π Spectre and Meltdown explained: A comprehensive guide for professionals π
π Read
via "Security on TechRepublic".
Staying up to date on Spectre and Meltdown can be challenging. This guide includes in-depth explanations about these uniquely dangerous security vulnerabilities and the best mitigation solutions.π Read
via "Security on TechRepublic".
TechRepublic
Spectre and Meltdown explained: A comprehensive guide for professionals
Staying up to date on Spectre and Meltdown can be challenging. This guide includes in-depth explanations about these uniquely dangerous security vulnerabilities and the best mitigation solutions.
ATENTIONβΌ New - CVE-2016-7043
π Read
via "National Vulnerability Database".
It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-7285
π Read
via "National Vulnerability Database".
Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.π Read
via "National Vulnerability Database".
π New Senate Bill Would Crackdown on IP Theft π
π Read
via "Subscriber Blog RSS Feed ".
A new bill introduced in the Senate this week would restrict U.S. tech exports to China and crack down on intellectual property theft.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
New Senate Bill Would Crackdown on IP Theft
A new bill introduced in the Senate this week would restrict U.S. tech exports to China and crack down on intellectual property theft.
π΄ Introducing the Digital Transformation Architect π΄
π Read
via "Dark Reading: ".
Bet-the-company transformation that expands the attack surface requires close alignment and leadership across executive, IT and security teams.π Read
via "Dark Reading: ".
Dark Reading
Introducing the Digital Transformation Architect
Bet-the-company transformation that expands the attack surface requires close alignment and leadership across executive, IT and security teams.
β Google Titan Security Key Recalled After Bluetooth Pairing Bug β
π Read
via "Threatpost".
Google is offering free replacements for its Titan Security Key after discovering a misconfiguration in its pairing protocols.π Read
via "Threatpost".
Threat Post
Google Titan Security Key Recalled After Bluetooth Pairing Bug
Google is offering free replacements for its Titan Security Key after discovering a misconfiguration in its pairing protocols.
π΄ Attackers Are Messing with Encryption Traffic to Evade Detection π΄
π Read
via "Dark Reading: ".
Unknown groups have started tampering with Web traffic encryption, causing the number of fingerprints for connections using Transport Layer Security to jump from 19,000 to 1.4 billion in less than a year.π Read
via "Dark Reading: ".
Dark Reading
Attackers Are Messing with Encryption Traffic to Evade Detection
Unknown groups have started tampering with Web traffic encryption, causing the number of fingerprints for connections using Transport Layer Security to jump from 19,000 to 1.4 billion in less than a year.
π΄ New Intel Vulnerabilities Bring Fresh CPU Attack Dangers π΄
π Read
via "Dark Reading: ".
Four newly discovered vulns from the speculative-execution family bring Meltdown-like threats to Intel's processors.π Read
via "Dark Reading: ".
Dark Reading
New Intel Vulnerabilities Bring Fresh CPU Attack Dangers
Four newly discovered vulns from the speculative-execution family bring Meltdown-like threats to Intel's processors.
π΄ GDPR Drives Changes, but Privacy by Design Proves Elusive π΄
π Read
via "Dark Reading: ".
One year later, the EU mandate's biggest impact has been to focus more attention on data protection and privacy, security analysts say.π Read
via "Dark Reading: ".
Darkreading
GDPR Drives Changes, but Privacy by Design Proves Elusive
One year later, the EU mandate's biggest impact has been to focus more attention on data protection and privacy, security analysts say.
π Cheat sheet: How to become a cybersecurity pro π
π Read
via "Security on TechRepublic".
If you are interested in pursuing a career in cybersecurity and don't know where to start, here's your go-to guide to salaries, job markets, skills, and common interview questions in the field.π Read
via "Security on TechRepublic".
TechRepublic
How to become a cybersecurity pro: A cheat sheet
If you are interested in pursuing a career in cybersecurity and don't know where to start, here's your go-to guide about salaries, job markets, skills and common interview questions in the field, as well as the top security software.
β San Francisco bans police use of facial recognition β
π Read
via "Naked Security".
The city that gave us facial recognition tech says "not in my back yard".π Read
via "Naked Security".
