π
π Read
via "Subscriber Blog RSS Feed ".
Phishing simulation training? Audits? Incentivizing training? We talked to 18 infosec leaders and asked them what the best tools and techniques for employee security awareness training are.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
The Best Tools & Techniques for Employee Security Awareness Training
Phishing simulation training? Audits? Incentivizing training? We talked to 18 infosec leaders and asked them what the best tools and techniques for employee security awareness training are.
π΄ Microsoft 365 Updated with New Compliance, Encryption, Privacy Controls π΄
π Read
via "Dark Reading: ".
New tools, such as Compliance Manager and Advanced Message Encryption, aim to give businesses more options for data privacy.π Read
via "Dark Reading: ".
Dark Reading
Cloud Security recent news | Dark Reading
Explore the latest news and expert commentary on Cloud Security, brought to you by the editors of Dark Reading
π΄ California Consumer Privacy Act: 4 Compliance Best Practices π΄
π Read
via "Dark Reading: ".
Companies that get ahead of the January 2020 data privacy deadline can minimize the risk of sanctions and also gain a competitive advantage in the marketplace.π Read
via "Dark Reading: ".
Dark Reading
California Consumer Privacy Act: 4 Compliance Best Practices
Companies that get ahead of the January 2020 data privacy deadline can minimize the risk of sanctions and also gain a competitive advantage in the marketplace.
β New βSodinokibiβ Ransomware Exploits Critical Oracle WebLogic Flaw β
π Read
via "Threatpost".
A recently-patched critical flaw in Oracle WebLogic is being actively exploited to peddle a new ransomware variant, which researchers call "Sodinokibi."π Read
via "Threatpost".
Threat Post
New βSodinokibiβ Ransomware Exploits Critical Oracle WebLogic Flaw
A recently-patched critical flaw in Oracle WebLogic is being actively exploited to peddle a new ransomware variant, which researchers call "Sodinokibi."
ATENTIONβΌ New - CVE-2018-10055 (tensorflow)
π Read
via "National Vulnerability Database".
Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file.π Read
via "National Vulnerability Database".
β Fake Jason Statham Bilks a Fan Out of Serious Money β
π Read
via "Threatpost".
A scam version of the actor convinced a woman he was in love with her.π Read
via "Threatpost".
Threat Post
Fake Jason Statham Bilks a Fan Out of Serious Money
A scam version of the actor convinced a woman he was in love with her.
π΄ Confluence Vulnerability Opens Door to GandCrab π΄
π Read
via "Dark Reading: ".
An exploit of the vulnerability offers attackers a ransomware surface that doesn't need email.π Read
via "Dark Reading: ".
Darkreading
Confluence Vulnerability Opens Door to GandCrab
An exploit of the vulnerability offers attackers a ransomware surface that doesn't need email.
π΄ Database Leaks, Network Traffic Top Data Exfiltration Methods π΄
π Read
via "Dark Reading: ".
Intellectual property and personally identifiable information tie for the type of data IT practitioners are worried about losing.π Read
via "Dark Reading: ".
Darkreading
Database Leaks, Network Traffic Top Data Exfiltration Methods
Intellectual property and personally identifiable information tie for the type of data IT practitioners are worried about losing.