π΄ Sensory Overload: Filtering Out Cybersecurity's Noise π΄
π Read
via "Dark Reading: ".
No organization can prioritize and mitigate hundreds of risks effectively. The secret lies in carefully filtering out the risks, policies, and processes that waste precious time and resources.π Read
via "Dark Reading: ".
Dark Reading
Sensory Overload: Filtering Out Cybersecurity's Noise
No organization can prioritize and mitigate hundreds of risks effectively. The secret lies in carefully filtering out the risks, policies, and processes that waste precious time and resources.
π Friday Five: 6/14 Edition π
π Read
via "Subscriber Blog RSS Feed ".
A food bank hit by ransomware, advice on cybersecurity training, and a university data breach - catch up on the week's news with this recap!π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 6/14 Edition
A food bank hit by ransomware, advice on cybersecurity training, and a university data breach - catch up on the week's news with this recap!
β Amazon Alexa Secretly Records Children, Lawsuits Allege β
π Read
via "Threatpost".
Two lawsuits are seeking class-action status, alleging that Amazon records children and stores their voiceprints indefinitely.π Read
via "Threatpost".
Threat Post
Amazon Alexa Secretly Records Children, Lawsuits Allege
Two lawsuits are seeking class-action status, alleging that Amazon records children and stores their voiceprints indefinitely.
β TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies β
π Read
via "Threatpost".
XENOTIME, a destructive APT linked to Russia, has broadened its target set beyond Middle East oil and gas.π Read
via "Threatpost".
Threat Post
TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies
XENOTIME, a destructive APT linked to Russia, has broadened its target set beyond Middle East oil and gas.
π΄ Better Cybersecurity Research Requires More Data Sharing π΄
π Read
via "Dark Reading: ".
Researchers at the Workshop on the Economics of Information Security highlight the cost savings of sharing cybersecurity data and push for greater access to information on breaches, attacks, and incidents.π Read
via "Dark Reading: ".
Dark Reading
Better Cybersecurity Research Requires More Data Sharing
Researchers at the Workshop on the Economics of Information Security highlight the cost savings of sharing cybersecurity data and push for greater access to information on breaches, attacks, and incidents.
β News Wrap: Amazon Privacy and Telegram DDoS Attack β
π Read
via "Threatpost".
Threatpost editors Tara Seals and Lindsey O'Donnell discuss a recent lawsuit against Amazon for its privacy policies, a Telegram DDoS attack and more.π Read
via "Threatpost".
Threat Post
News Wrap: Amazon Privacy and Telegram DDoS Attack
Threatpost editors Tara Seals and Lindsey O'Donnell discuss a recent lawsuit against Amazon for its privacy policies, a Telegram DDoS attack and more.
ATENTIONβΌ New - CVE-2017-8252
π Read
via "National Vulnerability Database".
Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150, Snapdragon_High_Med_2016, SXR1130π Read
via "National Vulnerability Database".
β ThreatList: Ransomware Trojans Picking Up Steam in 2019 β
π Read
via "Threatpost".
Attackers continue to push the boundaries with modular trojans and ransomware attacks, a new report found.π Read
via "Threatpost".
Threat Post
ThreatList: Ransomware Trojans Picking Up Steam in 2019
Attackers continue to push the boundaries with modular trojans and ransomware attacks, a new report found.
π΄ Common Hacker Tool Hit with Hackable Vulnerability π΄
π Read
via "Dark Reading: ".
A researcher has found a significant exploit in one of the most frequently used text editors.π Read
via "Dark Reading: ".
Dark Reading
Common Hacker Tool Hit with Hackable Vulnerability
A researcher has found a significant exploit in one of the most frequently used text editors.
β Ransomware: A Persistent Scourge Requiring Corporate Action Now β
π Read
via "Threatpost".
ASCO is the latest headline-making organization to be hit by ransomware, prompting many companies to consider what to do to minimize their risk.π Read
via "Threatpost".
Threat Post
Ransomware: A Persistent Scourge Requiring Corporate Action Now
ASCO is the latest headline-making organization to be hit by ransomware, prompting many companies to consider what to do to minimize their risk.