Naked Security
San Francisco bans police use of facial recognition
The city that gave us facial recognition tech says βnot in my back yardβ.
β Severe Linux kernel flaw found in RDS β
π Read
via "Naked Security".
Unpatched Linux systems are vulnerable to remote compromise from the local network.π Read
via "Naked Security".
Naked Security
Severe Linux kernel flaw found in RDS
Unpatched Linux systems are vulnerable to remote compromise from the local network.
β Facebook restores disabled βView Asβ feature used in 2018 breach β
π Read
via "Naked Security".
The feature still lets you see how others see you, but without leaking access tokens.π Read
via "Naked Security".
Naked Security
Facebook restores disabled βView Asβ feature used in 2018 breach
The feature still lets you see how others see you, but without leaking access tokens.
β Cybercrime Gang Behind GozNym Banking Malware Dismantled β
π Read
via "Threatpost".
Europol said it has dismantled the cybercrime network behind the GozNym malware, which siphoned more than $100 million from businesses.π Read
via "Threatpost".
Threat Post
Cybercrime Gang Behind GozNym Banking Malware Dismantled
Europol said it has dismantled the cybercrime network behind the GozNym malware, which siphoned more than $100 million from businesses.
β Cisco Service Provider, WebEx Bugs Offer Up Remote Code Execution β
π Read
via "Threatpost".
The vendor also issued a patch schedule for the still-unpatched bug in its Secure Boot trusted hardware environment, which affects most of its enterprise and SMB portfolio, amounting to millions of vulnerable devices.π Read
via "Threatpost".
Threat Post
Cisco Service Provider, WebEx Bugs Offer Up Remote Code Execution
The vendor also issued a patch schedule for the still-unpatched bug in its Secure Boot trusted hardware environment, which affects most of its enterprise and SMB portfolio, amounting to millions of vulnerable devices.
π΄ Cyber Workforce Exec Order: Right Question, Wrong Answer π΄
π Read
via "Dark Reading: ".
Shuffling resources, adding administrative process, and creating a competition and incentive system will do little to grow and mature the talent we need to meet the cybersecurity challenges we face.π Read
via "Dark Reading: ".
Dark Reading
Cyber Risk recent news | Dark Reading
Explore the latest news and expert commentary on Cyber Risk, brought to you by the editors of Dark Reading
β Please vote for Naked Security at the European Blogger Awards 2018! β
π Read
via "Naked Security".
If you like what we do... please vote for us!π Read
via "Naked Security".
Naked Security
Please vote for Naked Security at the European Blogger Awards 2019!
If you like what we do⦠please vote for us!
π MDS vulnerabilities lead Chrome OS 74 to disable hyper-threading π
π Read
via "Security on TechRepublic".
Hyper-Threading, Intel's implementation of symmetric multithreading (SMT) can be exploited using the newly-disclosed MDS vulnerabilities, like Fallout and ZombieLoad.π Read
via "Security on TechRepublic".
TechRepublic
MDS vulnerabilities lead Chrome OS 74 to disable hyper-threading
Hyper-Threading, Intel's implementation of symmetric multithreading (SMT) can be exploited using the newly-disclosed MDS vulnerabilities, like Fallout and ZombieLoad.
π Data Security Standard for the Insurance Industry Catching On π
π Read
via "Subscriber Blog RSS Feed ".
Alabama is the latest state to adopt the Insurance Data Security Model Law, a legal framework that requires insurers to develop and implement an information security program and breach notification standards.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Data Security Standard for the Insurance Industry Catching On
Alabama is the latest state to adopt the Insurance Data Security Model Law, a legal framework that requires insurers to develop and implement an information security program among other security standards.
β Forbes Becomes Latest Victim of Magecart Payment Card Skimmer β
π Read
via "Threatpost".
The web skimming script was recently found stealing payment data on the websites of Forbes Magazine as well as seven others.π Read
via "Threatpost".
Threat Post
Forbes Becomes Latest Victim of Magecart Payment Card Skimmer
The web skimming script was recently found stealing payment data on the websites of Forbes Magazine as well as seven others.