π΄ Nation-State Breaches Surged in 2018: Verizon DBIR π΄
π Read
via "Dark Reading: ".
The source of breaches has fluctuated significantly over the past nine years, but organized crime has almost always topped nation-state actors each year. The gap narrowed significantly in 2018, according to the annual report.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π΄ US DoJ Indicts Chinese Man for Anthem Breach π΄
π Read
via "Dark Reading: ".
Fujie Wang allegedly worked as part of a hacking team out of China that stole information on nearly 80 million Americans in the massive healthcare breach.π Read
via "Dark Reading: ".
Darkreading
US DoJ Indicts Chinese Man for Anthem Breach
Fujie Wang allegedly worked as part of a hacking team out of China that stole information on nearly 80 million Americans in the massive healthcare breach.
ATENTIONβΌ New - CVE-2016-1600
π Read
via "National Vulnerability Database".
The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability.π Read
via "National Vulnerability Database".
π΄ Data Dump Purportedly Reveals Details on Previously Unknown Iranian Threat Group π΄
π Read
via "Dark Reading: ".
Rana targets airline companies and others in well-planned, well-researched attacks, Israel's ClearSky says.π Read
via "Dark Reading: ".
Darkreading
Data Dump Purportedly Reveals Details on Previously Unknown Iranian Threat Group
Rana targets airline companies and others in well-planned, well-researched attacks, Israel's ClearSky says.
β Airbnb Superhostβs creepy spycam sniffed out by sleuthing infosec pro β
π Read
via "Naked Security".
Why motion sensors in the bedrooms, she wondered? Why the extra light and weird wiring on the router?π Read
via "Naked Security".
Naked Security
Airbnb Superhostβs creepy spycam sniffed out by sleuthing infosec pro
Why motion sensors in the bedrooms, she wondered? Why the extra light and weird wiring on the router?
β FTC renews call for single federal privacy law β
π Read
via "Naked Security".
It also wants to be the country's data-privacy police: commissioners called for more resources and ability to impose penalties.π Read
via "Naked Security".
Naked Security
FTC renews call for single federal privacy law
It also wants to be the countryβs data-privacy police: commissioners called for more resources and ability to impose penalties.
β 275m personal records swiped from exposed MongoDB database β
π Read
via "Naked Security".
Records included not only the individualsβ name and email address but also their employment history, salary, and phone number.π Read
via "Naked Security".
Naked Security
275m personal records swiped from exposed MongoDB database
Records included not only the individualsβ name and email address but also their employment history, salary, and phone number.
β ThreatList: Nigerian Cybercrime Surged 54 Percent in 2018 β
π Read
via "Threatpost".
Nigerian scam groups launched even more attacks in 2018 - and used more complex types of malware to reach more victims.π Read
via "Threatpost".
Threat Post
ThreatList: Nigerian Cybercrime Surged 54 Percent in 2018
Nigerian scam groups launched even more attacks in 2018 - and used more complex types of malware to reach more victims.
π΄ Bumper Crop of New Briefings Added for Black Hat USA π΄
π Read
via "Dark Reading: ".
Among the 50+ new Briefings confirmed for this August event are a deep dive into the Apple T2 chip and a pile of lessons learned from the Equifax and Home Depot breaches.π Read
via "Dark Reading: ".
Dark Reading
Bumper Crop of New Briefings Added for Black Hat USA
Among the 50+ new Briefings confirmed for this August event are a deep dive into the Apple T2 chip and a pile of lessons learned from the Equifax and Home Depot breaches.
π΄ Hackers Still Outpace Breach Detection, Containment Efforts π΄
π Read
via "Dark Reading: ".
Research shows time to discovery and containment of breaches slowly shrinking, but attackers don't need a very big window to do a lot of damage.π Read
via "Dark Reading: ".
Darkreading
Hackers Still Outpace Breach Detection, Containment Efforts
Research shows time to discovery and containment of breaches slowly shrinking, but attackers don't need a very big window to do a lot of damage.
π Half of employees think the cloud is actually in the sky, according to a third of IT workers π
π Read
via "Security on TechRepublic".
It's not a secret that IT professionals--particularly first-tier tech support--have a low opinion of users, though a new survey paints a rather bleak picture.π Read
via "Security on TechRepublic".
TechRepublic
Half of employees think the cloud is actually in the sky, according to a third of IT workers
It's not a secret that IT professionals--particularly first-tier tech support--have a low opinion of users, though a new survey paints a rather bleak picture.
π΄ Symantec CEO Greg Clark Steps Down π΄
π Read
via "Dark Reading: ".
Exec shake-up comes amid earnings drop in financial report.π Read
via "Dark Reading: ".
Dark Reading
Symantec CEO Greg Clark Steps Down
Exec shake-up comes amid earnings drop in financial report.
π΄ How We Collectively Can Improve Cyber Resilience π΄
π Read
via "Dark Reading: ".
Three steps you can take, based on Department of Homeland Security priorities.π Read
via "Dark Reading: ".
Darkreading
How We Collectively Can Improve Cyber Resilience
Three steps you can take, based on Department of Homeland Security priorities.
β Chrome browser pushes SameSite cookie security overhaul β
π Read
via "Naked Security".
Slowly but steadily, developers are being given the tools with which to tame the promiscuous and often insecure world of the browser cookie.π Read
via "Naked Security".
Naked Security
Chrome browser pushes SameSite cookie security overhaul
Slowly but steadily, developers are being given the tools with which to tame the promiscuous and often insecure world of the browser cookie.
π Friday Five: 5/10 Edition π
π Read
via "Subscriber Blog RSS Feed ".
A dark web service takedown, Google gets better about data privacy, and another city hit by ransomware - catch up on the week's news with this roundup!π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 5/10 Edition
A dark web service takedown, Google gets better about data privacy, and another city hit by ransomware - catch up on the week's news with this roundup!
β Nvidia Warns Windows Gamers on GPU Driver Flaws β
π Read
via "Threatpost".
Nvidia has patched three vulnerabilities in its Windows GPU display driver that could enable information disclosure, denial of service and privilege escalation.π Read
via "Threatpost".
Threat Post
Nvidia Warns Windows Gamers on GPU Driver Flaws
Nvidia has patched three vulnerabilities in its Windows GPU display driver that could enable information disclosure, denial of service and privilege escalation.
ATENTIONβΌ New - CVE-2017-12885
π Read
via "National Vulnerability Database".
OX Software GmbH App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-12795
π Read
via "National Vulnerability Database".
OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: (Improper Input Validation).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-12789
π Read
via "National Vulnerability Database".
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/interface/online/delete.php. The attack vector is: The administrator clicks on the malicious link in the login state.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-1006
π Read
via "National Vulnerability Database".
A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versions prior to R9.4f, OptoOPCServer versions prior to R9.4c, and OptoDataLink version R9.4d and prior versions that were installed by PAC Project installer, versions prior to R9.4006, is susceptible to a heap-based buffer overflow condition that may allow remote code execution on the target system. Opto 22 suggests upgrading to the new product version as soon as possible.π Read
via "National Vulnerability Database".
β The WannaCry Security Legacy and Whatβs to Come β
π Read
via "Threatpost".
The WannaCry attack proved pivotal, changing the way organizations go about securing their environments.π Read
via "Threatpost".
Threat Post
The WannaCry Security Legacy and Whatβs to Come
The WannaCry attack proved pivotal, changing the way organizations go about securing their environments.