π΄ How Fraudulent Domains 'Hide in Plain Sight' π΄
π Read
via "Dark Reading: ".
Cybercriminals use new types of top-level domains, topical keywords, and targeted emails to trick victims into clicking malicious links.π Read
via "Dark Reading: ".
Darkreading
How Fraudulent Domains 'Hide in Plain Sight'
Cybercriminals use new types of top-level domains, topical keywords, and targeted emails to trick victims into clicking malicious links.
β Phishing attack lures victims with encrypted message alert β
π Read
via "Naked Security".
Why are phishing emails so enduringly popular with the bad guys? A new approach may suggest that curiosity is at play.π Read
via "Naked Security".
Naked Security
Phishing attack lures victims with encrypted message alert
Why are phishing emails so enduringly popular with the bad guys? A new approach may suggest that curiosity is at play.
β The US is reportedly seeding Russiaβs power grid with malware β
π Read
via "Naked Security".
The US is alleged to have been quietly planting malware throughout Russia's energy networks in response to years of Russian attacks on its own power grid.π Read
via "Naked Security".
Naked Security
The US is reportedly seeding Russiaβs power grid with malware
The US is alleged to have been quietly planting malware throughout Russiaβs energy networks in response to years of Russian attacks on its own power grid.
β Bella Thorne steals hackerβs thunder, publishes nude photos herself β
π Read
via "Naked Security".
Sheesh! At this rate, extortionists are going to have to seek alternate employment.π Read
via "Naked Security".
Naked Security
Bella Thorne steals hackerβs thunder, publishes nude photos herself
Sheesh! At this rate, extortionists are going to have to seek alternate employment.
β 90% off Ray-Bans? Itβs a 100% Instagram SCAM! β
π Read
via "Naked Security".
The ads look like they're been shared by friends, but they're really pod people who've hijacked accounts.π Read
via "Naked Security".
Naked Security
90% off Ray-Bans? Itβs a 100% Instagram SCAM!
The ads look like theyβre been shared by friends, but theyβre really pod people whoβve hijacked accounts.
π How organizations can better defend against DNS attacks π
π Read
via "Security on TechRepublic".
DNS has become a primary target for cyberattacks, causing downtime and financial loss for many businesses, according to a new report from EfficientIP.π Read
via "Security on TechRepublic".
TechRepublic
How organizations can better defend against DNS attacks
DNS has become a primary target for cyberattacks, causing downtime and financial loss for many businesses, according to a new report from EfficientIP.
β Working BlueKeep Exploit Developed by DHS β
π Read
via "Threatpost".
The Department of Homeland Security urged system administrators to update their Windows machines after testing a working BlueKeep exploit for Windows 2000.π Read
via "Threatpost".
Threat Post
Working BlueKeep Exploit Developed by DHS
The Department of Homeland Security urged system administrators to update their Windows machines after testing a working BlueKeep exploit for Windows 2000.
π΄ Can Your Patching Strategy Keep Up with the Demands of Open Source? π΄
π Read
via "Dark Reading: ".
It's time to reassess your open source management policies and processes.π Read
via "Dark Reading: ".
Dark Reading
Can Your Patching Strategy Keep Up with the Demands of Open Source?
It's time to reassess your open source management policies and processes.
β Microsoft Management Console Bugs Allow Windows Takeover β
π Read
via "Threatpost".
Multiple cross-site scripting (XSS) bugs and an XML external entity (XXE) problem opens the door to takeover of admin desktops.π Read
via "Threatpost".
Threat Post
Microsoft Management Console Bugs Allow Windows Takeover
Multiple cross-site scripting (XSS) bugs and an XML external entity (XXE) problem opens the door to takeover of admin desktops.
π Security breaches: 4 business impacts π
π Read
via "Security on TechRepublic".
The average cost of a cyberattack is approximately $4.6 million, according to a Radware report.π Read
via "Security on TechRepublic".
TechRepublic
Security breaches: 4 business impacts
The average cost of a cyberattack is approximately $4.6 million, according to a Radware report.
π How small businesses can deal with getting regulated π
π Read
via "Security on TechRepublic".
Even SMBs have to deal with big regulations thanks to GDPR and more. One startup has an answer for how to manage compliance and security.π Read
via "Security on TechRepublic".
TechRepublic
How small businesses can deal with getting regulated
Even SMBs have to deal with big regulations thanks to GDPR and more. One startup has an answer for how to manage compliance and security.
π How HackerOne open sources security--one hacker at a time π
π Read
via "Security on TechRepublic".
