π΄ 78% of Consumers Say Online Companies Must Protect Their Info π΄
π Read
via "Dark Reading: ".
Yet 68% of US consumers agree they also must do more to protect their own information.π Read
via "Dark Reading: ".
Dark Reading
78% of Consumers Say Online Companies Must Protect Their Info
Yet 68% of US consumers agree they also must do more to protect their own information.
π΄ Poorly Configured Server Exposes Most Panama Citizens' Data π΄
π Read
via "Dark Reading: ".
Compromised information includes full names, birth dates, national ID numbers, medical insurance numbers, and other personal data.π Read
via "Dark Reading: ".
Dark Reading
Poorly Configured Server Exposes Most Panama Citizens' Data
Compromised information includes full names, birth dates, national ID numbers, medical insurance numbers, and other personal data.
ATENTIONβΌ New - CVE-2015-9287
π Read
via "National Vulnerability Database".
Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The key identification field ("kid") of the IdP's HTTP response message ("WLS-Response") can be manipulated by an attacker. The "kid" field is not signed like the rest of the message, and manipulation is therefore trivial. The "kid" field should only ever represent an integer. However, it is possible to provide any string value. An attacker could use this to their advantage to force the application agent to load the RSA public key required for message integrity checking from an unintended location.π Read
via "National Vulnerability Database".
π FTC Backs Federal Privacy Law As Long As It Can Enforce It π
π Read
via "Subscriber Blog RSS Feed ".
The FTC told Congress last week that if a national privacy law gets passed, it wants more resources and greater authority to impose penalties under it.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
FTC Backs Federal Privacy Law As Long As It Can Enforce It
The FTC told Congress last week that if a national privacy law gets passed, it wants more resources and greater authority to impose penalties under it.
π΄ Attacks on JavaScript Services Leak Info From Websites π΄
π Read
via "Dark Reading: ".
Three marketing tools, including the Best Of The Web security logomark, were compromised in supply chain attacks, allegedly leaving website customers leaking their users' sensitive information.π Read
via "Dark Reading: ".
Darkreading
Attacks on JavaScript Services Leak Info From Websites
Three marketing tools, including the Best Of The Web security logomark, were compromised in supply chain attacks, allegedly leaving website customers leaking their users' sensitive information.
β Twitter Leaks Apple iOS Usersβ Location Data to Ad Partner β
π Read
via "Threatpost".
A Twitter glitch "inadvertently" leaked iOS users' location data to an unnamed partner.π Read
via "Threatpost".
Threat Post
Twitter Leaks Apple iOS Usersβ Location Data to Ad Partner
A Twitter glitch "inadvertently" leaked iOS users' location data to an unnamed partner.
π΄ LockerGoga, MegaCortex Ransomware Share Unlikely Traits π΄
π Read
via "Dark Reading: ".
New form of ransomware MegaCortex shares commonalities with LockerGoga, enterprise malware recently seen in major cyberattacks.π Read
via "Dark Reading: ".
Darkreading
LockerGoga, MegaCortex Ransomware Share Unlikely Traits
New form of ransomware MegaCortex shares commonalities with LockerGoga, enterprise malware recently seen in major cyberattacks.
β Pair of Cisco Bugs, One Unpatched, Affect Millions of Devices β
π Read
via "Threatpost".
The two high-severity bugs impact a wide array of enterprise, military and government networks.π Read
via "Threatpost".
Threat Post
Pair of Cisco Bugs, One Unpatched, Affect Millions of Devices
The two high-severity bugs impact a wide array of enterprise, military and government networks.
π΄ Thrangrycat Claws Cisco Customer Security π΄
π Read
via "Dark Reading: ".
A linked pair of vulnerabilities could allow an attacker to take over many different types of Cisco networking components.π Read
via "Dark Reading: ".
Darkreading
Thrangrycat Claws Cisco Customer Security
A linked pair of vulnerabilities could allow an attacker to take over many different types of Cisco networking components.
π΄ Korean APT Adds Rare Bluetooth Device-Harvester Tool π΄
π Read
via "Dark Reading: ".
ScarCruft has evolved into a skilled and resourceful threat group, new research shows.π Read
via "Dark Reading: ".
Darkreading
Korean APT Adds Rare Bluetooth Device-Harvester Tool
ScarCruft has evolved into a skilled and resourceful threat group, new research shows.
