π’ Escape the ransomware maze π’
π Read
via "ITPro".
Conventional endpoint protection tools just arenβt the best defence anymoreπ Read
via "ITPro".
IT PRO
Escape the ransomware maze
Conventional endpoint protection tools just arenβt the best defence anymore
βΌ CVE-2022-34960 βΌ
π Read
via "National Vulnerability Database".
The container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points pointing to symbolic links, which resolve to locations on the host device. This allows the attacker to mount any arbitrary file to any location on the host.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32427 βΌ
π Read
via "National Vulnerability Database".
PrinterLogic Windows Client through 25.0.0.676 allows attackers to execute directory traversal. Authenticated users with prior knowledge of the driver filename could exploit this to escalate privileges or distribute malicious content.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2957 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation of the argument mem_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207001 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
π΄ New Exterro FTK Update Accelerates Mobile Digital Forensics π΄
π Read
via "Dark Reading".
The FTK 7.6 portfolio promises better integration with other security and network resources, as well as unified analysis of mobile and computer evidence.π Read
via "Dark Reading".
Dark Reading
New Exterro FTK Update Accelerates Mobile Digital Forensics
The FTK 7.6 portfolio promises better integration with other security and network resources, as well as unified analysis of mobile and computer evidence.
π΄ Thousands of Organizations Remain at Risk From Critical Zero-Click IP Camera Bug π΄
π Read
via "Dark Reading".
The US Cybersecurity and Infrastructure Security Agency had wanted federal agencies to implement the fix for the RCE flaw in Hikvision cameras by Jan. 24, 2022.π Read
via "Dark Reading".
Dark Reading
Thousands of Organizations Remain at Risk From Critical Zero-Click IP Camera Bug
The US Cybersecurity and Infrastructure Security Agency had wanted federal agencies to implement the fix for the RCE flaw in Hikvision cameras by Jan. 24, 2022.
ποΈ Ethereum Foundation offers $1m bug bounty payouts with proof-of-stake migration multiplier ποΈ
π Read
via "The Daily Swig".
Eco-friendly upgrade sends bounties soaring as computational demands plummetπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Ethereum Foundation offers $1m bug bounty payouts with proof-of-stake migration multiplier
Eco-friendly upgrade sends bounties soaring as computational demands plummet
π΄ Optiv's Annual $40K Scholarship for Black, African-American-Identifying STEM Students Now Open for Applicants π΄
π Read
via "Dark Reading".
Optiv's Black Employee Network offers the scholarship, paid out over 4 years, for students seeking a career in the cybersecurity/information security industry.π Read
via "Dark Reading".
Dark Reading
Optiv's Annual $40K Scholarship for Black, African-American-Identifying STEM Students Now Open for Applicants
Optiv's Black Employee Network offers the scholarship, paid out over 4 years, for students seeking a career in the cybersecurity/information security industry.
π΄ Penetration Testing Market Worth $2.7B By 2027: MarketsandMarkets(TM) Report π΄
π Read
via "Dark Reading".
Increase driven by increasingly sophisticated cyberattacks as well as increase in mobile-based business-critical applications, according to report.π Read
via "Dark Reading".
Dark Reading
Penetration Testing Market Worth $2.7B By 2027: MarketsandMarkets(TM) Report
Increase driven by increasingly sophisticated cyberattacks as well as increase in mobile-based business-critical applications, according to report.
π΄ What You Need to Know About the Psychology Behind Cyber Resilience π΄
π Read
via "Dark Reading".
Understanding how and why people respond to cyber threats is key to building cyber workforce resilience.π Read
via "Dark Reading".
Dark Reading
What You Need to Know About the Psychology Behind Cyber Resilience
Understanding how and why people respond to cyber threats is key to building cyber-workforce resilience.
β Breaching airgap security: using your phoneβs compass as a microphone! β
π Read
via "Naked Security".
One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to break your security assumptions...π Read
via "Naked Security".
Naked Security
Breaching airgap security: using your phoneβs gyroscope as a microphone
One bit per second makes the Voyager probe data rate seem blindingly fast. But itβs enough to break your security assumptionsβ¦
π΄ Cyberstarts Closes $60M in Seed Fund III π΄
π Read
via "Dark Reading".
Venture firm hires former Splunk CEO to spearhead new GTM advisory board and help portfolio companies scale up.π Read
via "Dark Reading".
Dark Reading
Cyberstarts Closes $60M in Seed Fund III
Venture firm hires former Splunk CEO to spearhead new GTM advisory board and help portfolio companies scale up.
π΄ The (Nation) State of Cyber: 64% of Businesses Suspect They've Been Targeted or Impacted by Nation-State Attacks π΄
π Read
via "Dark Reading".
According to new Venafi research, two-thirds of organizations have changed cyber strategy in response to war in Ukraine.π Read
via "Dark Reading".
Dark Reading
The (Nation) State of Cyber: 64% of Businesses Suspect They've Been Targeted or Impacted by Nation-State Attacks
According to new Venafi research, two-thirds of organizations have changed cyber strategy in response to war in Ukraine.
π΄ Wyden Renews Call to Encrypt Twitter DMs, Secure Americans' Data From Unfriendly Foreign Governments π΄
π Read
via "Dark Reading".
Following whistleblower complaint, Oregon senator renews commitment to passing bipartisan legislation to address the national security risks.π Read
via "Dark Reading".
Dark Reading
Wyden Renews Call to Encrypt Twitter DMs, Secure Americans' Data From Unfriendly Foreign Governments
Following whistleblower complaint, Oregon senator renews commitment to passing bipartisan legislation to address the national security risks.
π How to Form a Data Recovery Plan: Your Five Step Guide π
π Read
via "".
Creating a detailed disaster recovery plan (DRP) can be a daunting and complicated task. Begin forming your plan by including the following five essential steps.
π Read
via "".
Digital Guardian
How to Form a Data Recovery Plan: Your Five Step Guide
Creating a detailed disaster recovery plan (DRP) can be a daunting and complicated task. Begin forming your plan by including the following five essential steps.
π GNU Privacy Guard 2.2.37 π
π Read
via "Packet Storm Security".
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.π Read
via "Packet Storm Security".
Packetstormsecurity
GNU Privacy Guard 2.2.37 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text] β
π Read
via "Naked Security".
Latest episode - listen now! (Or read the transcript if you prefer the text version.)π Read
via "Naked Security".
Naked Security
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
Latest episode β listen now! (Or read the transcript if you prefer the text version.)
π΄ More Bang for the Buck: Cross-Platform Ransomware Is the Next Problem π΄
π Read
via "Dark Reading".
As cryptocurrency valuations make strikes less lucrative, ransomware gangs like the new RedAlert and Monster groups are modifying their tools to attack across platforms.π Read
via "Dark Reading".
Dark Reading
More Bang for the Buck: Cross-Platform Ransomware Is the Next Problem
As cryptocurrency valuations make strikes less lucrative, ransomware gangs like the new RedAlert and Monster groups are modifying their tools to attack across platforms.
βΌ CVE-2022-36471 βΌ
π Read
via "National Vulnerability Database".
H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMacAccessMode.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36465 βΌ
π Read
via "National Vulnerability Database".
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36464 βΌ
π Read
via "National Vulnerability Database".
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.π Read
via "National Vulnerability Database".