π’ Exploitation of Atlassian Confluence zero-day surges fifteen-fold in 24 hours π’
π Read
via "ITPro".
The zero-day code execution vulnerability was discovered last week and cyber attackers are already capitalising on the proof-of-concept codeπ Read
via "ITPro".
ITPro
Exploitation of Atlassian Confluence zero-day surges fifteen-fold in 24 hours
The zero-day code execution vulnerability was discovered last week and cyber attackers are already capitalising on the proof-of-concept code
π’ Data protection policies and procedures π’
π Read
via "ITPro".
Why your company needs them, and what they should includeπ Read
via "ITPro".
IT PRO
Data protection policies and procedures | IT PRO
Why your company needs them, and what they should include
ποΈ US Justice Department offers blueprint for more βinnovative, secure IT capabilitiesβ ποΈ
π Read
via "The Daily Swig".
βZero trustβ architecture and secure supply chains to the fore in new strategyπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
US Justice Department offers blueprint for more βinnovative, secure IT capabilitiesβ
βZero trustβ architecture and secure supply chains to the fore in new strategy
π΄ A Few Simple Ways to Transform Your Cybersecurity Hiring π΄
π Read
via "Dark Reading".
Raytheon Intelligence & Space's Jon Check joins Dark Reading's Terry Sweeney at Dark Reading News Desk at RSA Conference to talk about how hiring must change.π Read
via "Dark Reading".
Darkreading
A Few Simple Ways to Transform Your Cybersecurity Hiring
Raytheon Intelligence & Space's Jon Check joins Dark Reading's Terry Sweeney at Dark Reading News Desk at RSA Conference to talk about how hiring must change.
β S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript] β
π Read
via "Naked Security".
Latest episode - listen (or read) now!π Read
via "Naked Security".
Naked Security
S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]
Latest episode β listen (or read) now!
βΌ CVE-2022-32978 βΌ
π Read
via "National Vulnerability Database".
There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan.π Read
via "National Vulnerability Database".
π΄ Mitigating the Security Skills Shortage π΄
π Read
via "Dark Reading".
Panther Labs' Jack Naglieri joins Dark Reading's Terry Sweeney at Dark Reading News Desk at RSA Conference to discuss how to improve hiring and training.π Read
via "Dark Reading".
Darkreading
Mitigating the Security Skills Shortage
Panther Labs' Jack Naglieri joins Dark Reading's Terry Sweeney at Dark Reading News Desk at RSA Conference to discuss how to improve hiring and training.
π΄ Application Security Testing Is on the Mend With Automated Remediation π΄
π Read
via "Dark Reading".
Mend's Arabella Hallawell joins Dark Reading's Terry Sweeney at Dark Reading News Desk at RSA Conference to talk about the benefits of automated remediation.π Read
via "Dark Reading".
Darkreading
Application Security Testing Is on the Mend With Automated Remediation
Mend's Arabella Hallawell joins Dark Reading's Terry Sweeney at Dark Reading News Desk at RSA Conference to talk about the benefits of automated remediation.
π1
π΄ New Linux Malware 'Nearly Impossible to Detect' π΄
π Read
via "Dark Reading".
So-called Symbiote malware, first found targeting financial institutions, contains stealthy rootkit capabilities.π Read
via "Dark Reading".
Dark Reading
New Linux Malware 'Nearly Impossible to Detect'
So-called Symbiote malware, first found targeting financial institutions, contains stealthy rootkit capabilities.
π΄ How to Secure a High-Profile Event Like the Super Bowl π΄
π Read
via "Dark Reading".
Cisco's TK Keanini and the NFL's TomΓ‘s Maldonado join Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about end-to-end security.π Read
via "Dark Reading".
Darkreading
How to Secure a High-Profile Event Like the Super Bowl
Cisco's TK Keanini and the NFL's TomΓ‘s Maldonado join Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about end-to-end security.
π΄ How to Blunt the Virulence of the New Ransomware π΄
π Read
via "Dark Reading".
Halcyon's Jon Miller joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss how to mitigate ransomware.π Read
via "Dark Reading".
Darkreading
How to Blunt the Virulence of the New Ransomware
Halcyon's Jon Miller joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss how to mitigate ransomware.
βΌ CVE-2022-30611 βΌ
π Read
via "National Vulnerability Database".
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using some fields of the form in the portal UI to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 227364.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31402 βΌ
π Read
via "National Vulnerability Database".
ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22479 βΌ
π Read
via "National Vulnerability Database".
IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 225887.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31769 βΌ
π Read
via "National Vulnerability Database".
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 could allow a remote attacker to view product configuration information stored in PostgreSQL, which could be used in further attacks against the system. IBM X-Force ID: 228219.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30610 βΌ
π Read
via "National Vulnerability Database".
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once clicked, that malicious URL could then rewrite the original page with a phishing page. IBM X-Force ID: 227363.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29948 βΌ
π Read
via "National Vulnerability Database".
Due to an insecure design, the Lepin EP-KP001 flash drive through KP001_V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode (6 to 14 digits) via the keypad and pressing the Unlock button. This authentication is performed by an unknown microcontroller. By replacing this microcontroller on a target device with one from an attacker-controlled Lepin EP-KP001 whose passcode is known, it is possible to successfully unlock the target device and read the stored data in cleartext.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22426 βΌ
π Read
via "National Vulnerability Database".
IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718.π Read
via "National Vulnerability Database".
π΄ EU Debates AI Act to Protect Human Rights, Define High-Risk Uses π΄
π Read
via "Dark Reading".
The commission argues that legislative action is needed to ensure a well-functioning market for AI systems that balances benefits and risks.π Read
via "Dark Reading".
Dark Reading
EU Debates AI Act to Protect Human Rights, Define High-Risk Uses
The commission argues that legislative action is needed to ensure a well-functioning market for AI systems that balances benefits and risks.
π΄ CrowdStrike Adds Strategic Partners to CrowdXDR Alliance and Expands Falcon XDR Capabilities π΄
π Read
via "Dark Reading".
New CrowdXDR Alliance partners include Menlo Security, Ping Identity, and Vectra AI.π Read
via "Dark Reading".
Dark Reading
CrowdStrike Adds Strategic Partners to CrowdXDR Alliance and Expands Falcon XDR Capabilities
New CrowdXDR Alliance partners include Menlo Security, Ping Identity, and Vectra AI.
π΄ CrowdStrike Introduces Humio for Falcon, Redefining Threat Hunting with Unparalleled Scale and Speed π΄
π Read
via "Dark Reading".
Humio for Falcon provides long-term, cost-effective data retention with powerful index-free search and analysis of enriched security telemetry across enterprise environmentsπ Read
via "Dark Reading".
Dark Reading
CrowdStrike Introduces Humio for Falcon, Redefining Threat Hunting with Unparalleled Scale and Speed
Humio for Falcon provides long-term, cost-effective data retention with powerful index-free search and analysis of enriched security telemetry across enterprise environments