β Feds hook ELECTRICFISH, new Windows malware from North Korea β
π Read
via "Naked Security".
The FBI and Department of Homeland Security have identified a new strain of malware from North Korea, representing the latest in a long line of cyber attacks from the countryπ Read
via "Naked Security".
Naked Security
Feds hook ELECTRICFISH, new Windows malware from North Korea
The FBI and Department of Homeland Security have identified a new strain of malware from North Korea, representing the latest in a long line of cyber attacks from the country
β Windows 10 brings password-free access another step closer β
π Read
via "Naked Security".
Microsoft has put another nail in the passwordβs coffin by winning a certification that will make it easier to log into Windows machines. π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β White label SOS panic buttons can be hacked via SMS β
π Read
via "Naked Security".
A Chinese white-label panic alarm used by elderly and vulnerable people can be remotely controlled by sending it simple SMS commands.π Read
via "Naked Security".
Naked Security
White label SOS panic buttons can be hacked via SMS
A Chinese white-label panic alarm used by elderly and vulnerable people can be remotely controlled by sending it simple SMS commands.
π Facebook data privacy scandal: A cheat sheet π
π Read
via "Security on TechRepublic".
Read about the saga of Facebook's failures in ensuring privacy for user data, including how it relates to Cambridge Analytica, the GDPR, the Brexit campaign, and the 2016 US presidential election.π Read
via "Security on TechRepublic".
TechRepublic
Facebook data privacy scandal: A cheat sheet
Read about the saga of Facebook's failures in ensuring privacy for user data, including how it relates to Cambridge Analytica, the GDPR, the Brexit campaign, and the 2016 US presidential election.
β Update WhatsApp now! One call could give spies access to your phone β
π Read
via "Naked Security".
A WhatsApp zero-day has allowed an βadvanced cyber actorβ to successfully install spyware on victims' phones with no more than a phone call.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Cynet: An Autonomous Security Platform for Any Size Organization β
π Read
via "Threatpost".
Cynet protects the entire internal environment β including hosts, files, users and the network.π Read
via "Threatpost".
Threat Post
Cynet: An Autonomous Security Platform for Any Size Organization
Cynet protects the entire internal environment β including hosts, files, users and the network.
β WhatsApp Zero-Day Exploited in Targeted Spyware Attacks β
π Read
via "Threatpost".
WhatsApp has patched a vulnerability that allowed attackers to install spyware on victims' phones.π Read
via "Threatpost".
Threat Post
WhatsApp Zero-Day Exploited in Targeted Spyware Attacks
WhatsApp has patched a vulnerability that allowed attackers to install spyware on victims' phones.
π How to securely delete files in Linux with srm π
π Read
via "Security on TechRepublic".
Don't entrust the deletion of sensitive data to the standard tools. Install this handy data wipe command for a more secure removal.π Read
via "Security on TechRepublic".
TechRepublic
How to securely delete files in Linux with srm
Don't entrust the deletion of sensitive data to the standard tools. Install this handy data wipe command for a more secure removal.
π Slack vulnerability allows attackers to intercept, modify downloads π
π Read
via "Security on TechRepublic".
Improper handling of a custom URI creates a vulnerability for users of the Slack Desktop client on Windows.π Read
via "Security on TechRepublic".
TechRepublic
Slack vulnerability allows attackers to intercept, modify downloads
Improper handling of a custom URI created a vulnerability, now patched, for users of the Electron-based Slack Desktop client on Windows.
π΄ Why AI Will Create Far More Jobs Than It Replaces π΄
π Read
via "Dark Reading: ".
Just as spreadsheets and personal computers created a job boom in the '70s, so too will artificial intelligence spur security analysts' ability to defend against advanced threats.π Read
via "Dark Reading: ".
Dark Reading
Why AI Will Create Far More Jobs Than It Replaces
Just as spreadsheets and personal computers created a job boom in the '70s, so too will artificial intelligence spur security analysts' ability to defend against advanced threats.
β Linux Kernel Flaw Allows Remote Code-Execution β
π Read
via "Threatpost".
The bug is remotely exploitable without authentication or user interaction.π Read
via "Threatpost".
Threat Post
Linux Kernel Flaw Allows Remote Code-Execution
The bug is remotely exploitable without authentication or user interaction.