🛡 Cybersecurity & Privacy 🛡 - News

Resolution Requires Cybersecurity Training for Members of Congress

A bipartisan resolution would mandate IT and cybersecurity training for all members of Congress, their staff, and employees.

51 views21:55

🕴 Website Attack Attempts Rose by 69% in 2018 🕴

Millions of websites have been compromised, but the most likely malware isn't cyptomining: it's quietly stealing files and redirecting traffic, a new Sitelock report shows.

📖 Read

via "Dark Reading: ".

Vulnerabilities & Threats recent news | Dark Reading

Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading

53 views22:30

Facebook sues app developer Rankwave over data misuse

⚠ Facebook sues app developer Rankwave over data misuse ⚠

The suit says Rankwave used Facebook user data for targeted marketing and ignored its cease-and-desist letter.

📖 Read

via "Naked Security".

Naked Security

The suit says Rankwave used Facebook user data for targeted marketing and ignored its cease-and-desist letter.

53 views10:44

Update iOS and Mojave now! Apple patches are out

⚠ Update iOS and Mojave now! Apple patches are out ⚠

Apple has released its May 2019 security updates, taking iOS to version 12.3 and macOS Mojave to version 10.14.5.

📖 Read

via "Naked Security".

Naked Security

Apple has released its May 2019 security updates, taking iOS to version 12.3 and macOS Mojave to version 10.14.5.

50 views10:49

Twitter bug leaks iOS users’ location data to partner

⚠ Twitter bug leaks to iOS users’ location data to partner ⚠

Now fixed, the bug affected some users with multiple accounts running on an iOS device.

📖 Read

via "Naked Security".

Naked Security

Now fixed, the bug affected some users with multiple accounts running on an iOS device.

46 views10:54

🔐 How to create a business-driven cybersecurity strategy: 3 tips 🔐

Companies achieve better results with a business-driven cybersecurity strategy, according to new survey results from consulting firm PwC.

📖 Read

via "Security on TechRepublic".

How to create a business-driven cybersecurity strategy: 3 tips

Adding more security professionals isn't enough of a cyber strategy, according to new survey results from consulting firm PwC.

46 views12:09

Naked Security – Sophos News

⚠ Microsoft fixes Intel ZombieLoad bug with Patch Tuesday updates ⚠

May 2019 Patch Tuesday fixed 79 vulnerabilities, 19 of which are classed as Critical. Here's a summary of the most notable ones.

📖 Read

via "Naked Security".

Sophos News

44 views12:14

Naked Security – Sophos News

⚠ UPDATE NOW! Critical, remote, ‘wormable’ Windows vulnerability ⚠

Microsoft has fixed an RDP vulnerability that can be exploited remotely, without authentication and used to run arbitrary code.

📖 Read

via "Naked Security".

Sophos News

44 views12:14

🕴 Brush Up on the Latest Security Techniques at Black Hat USA 🕴

Learn to set malware lures, pinpoint unintentional but identifying human behaviors, and detect industrial control system attacks via sensor noise.

📖 Read

via "Dark Reading: ".

Brush Up on the Latest Security Techniques at Black Hat USA

Learn to set malware lures, pinpoint unintentional but identifying human behaviors, and detect industrial control system attacks via sensor noise.

43 views13:10

🔐 Why cybersecurity pros want to share information to combat threats 🔐

Security professionals are willing to share intel with their peers and the government if such sharing improved their ability to detect cyber threats, according to an IronNet survey.

📖 Read

via "Security on TechRepublic".

Why cybersecurity pros want to share information to combat threats

Security professionals are willing to share intel with their peers and the government if such sharing improved their ability to detect cyber threats, according to an IronNet survey.

43 views13:14

🔐 71% of medical devices still run on Windows 7, Windows 2008, and Windows mobile 🔐

Medical IoT devices carry significant cybersecurity risks, according to a Forescout report.

📖 Read

via "Security on TechRepublic".

71% of medical devices still run on Windows 7, Windows 2008, and Windows mobile

Medical IoT devices carry significant cybersecurity risks, according to a Forescout report.

49 views14:01

🕴 Windows 10 Migration: Getting It Right 🕴

The transition to Windows 10 doesn't need to be a sprint. Organizations can still take advantage of the security in Windows 7 while gaining added management flexibility from the newer OS.

📖 Read

via "Dark Reading: ".

Windows 10 Migration: Getting It Right

The transition to Windows 10 doesn't need to be a sprint. Organizations can still take advantage of the security in Windows 7 while gaining added management flexibility from the newer OS.

42 views14:35

Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide

❌ Billions of Malicious Bots Take to Cipher-Stunting to Hide ❌

Attackers have been tampering with TLS signatures at a scale never before seen using a technique called cipher-stunting.

📖 Read

via "Threatpost".

Threat Post

Attackers have been tampering with TLS signatures at a scale never before seen using the cipher-stunting approach.

44 views14:57

🔐 How to create a secure website: 4 tips 🔐

A major gap exists between the perception and reality of online security safety, according to Google Registry and The Harris Poll.

📖 Read

via "Security on TechRepublic".

How to create a secure website: 4 tips

A major gap exists between the perception and reality of online security safety, according to Google Registry and The Harris Poll.

46 views15:00

ATENTION‼ New - CVE-2016-7151

Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c.

📖 Read

via "National Vulnerability Database".

46 views16:31

ATENTION‼ New - CVE-2016-10719

TP-Link Archer CR-700 1.0.6 devices have an XSS vulnerability that can be introduced into the admin account through a DHCP request, allowing the attacker to steal the cookie information, which contains the base64 encoded username and password.

📖 Read

via "National Vulnerability Database".

43 views16:31

ATENTION‼ New - CVE-2014-9919

An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the fullname parameter to signup.php.

📖 Read

via "National Vulnerability Database".

41 views16:31

ATENTION‼ New - CVE-2014-9918

An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the user_id parameter to signup.php.

📖 Read

via "National Vulnerability Database".

39 views16:31

ATENTION‼ New - CVE-2014-9917

An issue was discovered in Bilboplanet 2.0. There is a stored XSS vulnerability when adding a tag via the user/?page=tribes tags parameter.

📖 Read

via "National Vulnerability Database".

38 views16:31

Intel ZombieLoad Side-Channel Attack: 10 Takeaways

❌ Intel ZombieLoad Side-Channel Attack: 10 Takeaways ❌

Here are 10 top takeaways from Intel's most recent class of Spectre-like speculative execution vulnerabilities, disclosed this week.

📖 Read

via "Threatpost".

Threat Post

Here are 10 top takeaways from Intel's most recent class of Spectre-like speculative execution vulnerabilities, disclosed this week.

40 views16:55