ATENTIONβΌ New - CVE-2018-10171
π Read
via "National Vulnerability Database".
Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper` component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shell scripts as the root user.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-2028
π Read
via "National Vulnerability Database".
IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with a phishing site which could allow the attacker to obtain highly sensitive information. IBM X-Force ID: 155554.π Read
via "National Vulnerability Database".
β Gang charged with $19 million iPhone scam β
π Read
via "Naked Security".
It was a well-oiled business, with Top Dogs fencing devices, forgers cooking up fake IDs with stolen PII, and runners ripping off phones.π Read
via "Naked Security".
Naked Security
Gang charged with $19 million iPhone scam
It was a well-oiled business, with Top Dogs fencing devices, forgers cooking up fake IDs with stolen PII, and runners ripping off phones.
β YouTube bans kidsβ live-streaming without an adult present β
π Read
via "Naked Security".
In another step to scrape pedophiles off the bottom of its shoe YouTube is banning youngsters from live-streaming without adult supervision.π Read
via "Naked Security".
Naked Security
YouTube bans kidsβ live-streaming without an adult present
In another step to scrape pedophiles off the bottom of its shoe YouTube is banning youngsters from live-streaming without adult supervision.
β Microsoft dismisses new Windows RDP βbugβ as a feature β
π Read
via "Naked Security".
Researchers have found an unexpected behavior in a Windows feature designed to protect remote sessions.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Firefox aims at Google with Enhanced Tracking Prevention β
π Read
via "Naked Security".
The latest version of Firefox, 67.0.1, features a fully-fledged version of Mozillaβs Enhanced Tracking Protection (ETP) privacy system.π Read
via "Naked Security".
Naked Security
Firefox aims at Google with Enhanced Tracking Prevention
The latest version of Firefox, 67.0.1, features a fully-fledged version of Mozillaβs Enhanced Tracking Protection (ETP) privacy system.
π How to protect your organization against modular malware π
π Read
via "Security on TechRepublic".
Modular malware attacks have surged since the start of 2019, according to Barracuda Networks.π Read
via "Security on TechRepublic".
TechRepublic
How to protect your organization against modular malware
Modular malware attacks have surged since the start of 2019, according to Barracuda Networks.
β IoT Security Regulation is on the Horizon β
π Read
via "Threatpost".
Ken Munro of Pen Test Partners hopes to see regulation for connected-device security in 2020.π Read
via "Threatpost".
Threat Post
IoT Security Regulation is on the Horizon
Experts hope to see regulation for connected devices security in 2020.
π Pitfalls to Data Discovery and Classification π
π Read
via "Subscriber Blog RSS Feed ".
20 Data Scientists & Security Pros Reveal the Most Common Pitfalls to Data Discovery and Classificationπ Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Pitfalls to Data Discovery and Classification
π΄ 2019 State of DevOps π΄
π Read
via "Dark Reading: ".
DevOps is needed in today's business environment, where improved application security is essential and users demand more applications, services, and features - fast. We sought to see where DevOps adoption and deployment stand, this report summarizes our survey findings. Find out what the survey revealed today.π Read
via "Dark Reading: ".
π 5 security problems that annoy CIOs and CISOs the most π
π Read
via "Security on TechRepublic".
CIOs and CISOs continue battling with security issues in the enterprise, but improving staff tech skills isn't the only solution, according to Exabeam.π Read
via "Security on TechRepublic".
TechRepublic
5 security problems that annoy CIOs and CISOs the most
CIOs and CISOs continue battling with security issues in the enterprise, but improving staff tech skills isn't the only solution, according to Exabeam.
β Streaming Video Fans Open to TV Hijacking β
π Read
via "Threatpost".
Critical bugs impact a widely deployed streaming platform, common in the U.S. and elsewhere.π Read
via "Threatpost".
Threat Post
Streaming Video Fans Open to TV Hijacking
Critical bugs impact a widely deployed streaming platform, common in the U.S. and elsewhere.
π΄ When Security Goes Off the Rails π΄
π Read
via "Dark Reading: ".
Cyber can learn a lot from the highly regulated world of rail travel. The most important lesson: the value of impartial analysis.π Read
via "Dark Reading: ".
Darkreading
When Security Goes Off the Rails
Cyber can learn a lot from the highly regulated world of rail travel. The most important lesson: the value of impartial analysis.
π Hackers take aim at Fortune 500 companies on the Dark Web π
π Read
via "Security on TechRepublic".
Dark Web listings with the potential to harm the enterprise are up 20% since 2016, according to Bromium.π Read
via "Security on TechRepublic".
TechRepublic
Hackers take aim at Fortune 500 companies on the Dark Web
Dark Web listings with the potential to harm the enterprise are up 20% since 2016, according to Bromium.
π Windows 10 passwords won't expire: Why Microsoft says this will make your account safer π
π Read
via "Security on TechRepublic".
Changing passwords frequently is not only a pain, but also unsafe, according to Microsoft. Here's why the company's decision to remove password expirations is a good one.π Read
via "Security on TechRepublic".
π΄ Inside the Criminal Businesses Built to Target Enterprises π΄
π Read
via "Dark Reading: ".
Researchers witness an increase in buying and selling targeted hacking services, custom malware, and corporate network access on the Dark Web.π Read
via "Dark Reading: ".
Darkreading
Inside the Criminal Businesses Built to Target Enterprises
Researchers witness an increase in buying and selling targeted hacking services, custom malware, and corporate network access on the Dark Web.
β High-Severity Bug in Cisco Industrial Enterprise Tool Allows RCE β
π Read
via "Threatpost".
Bug allows for a remote attacker to execute arbitrary code on industrial, enterprise tools.π Read
via "Threatpost".
Threat Post
High-Severity Bug in Cisco Industrial Enterprise Tool Allows RCE
Bug allows for a remote attacker to execute arbitrary code on industrial, enterprise tools.
π΄ Cyber Talent Gap? Don't Think Like Tinder! π΄
π Read
via "Dark Reading: ".
If your company truly is a great place to work, make sure your help-wanted ads steer clear of these common job-listing cliches.π Read
via "Dark Reading: ".
Dark Reading
Cyber Talent Gap? Don't Think Like Tinder!
If your company truly is a great place to work, make sure your help-wanted ads steer clear of these common job-listing cliches.
π΄ 6 Security Scams Set to Sweep This Summer π΄
π Read
via "Dark Reading: ".
Experts share the cybersecurity threats to watch for and advice to stay protected.π Read
via "Dark Reading: ".
Darkreading
6 Security Scams Set to Sweep This Summer
Experts share the cybersecurity threats to watch for and advice to stay protected.
β AMCA Healthcare Hack Widens Again, Reaching 20.1M Victims β
π Read
via "Threatpost".
OPKO subsidiary BioReference joins Quest and LabCorp in the supply-chain incident.π Read
via "Threatpost".
Threat Post
AMCA Healthcare Hack Widens Again, Reaching 20.1M Victims
OPKO subsidiary BioReference joins Quest and LabCorp in the supply-chain incident.
ATENTIONβΌ New - CVE-2018-9839
π Read
via "National Vulnerability Database".
An issue was discovered in MantisBT through 1.3.14, and 2.0.0. Using a crafted request on bug_report_page.php (modifying the 'm_id' parameter), any user with REPORTER access or above is able to view any private issue's details (summary, description, steps to reproduce, additional information) when cloning it. By checking the 'Copy issue notes' and 'Copy attachments' checkboxes and completing the clone operation, this data also becomes public (except private notes).π Read
via "National Vulnerability Database".