ATENTIONβΌ New - CVE-2017-1107
π Read
via "National Vulnerability Database".
IBM Marketing Platform 9.1.0, 9.1.2, 10.0, and 10.1 exposes sensitive information in the headers that could be used by an authenticated attacker in further attacks against the system. IBM X-Force ID: 120906.π Read
via "National Vulnerability Database".
π΄ Serverless Computing from the Inside Out π΄
π Read
via "Dark Reading: ".
The biggest 'serverless' risks don't stem from the technonology itself. They occur when organizations respond to the adoption from the outside in.π Read
via "Dark Reading: ".
Darkreading
Serverless Computing from the Inside Out
The biggest 'serverless' risks don't stem from the technology itself. They occur when organizations <i>respond</i> to the adoption from the outside in.
π΄ Verizon Media, Uber, PayPal Top List of Companies Paying Bug Bounties π΄
π Read
via "Dark Reading: ".
A new report from HackerOne lists the top five companies running bug-hunting programs on the ethical hacking platform.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π Medical Debt Collector Poised to Shutter Following 2018 Breach π
π Read
via "Subscriber Blog RSS Feed ".
A data breach and mounting cybersecurity consulting costs, legal requirements, and regulatory obligations, proved too much for this company to come back from.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Medical Debt Collector Poised to Shutter Following 2018 Breach
A data breach and mounting cybersecurity consulting costs, legal requirements, and regulatory obligations, proved too much for this company to come back from.
β Google Releases Open Source Tool For Computational Privacy β
π Read
via "Threatpost".
Google's new multi-party computation tool allows companies to work together with confidential data sets.π Read
via "Threatpost".
Threat Post
Google Releases Open Source Tool For Computational Privacy
Google's new multi-party computation tool allows companies to work together with confidential data sets.
π΄ Critical Firefox Vuln Used in Targeted Attacks π΄
π Read
via "Dark Reading: ".
Mozilla has released patches for the bug reported by Coinbase.π Read
via "Dark Reading: ".
Darkreading
Critical Firefox Vuln Used in Targeted Attacks
Mozilla has released patches for the bug reported by Coinbase.
π΄ With GDPR's 'Right of Access,' Who Really Has Access? π΄
π Read
via "Dark Reading: ".
How a security researcher learned organizations willingly hand over sensitive data with little to no identity verification.π Read
via "Dark Reading: ".
Dark Reading
With GDPR's 'Right of Access,' Who Really Has Access?
How a security researcher learned organizations willingly hand over sensitive data with little to no identity verification.
β Feds: Cyberattack on NASAβs JPL Threatened Mission-Control Data β
π Read
via "Threatpost".
Rampant security-operations bungling allowed cyberattackers to infiltrate JPL's network, which carries human mission data.π Read
via "Threatpost".
Threat Post
Feds: Cyberattack on NASAβs JPL Threatened Mission-Control Data
Rampant security-operations bungling allowed cyberattackers to infiltrate JPL's network, which carries human mission data.
ATENTIONβΌ New - CVE-2017-14395
π Read
via "National Vulnerability Database".
Auth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Management (AM) 5.0.0-5.1.1 does not correctly validate redirect_uri for some invalid requests, which allows attackers to execute a script in the user's browser via reflected XSS.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-14394
π Read
via "National Vulnerability Database".
OAuth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Management (AM) 5.0.0-5.1.1 does not correctly validate redirect_uri for some invalid requests, which allows attackers to perform phishing via an unvalidated redirect.π Read
via "National Vulnerability Database".
π΄ Inside the FBI's Fight Against Cybercrime π΄
π Read
via "Dark Reading: ".
Heavily outnumbered and outpaced by their targets, small FBI cybersquads have been quietly notching up major wins against online criminals operating out of home and abroad.π Read
via "Dark Reading: ".
Darkreading
Inside the FBI's Fight Against Cybercrime
Heavily outnumbered and outpaced by their targets, small FBI cybersquads have been quietly notching up major wins against online criminals operating out of home and abroad.
