ATENTIONβΌ New - CVE-2017-14395
π Read
via "National Vulnerability Database".
Auth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Management (AM) 5.0.0-5.1.1 does not correctly validate redirect_uri for some invalid requests, which allows attackers to execute a script in the user's browser via reflected XSS.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-14394
π Read
via "National Vulnerability Database".
OAuth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Management (AM) 5.0.0-5.1.1 does not correctly validate redirect_uri for some invalid requests, which allows attackers to perform phishing via an unvalidated redirect.π Read
via "National Vulnerability Database".
π΄ Inside the FBI's Fight Against Cybercrime π΄
π Read
via "Dark Reading: ".
Heavily outnumbered and outpaced by their targets, small FBI cybersquads have been quietly notching up major wins against online criminals operating out of home and abroad.π Read
via "Dark Reading: ".
Darkreading
Inside the FBI's Fight Against Cybercrime
Heavily outnumbered and outpaced by their targets, small FBI cybersquads have been quietly notching up major wins against online criminals operating out of home and abroad.
β βDeeply personal medicalβ records exposed online β
π Read
via "Naked Security".
The Facebook ad agency xSocialMedia exposed 150K medical histories, along with identifying information for the people involved.π Read
via "Naked Security".
Naked Security
βDeeply personal medicalβ records exposed online
The Facebook ad agency xSocialMedia exposed 150K medical histories, along with identifying information for the people involved.
β Facebookβs Libra cryptocurrency is big news but will it be secure? β
π Read
via "Naked Security".
Unless youβve been under a rock, youβll know that earlier this week Facebook announced plans for a new global cryptocurrency for absolutely everyone called Libra.π Read
via "Naked Security".
Naked Security
Facebookβs Libra cryptocurrency is big news but will it be secure?
Unless youβve been under a rock, youβll know that earlier this week Facebook announced plans for a new global cryptocurrency for absolutely everyone called Libra.
π΄ The Hunt for Vulnerabilities π΄
π Read
via "Dark Reading: ".
A road map for improving the update process will help reduce the risks from vulnerabilities.π Read
via "Dark Reading: ".
Dark Reading
The Hunt for Vulnerabilities
A road map for improving the update process will help reduce the risks from vulnerabilities.
π Why tech was key to the KGB being good at espionage π
π Read
via "Security on TechRepublic".
The KGB Espionage Museum's Agne Urbaityte explains various technologies and methods of eavesdropping used by the intelligence service, including Deadly Kiss and cameras in rings.π Read
via "Security on TechRepublic".
TechRepublic
Why tech was key to the KGB being good at espionage
The KGB Espionage Museum's Agne Urbaityte explains various technologies and methods of eavesdropping used by the intelligence service, including Deadly Kiss and cameras in rings.
π΄ Cybersecurity Accountability Spread Thin in the C-Suite π΄
π Read
via "Dark Reading: ".
While cybersecurity discussions have permeated board meetings, the democratization of accountability has a long way to go.π Read
via "Dark Reading: ".
Dark Reading
Cybersecurity Accountability Spread Thin in the C-Suite
While cybersecurity discussions have permeated board meetings, the democratization of accountability has a long way to go.
π How to respond to phishing emails: 6 steps for G Suite admins π
π Read
via "Security on TechRepublic".
Here are steps G Suite administrators should take when a phishing email gets through to an account.π Read
via "Security on TechRepublic".
TechRepublic
How to respond to phishing emails: 6 steps for G Suite admins
Here are steps G Suite administrators should take when a phishing email gets through to an account.
π How KGB agents were invisible spies π
π Read
via "Security on TechRepublic".
Dan Patterson interviews the KGB Espionage Museum's Agne Urbaityte about how agents in the field would blend in with their environment in order to spy.π Read
via "Security on TechRepublic".
TechRepublic
How KGB agents were invisible spies
Dan Patterson interviews the KGB Espionage Museum's Agne Urbaityte about how agents in the field would blend in with their environment in order to spy.
β Google launches new Chrome protection from bad URLs β
π Read
via "Naked Security".