MΓ₯rten Mickos says hacker-powered security is where open source was 15 years ago, but it's moving much faster than open source did.π Read
via "Security on TechRepublic".
TechRepublic
How HackerOne open sources security--one hacker at a time
MΓ₯rten Mickos says hacker-powered security is where open source was 15 years ago, but it's moving much faster than open source did.
π΄ Google Targets Deceptive Sites with New Chrome Tools π΄
π Read
via "Dark Reading: ".
A new extension and browser alert aim to help users report deceptive sites and prevent them from encountering fraud.π Read
via "Dark Reading: ".
Darkreading
Google Targets Deceptive Sites with New Chrome Tools
A new extension and browser alert aim to help users report deceptive sites and prevent them from encountering fraud.
π΄ The Evolution of Identity π΄
π Read
via "Dark Reading: ".
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.π Read
via "Dark Reading: ".
Dark Reading
The Evolution of Identity
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.
π΄ Advertising Alliance Plans Protocols to Reduce Dangerous Content π΄
π Read
via "Dark Reading: ".
The Global Alliance for Responsible Media will seek ways to clamp down on dangerous and fake content.π Read
via "Dark Reading: ".
Dark Reading
Advertising Alliance Plans Protocols to Reduce Dangerous Content
The Global Alliance for Responsible Media will seek ways to clamp down on dangerous and fake content.
β Linux Kernel Bug Knocks PCs, IoT Gadgets and More Offline β
π Read
via "Threatpost".
Four vulnerabilities could "SACK" connected devices with denial-of-service exploits.π Read
via "Threatpost".
Threat Post
Linux Kernel Bug Knocks PCs, IoT Gadgets and More Offline
Four vulnerabilities could "SACK" connected devices with denial-of-service exploits.
π New Guide Addresses Software Security in SDLC Models π
π Read
via "Subscriber Blog RSS Feed ".
A new white paper, published by NIST, recommends a core set of high life secure sotware development practices that can be added to SDLC implementation.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
New Guide Addresses Software Security in SDLC Models
A new white paper, published by NIST, recommends a core set of high level secure software development practices that can be added to SDLC implementation.
β Consumers Urged to Junk Insecure IoT Devices β
π Read
via "Threatpost".
A security researcher who disclosed flaws impacting 2 million IoT devices in April - and has yet to see a patch or even hear back from the manufacturers contacted - is sounding off on the dire state of IoT security.π Read
via "Threatpost".
Threat Post
Consumers Urged to Junk Insecure IoT Devices
A security researcher who disclosed flaws impacting 2 million IoT devices in April - and has yet to see a patch or even hear back from the manufacturers contacted - is sounding off on the dire state of IoT security.
ATENTIONβΌ New - CVE-2017-8336
π Read
via "National Vulnerability Database".
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way that would result in overflowing the stack set up and allow an attacker to control the $ra register stored on the stack. If the firmware version AL-R096 is dissected using binwalk tool, we obtain a cpio-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "goahead" is the one that has the vulnerable function that recieves the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows a MIPS little endian format. The function sub_00420F38 in IDA pro is identified to be receiving the values sent in the POST request. The POST parameter "gateway" allows to overflow the stack and control the $ra register after 1546 characters. The value from this post parameter is then copied on the stack at address 0x00421348 as shown below. This allows an attacker to provide the payload of his/her choice and finally take control of the device.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8335
π Read
via "National Vulnerability Database".
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM (Non-volatile RAM). It seems that the POST parameters passed in this request to set up names on the device do not have a string length check on them. This allows an attacker to send a large payload in the "mssid_1" POST parameter. The device also allows a user to view the name of the Wifi Network set by the user. While processing this request, the device calls a function named "getCfgToHTML" at address 0x004268A8 which retrieves the value set earlier by "mssid_1" parameter as SSID2 and this value then results in overflowing the stack set up for this function and allows an attacker to control $ra register value on the stack which allows an attacker to control the device by executing a payload of an attacker's choice. If the firmware version AL-R096 is dissected using binwalk tool, we obtain a cpio-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "goahead" is the one that has the vulnerable function that recieves the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows a MIPS little endian format. The function sub_00420F38 in IDA pro is identified to be receiving the values sent in the POST parameter "mssid_1" at address 0x0042BA00 and then sets in the NVRAM at address 0x0042C314. The value is later retrieved in the function "getCfgToHTML" at address 0x00426924 and this results in overflowing the buffer due to "strcat" function that is utilized by this function.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-6711
π Read
via "National Vulnerability Database".
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().π Read
via "National Vulnerability Database".