β βDeeply personal medicalβ records exposed online β
π Read
via "Naked Security".
The Facebook ad agency xSocialMedia exposed 150K medical histories, along with identifying information for the people involved.π Read
via "Naked Security".
Naked Security
βDeeply personal medicalβ records exposed online
The Facebook ad agency xSocialMedia exposed 150K medical histories, along with identifying information for the people involved.
β Facebookβs Libra cryptocurrency is big news but will it be secure? β
π Read
via "Naked Security".
Unless youβve been under a rock, youβll know that earlier this week Facebook announced plans for a new global cryptocurrency for absolutely everyone called Libra.π Read
via "Naked Security".
Naked Security
Facebookβs Libra cryptocurrency is big news but will it be secure?
Unless youβve been under a rock, youβll know that earlier this week Facebook announced plans for a new global cryptocurrency for absolutely everyone called Libra.
π΄ The Hunt for Vulnerabilities π΄
π Read
via "Dark Reading: ".
A road map for improving the update process will help reduce the risks from vulnerabilities.π Read
via "Dark Reading: ".
Dark Reading
The Hunt for Vulnerabilities
A road map for improving the update process will help reduce the risks from vulnerabilities.
π Why tech was key to the KGB being good at espionage π
π Read
via "Security on TechRepublic".
The KGB Espionage Museum's Agne Urbaityte explains various technologies and methods of eavesdropping used by the intelligence service, including Deadly Kiss and cameras in rings.π Read
via "Security on TechRepublic".
TechRepublic
Why tech was key to the KGB being good at espionage
The KGB Espionage Museum's Agne Urbaityte explains various technologies and methods of eavesdropping used by the intelligence service, including Deadly Kiss and cameras in rings.
π΄ Cybersecurity Accountability Spread Thin in the C-Suite π΄
π Read
via "Dark Reading: ".
While cybersecurity discussions have permeated board meetings, the democratization of accountability has a long way to go.π Read
via "Dark Reading: ".
Dark Reading
Cybersecurity Accountability Spread Thin in the C-Suite
While cybersecurity discussions have permeated board meetings, the democratization of accountability has a long way to go.
π How to respond to phishing emails: 6 steps for G Suite admins π
π Read
via "Security on TechRepublic".
Here are steps G Suite administrators should take when a phishing email gets through to an account.π Read
via "Security on TechRepublic".
TechRepublic
How to respond to phishing emails: 6 steps for G Suite admins
Here are steps G Suite administrators should take when a phishing email gets through to an account.
π How KGB agents were invisible spies π
π Read
via "Security on TechRepublic".
Dan Patterson interviews the KGB Espionage Museum's Agne Urbaityte about how agents in the field would blend in with their environment in order to spy.π Read
via "Security on TechRepublic".
TechRepublic
How KGB agents were invisible spies
Dan Patterson interviews the KGB Espionage Museum's Agne Urbaityte about how agents in the field would blend in with their environment in order to spy.
β Google launches new Chrome protection from bad URLs β
π Read
via "Naked Security".
The "Suspicious Site Reporter" extension lets users easily report dubious sites, while a new warning flags potential typosquatting pages.π Read
via "Naked Security".
Naked Security
Google launches new Chrome protection from bad URLs
The βSuspicious Site Reporterβ extension lets users easily report dubious sites, while a new warning flags potential typosquatting pages.
β Update Firefox now! Zero-day found in the wild β
π Read
via "Naked Security".
Mozilla has fixed a critical zero-day bug in the latest point releases of the Firefox web browser.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π KGB agents' wearables: Watches, cufflinks, shoes, and more π
π Read
via "Security on TechRepublic".
The KGB Espionage Museum's curator Agne Urbaityte describes how agents concealed spying devices in what they wore when working in the field.π Read
via "Security on TechRepublic".
TechRepublic
KGB agents' wearables: Watches, cufflinks, shoes, and more
The KGB Espionage Museum's curator Agne Urbaityte describes how agents concealed spying devices in what they wore when working in the field.