β Tor Browser for Android 8.5 offers mobile users privacy boost β
π Read
via "Naked Security".
After nine months of alpha testing, a stable release of the Tor browser for Android can now be downloaded from Googleβs Play store or direct from the Projectβs website.π Read
via "Naked Security".
Naked Security
Tor Browser for Android 8.5 offers mobile users privacy boost
After nine months of alpha testing, a stable release of the Tor browser for Android can now be downloaded from Googleβs Play store or direct from the Projectβs website.
β Google stored some passwords in plain text for 14 years β
π Read
via "Naked Security".
Nobody got at the subset of G Suite passwords, Google said, apologizing and saying that it's working to ensure this is an isolated incident.π Read
via "Naked Security".
Naked Security
Google stored some passwords in plaintext for 14 years
Nobody got at the subset of G Suite passwords, Google said, apologizing and saying that itβs working to ensure this is an isolated incident.
β Soaring Cryptocurrency Prices Draw Malicious New Onslaught of Apps, Malware β
π Read
via "Threatpost".
As Bitcoin prices surge, so too are malicious apps, malware-ridden scams and cryptojacking attacks looking to profit from the cryptocurrency industry.π Read
via "Threatpost".
Threat Post
Soaring Cryptocurrency Prices Draw Malicious New Onslaught of Apps, Malware
As Bitcoin prices surge, so too are malicious apps, malware-ridden scams and cryptojacking attacks looking to profit from the cryptocurrency industry.
π΄ Incident Response: 3 Easy Traps & How to Avoid Them π΄
π Read
via "Dark Reading: ".
Sage legal advice about navigating a data breach from a troubleshooting cybersecurity outside counsel.π Read
via "Dark Reading: ".
Darkreading
Incident Response: 3 Easy Traps & How to Avoid Them
Sage legal advice about navigating a data breach from a troubleshooting cybersecurity outside counsel.
β SandboxEscaper Drops Three More Windows Exploits, IE Zero-Day β
π Read
via "Threatpost".
As promised, developer SandboxEscaper has dropped exploit code for four more bugs, on the heels of releasing a Windows zero-day yesterday.π Read
via "Threatpost".
Threat Post
SandboxEscaper Drops Three More Windows Exploits, IE Zero-Day
As promised, developer SandboxEscaper has dropped exploit code for four more bugs, on the heels of releasing a Windows zero day yesterday.
ATENTIONβΌ New - CVE-2018-15664
π Read
via "National Vulnerability Database".
In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-5213
π Read
via "National Vulnerability Database".
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-5212
π Read
via "National Vulnerability Database".
Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-5211
π Read
via "National Vulnerability Database".
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-5210
π Read
via "National Vulnerability Database".
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-17061
π Read
via "National Vulnerability Database".
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-17060
π Read
via "National Vulnerability Database".
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-15652
π Read
via "National Vulnerability Database".
Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga (imagemagick used that). The attack vector is: Someone must open a postscript file though ghostscript. Because of imagemagick also use libga, so it was affected as well.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-15030
π Read
via "National Vulnerability Database".
Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-15029
π Read
via "National Vulnerability Database".
Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF.π Read
via "National Vulnerability Database".
π΄ Russian Nation-State Hacking Unit's Tools Get More Fancy π΄
π Read
via "Dark Reading: ".
APT28/Fancy Bear has expanded its repertoire to more than 30 commands for infecting systems, executing code, and reconnaissance, researchers have found.π Read
via "Dark Reading: ".
Darkreading
Russian Nation-State Hacking Unit's Tools Get More Fancy
APT28/Fancy Bear has expanded its repertoire to more than 30 commands for infecting systems, executing code, and reconnaissance, researchers have found.
π΄ Microsoft Opens Defender ATP for Mac to Public Preview π΄
π Read
via "Dark Reading: ".
Users of the security platform who have preview features enabled can access Defender ATP for Mac via the Security Center onboarding section.π Read
via "Dark Reading: ".
Dark Reading
Endpoint Security recent news | Dark Reading
Explore the latest news and expert commentary on Endpoint Security, brought to you by the editors of Dark Reading
π GDPR fines levied so far: The lessons businesses can learn π
π Read
via "Security on TechRepublic".
After one year of enforcement of the GDPR, businesses can learn much from how the provisions of the regulation have been applied and how organizations have been fined.π Read
via "Security on TechRepublic".
TechRepublic
GDPR fines levied so far: The lessons businesses can learn
After one year of enforcement of the GDPR, businesses can learn much from how the provisions of the regulation have been applied and how organizations have been fined.
π NYDFS Tasks New Cybersecurity Division to Enforce Cybersecurity Regulation π
π Read
via "Subscriber Blog RSS Feed ".
With a new cybersecurity team dedicated to enforcing the departmentβs regulations under its wing, the New York Department of Financial Services (NYDFS) will grow even more vigilant of violations.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
NYDFS Tasks New Cybersecurity Division to Enforce Cybersecurity Regulation
With a new cybersecurity team dedicated to enforcing the departmentβs regulations under its wing, the New York Department of Financial Services (NYDFS) will grow even more vigilant of violations.
ATENTIONβΌ New - CVE-2017-13668
π Read
via "National Vulnerability Database".
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-11740
π Read
via "National Vulnerability Database".
In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malicious script that can be executed on the remote system.π Read
via "National Vulnerability Database".