The "Suspicious Site Reporter" extension lets users easily report dubious sites, while a new warning flags potential typosquatting pages.π Read
via "Naked Security".
Naked Security
Google launches new Chrome protection from bad URLs
The βSuspicious Site Reporterβ extension lets users easily report dubious sites, while a new warning flags potential typosquatting pages.
β Update Firefox now! Zero-day found in the wild β
π Read
via "Naked Security".
Mozilla has fixed a critical zero-day bug in the latest point releases of the Firefox web browser.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π KGB agents' wearables: Watches, cufflinks, shoes, and more π
π Read
via "Security on TechRepublic".
The KGB Espionage Museum's curator Agne Urbaityte describes how agents concealed spying devices in what they wore when working in the field.π Read
via "Security on TechRepublic".
TechRepublic
KGB agents' wearables: Watches, cufflinks, shoes, and more
The KGB Espionage Museum's curator Agne Urbaityte describes how agents concealed spying devices in what they wore when working in the field.
β Cisco DNA Center Critical Flaw Opens Access to Internal Servers β
π Read
via "Threatpost".
Cisco has patched a slew of critical and high-severity flaws in its DNA Center and SD-WAN.π Read
via "Threatpost".
Threat Post
Cisco DNA Center Critical Flaw Opens Access to Internal Services
Cisco has patched a slew of critical and high-severity flaws in its DNA Center and SD-WAN.
π The KGB's eavesdropping and spying devices in everyday items π
π Read
via "Security on TechRepublic".
The KGB Espionage Museum's curator Agne Urbaityte explains why and how plates and ashtrays were used as eavesdropping and spying devices.π Read
via "Security on TechRepublic".
TechRepublic
The KGB's eavesdropping and spying devices in everyday items
The KGB Espionage Museum's curator Agne Urbaityte explains why and how plates and ashtrays were used as eavesdropping and spying devices.
π Why tech was key to the KGB being good at espionage π
π Read
via "Security on TechRepublic".
The KGB Espionage Museum's Agne Urbaityte explains various technologies and methods of eavesdropping used by the intelligence service, including Deadly Kiss and cameras in rings.π Read
via "Security on TechRepublic".
TechRepublic
Why tech was key to the KGB being good at espionage
The KGB Espionage Museum's Agne Urbaityte explains various technologies and methods of eavesdropping used by the intelligence service, including Deadly Kiss and cameras in rings.
β Tor Browser Issues Update for Critical System Takeover Flaw β
π Read
via "Threatpost".
The update patches critical flaw (CVE-2019-11707), a type confusion vulnerability in the Mozilla Firefox code that Tor uses.π Read
via "Threatpost".
Threat Post
Tor Browser Issues Update for Critical System Takeover Flaw
The update patches critical flaw (CVE-2019-11707), a type confusion vulnerability in the Mozilla Firefox code that Tor uses.
π΄ 7 2019 Security Venture Fund Deals You Should Know π΄
π Read
via "Dark Reading: ".
2019 has, so far, been a busy year for venture capitalists in the security industry. Here are 7 funding rounds important because of the technologies or market trends they represent.π Read
via "Dark Reading: ".
Dark Reading
7 2019 Security Venture Fund Deals You Should Know
2019 has, so far, been a busy year for venture capitalists in the security industry. Here are 7 funding rounds important because of the technologies or market trends they represent.
π΄ Machine Learning Boosts Defenses, But Security Pros Worry Over Attack Potential π΄
π Read
via "Dark Reading: ".
As defenders increasingly use machine learning to remove spam, catch fraud, and block malware, concerns persist that attackers will find ways to use AI technology to their advantage.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
ATENTIONβΌ New - CVE-2017-17944
π Read
via "National Vulnerability Database".
The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation.π Read
via "National Vulnerability Database".
π΄ Small Businesses May Not Be Security's Weak Link π΄
π Read
via "Dark Reading: ".
Organizations with 250 or fewer employees often employ a higher percentage of security pros than their larger counterparts.π Read
via "Dark Reading: ".
Dark Reading
Small Businesses May Not Be Security's Weak Link
Organizations with 250 or fewer employees often employ a higher percentage of security pros than their larger counterparts.