π΄ 10 Notable Security Acquisitions of 2019 (So Far) π΄
π Read
via "Dark Reading: ".
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.π Read
via "Dark Reading: ".
Dark Reading
10 Notable Security Acquisitions of 2019 (So Far)
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
ATENTIONβΌ New - CVE-2013-7472
π Read
via "National Vulnerability Database".
The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.π Read
via "National Vulnerability Database".
β Monday review β the hot 21 stories of the week β
π Read
via "Naked Security".
From the GoldBrute botnet to Microsoft's battle with irresponsibly disclosed bugs - and everything in between. It's your weekly roundup.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Widely used medical infusion pump can be remotely hijacked β
π Read
via "Naked Security".
These vulnerable infusion pumps can be remotely hacked to alter the delivery of IV fluids and medications such as painkillers or insulin.π Read
via "Naked Security".
Naked Security
Widely used medical infusion pump can be remotely hijacked
These vulnerable infusion pumps can be remotely hacked to alter the delivery of IV fluids and medications such as painkillers or insulin.
β Iβd like to add you to my professional network of people to spy on β
π Read
via "Naked Security".
A deepfake was reportedly spotted in the wild: LinkedIn's well-connected, young, attractive Eurasia/Russia expert "Katie Jones."π Read
via "Naked Security".
Naked Security
Iβd like to add you to my professional network of people to spy on
A deepfake was reportedly spotted in the wild: LinkedInβs well-connected, young, attractive Eurasia/Russia expert βKatie Jones.β
β Privacy foul for soccer league app that eavesdropped on users β
π Read
via "Naked Security".
The LaLiga app used phones' GPS and microphones to sniff out bars that were broadcasting soccer matches illegally.π Read
via "Naked Security".
Naked Security
Privacy foul for soccer league app that eavesdropped on users
The LaLiga app used phonesβ GPS and microphones to sniff out bars that were broadcasting soccer matches illegally.
β Yubico recalls FIPS Yubikey tokens after flaw found β
π Read
via "Naked Security".
Security token maker Yubico has issued an important advisory affecting high-end versions of its YubiKey authentication key.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Find Your Next Favorite Cybersecurity Tool at the Black Hat USA Arsenal π΄
π Read
via "Dark Reading: ".
Learn new enterprise-grade techniques for identifying vulnerabilities, improving Active Directory security, and building trust with customers at Black Hat USA this summer.π Read
via "Dark Reading: ".
Dark Reading
Find Your Next Favorite Cybersecurity Tool at the Black Hat USA Arsenal
Learn new enterprise-grade techniques for identifying vulnerabilities, improving Active Directory security, and building trust with customers at Black Hat USA this summer.
π΄ The Life-Changing Magic of Tidying Up the Cloud π΄
π Read
via "Dark Reading: ".
Most companies' cloud security operations would benefit significantly from clean-up, alignment, and organization.π Read
via "Dark Reading: ".
Dark Reading
The Life-Changing Magic of Tidying Up the Cloud
Most companies' cloud security operations would benefit significantly from clean-up, alignment, and organization.
π΄ Utilities, Nations Need Better Plan Against Critical Infrastructure Attackers π΄
π Read
via "Dark Reading: ".
The attackers behind the Triton, or Xenotime, intrusions into critical infrastructure (CI) safety systems are testing their skills against electric power companies. Options for defense are still limited, however.π Read
via "Dark Reading: ".
Darkreading
Utilities, Nations Need Better Plan Against Critical Infrastructure Attackers
The attackers behind the Triton, or Xenotime, intrusions into critical infrastructure (CI) safety systems are testing their skills against electric power companies. Options for defense are still limited, however.
ATENTIONβΌ New - CVE-2009-5157 (wag54g2_firmware)
π Read
via "National Vulnerability Database".
On Linksys WAG54G2 1.00.10 devices, there is authenticated command injection via shell metacharacters in the setup.cgi c4_ping_ipaddr variable.π Read
via "National Vulnerability Database".